A long time ago I decided to mess around with the redirect_program feature of squid. If you’re not familar with squid I suggest looking up the wiki on it http://en.wikipedia.org/wiki/Squid_(software).

What exactly does redirect_program do? No one knows for sure, some say that it is the very reason the internet works, while others speculate that the previous statement is nothing but rubish. The world may never know, however just because we don’t know what it does doesn’t mean we can’t use it!

Ok but seriously what does the redirect_program tag actually allow us to do. This tag is used to specify the location of the executable for the URL redirector. So you can basicaly create a program that can rewrite the requested URLs that are passing though squid. So one could play around with the data that is passing though squid pretty much on the fly. What is great about it, is that it’s very easy to program for and has many real world uses.

None of which we will talk about here.

So being who I am, and knowing what I do. I decided to create a script that would take the data that users are getting and replace it with my own files. Because everyone and anyone was getting rick rolled or rick rolling others, I decided that I would make a proxy that would rick roll the user in just about
any way possible.

Thus the rick roll perl script for squid redirect_program was created. Or RRR for short. It can actually stand for 2 things there, Rick Roll Redirect or Rick Roll pRoxy. The choice is yours, I normally just call it the Rick Roll Proxy. But the name means nothing.

Now this is all fun but you need to actually edit your victims proxy settings if you want them to go though your proxy… at least if you don’t “OWN” the network. So while normally running this script on a squid box with apache is enough, I decided it would work best if we didn’t give the users a choice in
the matter.

So I’ve put together some iptable rules that one can run on just about any router that accepts them to force the users to use the proxy. What is nice about this is that it can be started and stopped as often as you want. So you could create a rule to start rick rolling everyone on the network for 1 minute
every hour. Or just have it on all the time.

The 2 scripts you’ll need are located at:

http://haxbyjaku.com/rrrproxy/

The first one is the iptable rules (proxy.sh), and the second is the redirect_program (rrr.pl) that you will want to call in squid. To enable the redirect_program tag simply open up your squid config (normally /etc/squid.conf or /etc/squid/squid.conf) and find the commented out part of redirect_program. Uncomment it and give it the path to the file. (Make sure it has access) And then restart squid.

Now doing that is not all you need to do. In the rrr.pl file you’ll notice a variable called “$server”, this by default will call the files from my site. All located at http://haxbyjaku.com/rrrproxy/ however, if you want to add your own files or keep it going as fast as possible you’ll want to store the files locally on the server running apache or some other web service.

Now, with that setup and running anyone using your proxy will get the files listed in the rrr.pl file replaced with files related to a rick roll, or anything you might of replaced them with. However, like we mentioned that is only if they change their proxy settings. So the next step that you’re gonna want to do is run the proxy.sh script on your iptables based router. Or create your own rules if you have something else.

I use a wrt54gs at home which is running dd-wrt. So all I have to do is SSH in edit a few of the variables in the proxy.sh file, and execute it. After about 2 seconds anyone on the network that is browsing the web will start to get their files replaced automatically.

You’re going to want to edit 3 or 4 variables in the proxy.sh file. The first one being the “INTERNAL_NETWORK” this should match your internal network IP range. Most routers use the default one mentioned in the file, but it could be anything.

The 2nd variable is the “ROUTER_IP”. This is the main private IP of the router. If this is not correct then you can cause your entire network to fail until you either reboot the router or disable the iptable rule.

The 3rd and 4th varibles will be the PROXY_SERVER, and PROXY_PORT. Make sure you put the correct IP and PORT in otherwise it will not work. These should be the settings you use for your squid proxy. The IP could be the same as the ROUTER_IP variable or even the same IP you specfied in the rrr.pl for the SERVER_IP. It could even be different then both of those. I’ll let you decide on what IP it should be.

After that run the script and you’re all set to go. Anyone on the network should be getting their files replaced with the rickroll files and you should get a huge laugh out of it. I highly suggest setting up your own webserver with the files, but I understand not everyone has space where they could store them.

However, I’m not gonna include how you should setup your web server if you have access to one, you should already know how to do that especially you’re gonna start messing around with proxies and re-writing traffic. But if you really can’t figure it out and you need help, send me a message and I’ll help you out as best as I can.

I also used to have a VMware image that had the proxy and all software setup and ready for use, however because it had gotten used for more and more projects I’m unwilling to release it at this time. If there is a big enough response on it I will re-create it and distribute it. I hope you are able to understand this post and include some rick rolls in others lives with the information you received.