Jin_Mataaka
Eternal Poster
- Joined
- Feb 17, 2016
- Posts
- 831
- Reaction
- 1,215
- Points
- 349
Good day PHC!
Today I will share the way kung pano ako gumagawa ng payload.
Requirements:
Talas ng Isip
Mahabang pasensya
Notes:
Host URL used in this example is google based.
SIM used: TM (no regular load and promo)
APN used: Default
Okay, since alam niyo na ang pinaka basic sa paggawa ng ehi config, from creating an ssh account to what and where to put values. Diretso na tayo.
First.
Look for a host for your payload.
Example: m.google.com
or you can look for a more unique host.
How?
Use a reverse IP look up tool.
Here is an example of a website which has a reverse ip tool:
You do not have permission to view the full content of this post. Log in or register now.
Just query your favorite website/host, then it will show you all websites hosted by the same domain. Then choose ONE.
Second:
Look for a working Remote Proxy.
How?
Search it on google, it's free.
Ex. You do not have permission to view the full content of this post. Log in or register now.
*You can also use a Squid proxy from your favorite SSH hosting website.
*Always check your proxy status for better connection.
How?
Search "proxy checker" on google, it's free.
Ex. You do not have permission to view the full content of this post. Log in or register now.
Let's use the Host Checker from the HTTP Injector itself, to know what response header that your host will return to your proxy.
Screenshot:
This status may give you trouble connecting.
Also notice the Connection status, "Keep-alive".
I personally choose host with "Connection: keep-alive" in its header, because it means that,when the host recieved a request and granted a connection, it will keep the gateway open until the client will close it.
Status 301 Move Permanently means, the host either redirect you to its main domain or your local ip/remote proxy is blacklisted/blocked from accessing the host.
So we need to set our payload correctly.
How do we know?
We MUST AVOID seeing the "Status 301" or any other status aside from Status 200, in our log. So keep on trying until the Status 301 is eliminated.
*You can also try different request aside from GET in Host Checker, you might run into a status 200 response. That way, you will have an idea what request to use and avoid.
Fourth.
Set your payload.
Screenshot:
Setting that returned status 301 (Wrong method)
What does it mean? It means that your settings is wrong.
You might say that it doesnt matter as long as it is connected. But NO, based on my experience, my config that has a different status aside from Status 200, did not work on others and has disconnection issues.
Also, it does not mean that your settings is faster than Status 200, or you may think and feel that its cool. Then you're wrong. An error is always an error, and say thank you to http injector for correcting you.
Screenshot:
Setting that returned Status 200 at first response (Correct method)
If we go back to the Host Checker, the "content type" says "txt/html" and no more other content (cøøkíés, complex caching method etc) status or header fields indicating a complex data are displayed. It means this host does not contain any complicated codes(php,flash,databases etc). So it is not neccessary to use GET or any method to request for a complicated response, a simple CONNECTion is enough for the host to establish a successful handshake.
If you are still getting an error after using all the request methods. Its tme for you to experiment with extra options.
Read below.
Personal experience is mas mabilis mag-inject ang status 200 na setting kesa sa ibang status.
Another Note: Kelangan mo ng internet connection pag gumamit ng host checker at sa paghahanap ng mga host at proxy.
Disclaimer: This tutorial does not guarantee you a free working internet from any ISP. This only serves as a guideline for you to explore on how to make it free that comes with your effort. More power to the army!
*Kung my naiasulat man ako na may kaparehong post or may naunang thread, I give credit to all of them. I made this solely based on my own venture.
Thank you for reading! Goodluck!
Remember you are a human,
the highest being in the animal kingdom,
not a sponge.
Today I will share the way kung pano ako gumagawa ng payload.
Requirements:
Talas ng Isip
Mahabang pasensya
Notes:
Host URL used in this example is google based.
SIM used: TM (no regular load and promo)
APN used: Default
Okay, since alam niyo na ang pinaka basic sa paggawa ng ehi config, from creating an ssh account to what and where to put values. Diretso na tayo.
First.
Look for a host for your payload.
Example: m.google.com
or you can look for a more unique host.
