Purpose made HTTP Docker file setup for hosting exploits for the web browser for Sony PlayStation devices and the Nintendo Wii/WiiU/Switch. This essentially has to be used with the Exploit Host DNS component. It's possible to use it "standalone", but will require something to make the browser send the correct Host header with it's HTTP(S) requests.
When used in conjunction with Exploit Host DNS following features are available:
- Enables internet speed tests
- Enables serving custom system updates
- Hijacks system update feature pages
- Hijacks default browser landing pages (Connection Tests, User's Manuals, and Browser Homepages)
- Redirect is cached (It is not cached on PS5 as it becomes permanent)
- Prepackaged with the latest Exploit Host website
- Can redirect to an external page, to a self hosted site, or to the included Exploit Host website
This is setup to work right out of the box with Exploit Host DNS. There are a lot of options for your individual hosting wants/needs; however, I'll only show the basic usage here.
This command will always pull the latest image from Docker Hub, run on the main Docker bridge network, and it will restart if it's not running until you explicitly tell it to stop.
docker run -d --network bridge -p 80:80/tcp -p 443:443/tcp --restart unless-stopped --pull always alazif/exploit-host-http:latest
This composer file will do the same as the command above.
---
version: "3.8"
services:
exploit-host-http:
image: alazif/exploit-host-http:latest
network_mode: bridge
ports:
- 80:80/tcp
- 443:443/udp
pull_policy: always
restart: unless-stoppedStart the compose file by calling docker compose up -d from the same location as the composer file.
| Option | Default | Type | Info |
|---|---|---|---|
| DEBUG | false |
boolean | Show debug output for entrypoint.sh in the Docker log. |
| REDIRECT_TYPE | http |
string | The protocol that is used for the hijacked landing page redirect. Valid values are http and https. |
| ROOT_DOMAIN | the.gate |
string | The root domain that is used for hijacked landing page redirect. This is ONLY the domain itself. |
| ROOT_DOMAIN_PATH | none | string | Additional path to append to root domain for redirect. If needed you can add an alternative port here as well. |
| HIJACK_URL | none | string | Rather than hosting the hijacked landing page just redirect the request to another domain hosted elsewhere. If this is set, ROOT_DOMAIN and ROOT_DOMAIN_PATH are ignored. |
| NGINX_ACCESS_LOG | false |
boolean | Enables the NGINX access log, located at /var/log/nginx/access.log |
| NGINX_ERROR_LOG | false |
boolean | Enables the NGINX error log, located at /var/log/nginx/error.log |
| NGINX_ERROR_LOG_LEVEL | warn |
string | The error log level for the NGINX error log. Valid values are debug, info, notice, warn, error, crit, alert, emerg. Ignored if NGINX_ERROR_LOG is false. |
| TLS | self |
string | Valid values are self, letsencrypt, and mount. |
| CF_IP_CORRECTION | false |
boolean | Automatically correct CloudFlare IP addresses to the real IP address for logging. |
| CF_STRICT | false |
boolean | |
| OCSP_STAPLING | false |
boolean | |
| SEVER_HASH_BUCKET_SIZE_OVERRIDE | false |
boolean | Overrides the server_names_hash_bucket_size option in NGINX to be 64. Some systems have 32 as the default and that is not enough for our usage. |
- Verify
TLSoptions work as expected, I believe certbot for letsencrypt has changed. - Make healthcheck.sh
- Verify
CF_STRICTstill works as expected and hasn't changed.