Skip to content

izvestiya/LicensR

BranchesTags

Repository files navigation

LicensR

The world's most agreeable license server.

LicensR is a mock API environment that runs a local DNS interceptor and HTTPS/HTTP server. When an application phones home to validate its license, LicensR redirects the request to a local server that, purely by coincidence, always responds with good news.

LicensR does not modify, patch, reverse-engineer, or redistribute any application code. It simply provides a network environment where license servers happen to be very supportive.

How It Works

  1. A .egg file defines which domain and route an app uses for license validation, and what a valid response looks like.
  2. LicensR spins up a DNS server that redirects those domains to 127.0.0.1.
  3. A local Express server catches the request on HTTP and HTTPS, then responds with whatever the egg says.
  4. The app thinks it talked to the real server. The real server never even knew.

Quick Start

npm install
node index.js

Then point your system or application DNS to 127.0.0.1#1984 (or whatever port you configure).

Egg Format

Place .egg files in the eggs/ directory:

{
    "url": "https://example.com",
    "method": "GET",
    "path": "/api/data",
    "headers": {
        "Content-Type": "application/json"
    },
    "response": {
        "key": "value"
    }
}

url is the domain the app phones home to. path is the route to intercept. method is the HTTP method. headers are the response headers. response is what gets sent back.

Configuration

All configuration lives in config.json:

{
    "dns": {
        "port": 1984,
        "upstream": "1.1.1.1",
        "override": "127.0.0.1"
    },
    "egg": {
        "directory": "eggs",
        "extension": ".egg"
    },
    "express": {
        "http": 80,
        "https": 443
    }
}

dns.port is the port the DNS interceptor listens on. dns.upstream is where non-overridden queries get forwarded. dns.override is the IP that overridden domains resolve to. egg.directory and egg.extension control where eggs are loaded from. express.http and express.https are the ports the license API listens on.

SSL

LicensR automatically generates a self-signed certificate on first run if one doesn't exist. Apps that have their DNS pointed at LicensR can't reach a CA to validate certs anyway, so this works out fine.

Testing

With LicensR running:

dig @127.0.0.1 -p 1984 example.com
curl --resolve example.com:80:127.0.0.1 http://example.com/api/data
curl --resolve example.com:443:127.0.0.1 -k https://example.com/api/data

Legal

This tool modifies network routing, not application code. Whether that matters to your specific license agreement is between you and your lawyer. LicensR is provided as-is for educational and research purposes.

The author(s) take no responsibility for how you use this tool. But we do think it's funny.

License

MIT

About

Yes Man as a Service

Topics

nodejs dns express self-hosted educational license network-security mock-api security-research

Resources

Readme
Activity

Stars

70 stars

Watchers

3 watching

Forks

5 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

No contributors