• Changing RCF's index page, please click on "Forums" to access the forums.

FU HULU

Do Not Sell My Personal Information
Yes, you can mask both the HTTP header and the OUI (Organizationally Unique Identifier) of the device MAC address (the first three octets which identify the manufacturer of the NIC used in the device).

You can do this either from your router if you have a good Linux based router with shell access (like a DD-WRT flashed device) or you can use any PC or r-pi device on your network using ICS, or a proxy to filter the packets between devices.

But the easiest way to do this is to setup a proxy (you can set one up on your router too!). Then just point your device to the proxy and from there you can do all the packet manipulation/filtering that you need.

It sounds complex, but believe me it's not, especially if you use DD-WRT or really any Linux device (including Android) as a point on the network where packets pass through whether that's a router or another computer.

From there, the easiest is to just use squid to mask the user-agent.

On latest versions of squid you can use something like this to make traffic look like it's coming from a PS4:

request_header_access User-Agent deny all
request_header_replace User-Agent Mozilla/5.0 (PlayStation 4 1.52) AppleWebKit/536.26 (KHTML, like Gecko)

You can customize this so that you use a PS4 MAC by spoofing the first 6 characters (3 octets) of your MAC address to: B0 05 94 ...

So now any device looks like a PS4... ;)

Now this only works for non-TLS traffic. For TLS traffic you need to add another method called a Man-In-The-Middle attack/hack. You've got two options here...

If your device supports proxies, which most devices do, and Hulu will respect your proxy connection, then you can set up squid somewhere on your network and just use it as a proxy, and also setup SSLsplit with mitmproxy as well; this will get you a decrypted stream that you can modify and re-encrypt to defeat TLS.

If your device doesn't support proxies, you'll need to route traffic to another device that can run these Linux applications (your router, or another PC then loopback to router)

You'd use SSLsplit and another program paired with it depending upon how you'd wanna proceed but this is likely unnecessary and really only if you HAD to use TLS for Hulu, which I doubt you do -- you could try to block outbound traffic on port 443 and that might make Hulu not use encryption?

Hope this gives you some ideas.. Happy hacking! ;)

Doesn't apply to me, or help me at all. But I fucking love you.
 
Yes, you can mask both the HTTP header and the OUI (Organizationally Unique Identifier) of the device MAC address (the first three octets which identify the manufacturer of the NIC used in the device).

You can do this either from your router if you have a good Linux based router with shell access (like a DD-WRT flashed device) or you can use any PC or r-pi device on your network using ICS, or a proxy to filter the packets between devices.

But the easiest way to do this is to setup a proxy (you can set one up on your router too!). Then just point your device to the proxy and from there you can do all the packet manipulation/filtering that you need.

It sounds complex, but believe me it's not, especially if you use DD-WRT or really any Linux device (including Android) as a point on the network where packets pass through whether that's a router or another computer.

From there, the easiest is to just use squid to mask the user-agent.

On latest versions of squid you can use something like this to make traffic look like it's coming from a PS4:

request_header_access User-Agent deny all
request_header_replace User-Agent Mozilla/5.0 (PlayStation 4 1.52) AppleWebKit/536.26 (KHTML, like Gecko)

You can customize this so that you use a PS4 MAC by spoofing the first 6 characters (3 octets) of your MAC address to: B0 05 94 ...

So now any device looks like a PS4... ;)

Now this only works for non-TLS traffic. For TLS traffic you need to add another method called a Man-In-The-Middle attack/hack. You've got two options here...

If your device supports proxies, which most devices do, and Hulu will respect your proxy connection, then you can set up squid somewhere on your network and just use it as a proxy, and also setup SSLsplit with mitmproxy as well; this will get you a decrypted stream that you can modify and re-encrypt to defeat TLS.

If your device doesn't support proxies, you'll need to route traffic to another device that can run these Linux applications (your router, or another PC then loopback to router)

You'd use SSLsplit and another program paired with it depending upon how you'd wanna proceed but this is likely unnecessary and really only if you HAD to use TLS for Hulu, which I doubt you do -- you could try to block outbound traffic on port 443 and that might make Hulu not use encryption?

Hope this gives you some ideas.. Happy hacking! ;)
wouldn't this break go google playstore?
 

Rubber Rim Job Podcast Video

Episode 3-13: "Backup Bash Brothers"

Rubber Rim Job Podcast Spotify

Episode 3:11: "Clipping Bucks."
Top