How?
Use a reverse IP look up tool.
Here is an example of a website which has a reverse ip tool:
You do not have permission to view the full content of this post. Log in or register now.
Just query your favorite website/host, then it will show you all websites hosted by the same domain. Then choose ONE.
Second:
Look for a working Remote Proxy.
How?
Search it on google, it's free.
Ex. You do not have permission to view the full content of this post. Log in or register now.
*You can also use a Squid proxy from your favorite SSH hosting website.
*Always check your proxy status for better connection.
How?
Search "proxy checker" on google, it's free.
Ex. You do not have permission to view the full content of this post. Log in or register now.
Third:
Let's use the Host Checker from the HTTP Injector itself, to know what response header that your host will return to your proxy.
Screenshot:
As shown above, the host reponded status 301 Moved Permanently with GET request method. So if you use the GET request in generating your payload, you will get the same response. Now, you have an idea what to avoid.
This status may give you trouble connecting.
Also notice the Connection status, "Keep-alive".
I personally choose host with "Connection: keep-alive" in its header, because it means that,when the host recieved a request and granted a connection, it will keep the gateway open until the client will close it.
Status 301 Move Permanently means, the host either redirect you to its main domain or your local ip/remote proxy is blacklisted/blocked from accessing the host.
So we need to set our payload correctly.
How do we know?
We MUST AVOID seeing the "Status 301" or any other status aside from Status 200, in our log. So keep on trying until the Status 301 is eliminated.
*You can also try different request aside from GET in Host Checker, you might run into a status 200 response. That way, you will have an idea what request to use and avoid.
Fourth.
Set your payload.
Screenshot:
Setting that returned status 301 (Wrong method)
The log shows a successful connection because the HTTP injector, resend another request, a correct request for status 200.
What does it mean? It means that your settings is wrong.
You might say that it doesnt matter as long as it is connected. But NO, based on my experience, my config that has a different status aside from Status 200, did not work on others and has disconnection issues.
Also, it does not mean that your settings is faster than Status 200, or you may think and feel that its cool. Then you're wrong. An error is always an error, and say thank you to http injector for correcting you.
Screenshot:
Setting that returned Status 200 at first response (Correct method)
So, here we have a status 200. As you can see I used the CONNECT request method. The most common and simple type of method. How did I know that I need to use this type of method to get a status 200 response.
If we go back to the Host Checker, the "content type" says "txt/html" and no more other content (cøøkíés, complex caching method etc) status or header fields indicating a complex data are displayed. It means this host does not contain any complicated codes(php,flash,databases etc). So it is not neccessary to use GET or any method to request for a complicated response, a simple CONNECTion is enough for the host to establish a successful handshake.
If you are still getting an error after using all the request methods. Its tme for you to experiment with extra options.
Read below.
EDIT 1:
As a summary, to save you time, look for a good proxy then find an alive host that returns status 200. So you won't waste your time experimenting your payload string.
If you are wondering what to tick and not in the payload generator, well I myself with all honesty cannot translate it into human words.
So, ayan lang po. Kayo na lang ang humusga. Di ko na eexplain kung pano ko kinalikot ang Payload, kasi random trial and error yan. Haha Pinakita ko lang kung paano mag base ng Payload sa response header. Hindi din po ako experto, so pag pasensyahan niyo na kung my mali akong naisulat, at mas mabuti kung i-correct niyo. Im glad to learn.
Personal experience is mas mabilis mag-inject ang status 200 na setting kesa sa ibang status.
Another Note: Kelangan mo ng internet connection pag gumamit ng host checker at sa paghahanap ng mga host at proxy.
Disclaimer: This tutorial does not guarantee you a free working internet from any ISP. This only serves as a guideline for you to explore on how to make it free that comes with your effort. More power to the army!
*Kung my naiasulat man ako na may kaparehong post or may naunang thread, I give credit to all of them. I made this solely based on my own venture.
Questions? Drop it in the comment box. I'll try my best to answer it.
Thank you for reading! Goodluck!
Remember you are a human,
the highest being in the animal kingdom,
not a sponge.
Last edited: