Hello,

I am taking an online pen testing class and the current assignment is to implement a program (googleSearch.pl) on another machine on my network. I am running Kali on a dual boot machine with Mint. In Kali I have installed Squid 4.6 and Apache2.

In squid.conf I received issues when changing http_port 3128 to 'transparent'. I left it as is, and added a port 3129 as transparent. Squid starts fine now.

I added 'url_rewrite_program /root/Files/googleSearch.pl' to the EOF of squid.conf. After starting squid and apache2 (not sure yet what apache2 does) and arpspoofing target pc (port 80 to port 3129) the target machine is definiteley arpspoofed (it is a Windows 10 machine and arp -a shows duplicate physical addresses, so I think that part is fine).

The .pl is supposed to append text to the end of search queries (i.e.'espn' becomes 'espn in my pants'). It does not. I am wondering if I have done something wrong or if the .pl is not working correctly. My programming experience is primarily in Java, but Perl isn't that complicated and the code makes sense to me.

The changes I made to squid.conf are:

uncommented 'acl localnet src 192.168.1.1/16'
uncommented 'http_access allow localnet'
added 'http_port 3129 transparent'
left 'http_port 3128' unedited and UNcommented
added 'url_rewrite_program /root/Files/googleSearch.pl' to EOF

Changes to nat:

iptables -t nat -A PREROUTING -i wlan1 -p tcp --dport 80 -j REDIRECT --to-port 3129
echo 1 > /proc/sys/net/ipv4/ip_forward
iptables -I INPUT -p tcp --dport 3129 -j ACCEPT

I am doing this wirelessly but on my own network to which the target machine is also connected.

Any help would certainly be appreciated.

Thank you so much. I just joined this community as I have heard it is a great place to go for linux help.