安全矩阵

 找回密码
 立即注册
搜索
查看: 2903|回复: 0

基于ProxyPool创建Proxifier代理配置文件

[复制链接]

855

主题

862

帖子

2940

积分

金牌会员

Rank: 6Rank: 6

积分
2940
发表于 2021-8-18 09:12:34 | 显示全部楼层 |阅读模式
原文链接:基于ProxyPool创建Proxifier代理配置文件

1
前言
    刚开始学习安全渗透,想着用御剑去扫后台目录看有没有后台登录入口。扫着扫着我发现不能访问网站,浏览器界面提示访问重定向。问群里的大神才知道是 waf把此IP的请求给拦截,那就弄个代理池。不是单一IP地址进行访问,不会被waf拦截了吧!

2
环境搭建
    使用github开源ProxyPool项目进行免费的代理IP进行收集、进行可用性验证。将已经验证过代理链接信息保存在Redis数据库中。并且支持docker部署
ProxyPool链接:https://github.com/jhao104/proxy_pool
2.1安装Redis 数据库参考链接:https://www.cnblogs.com/hunanzp/p/12304622.html
2.2Redis 遇到的坑
  1. #修改redis.conf配置文件后需要重启redis服务
  2. requirepass ""
  3. #设置非密码访问,也可以注释掉。
  4. #取消redis安全模式
  5. #bind 127.0.0.1
  6. #取消只能本地链接
  7. daemonizeno
  8. #Redis默认不是以守护进程的方式运行,可以通过该配置项修改,使用yes启用守护进程,设置为no
  9. protected-modeno
  10. #保护模式
复制代码

2.3安装拉取ProxyPool dockerdocker 安装方法请自行百度或谷歌
Docker运行
  1. dockerpull jhao104/proxy_pool --拉取镜像
  2. dockerrun --env DB_CONN=redis://:password@ip:port/db -p 5010:5010jhao104/proxy_pool:latest --运行ProxyPool
复制代码

样例:
  1. docker run --en vDB_CONN=redis://:redis数据库密码(不要设置密码,后续执行创建Proxifier配置文件python脚本,使用非认证操作)@ip:port/数据库序号(可以默认写0)-p5010:5010 jhao104/proxy_pool:latest
  2. docker run --env DB_CONN=redis://:@192.168.10.20:6379/0 -p 5010:5010jhao104/proxy_pool:lates
复制代码



RedisDesktopManager截图

2.4安装ProxifierProxifier下载链接
傻瓜式安装、汉化版本
2.5Proxifier配置
开启HTTP代理服务器设置,因为有一些代理ip是走HTTP协议的。而Proxifier默认只支持HTTPS协议


2.6 Proxifier配置文件生成运行环境:Python3.6
模块:Redis,json,ElementTree
  1. # -*- coding:utf8 -*-
  2. import redis
  3. import json
  4. from xml.etree import ElementTree

  5. def RedisProxyGet():
  6.     ConnectString = []
  7.     pool = redis.ConnectionPool(host='192.168.10.20', port=6379, db=0, decode_responses=True)
  8.     use_proxy = redis.Redis(connection_pool=pool)
  9.     key = use_proxy.hkeys('use_proxy')
  10.     for temp in key:
  11.         try:
  12.             ConnectString.append(json.loads(use_proxy.hget('use_proxy',temp)))
  13.         except json.JSONDecodeError: # JSON解析异常处理
  14.             pass
  15.     return ConnectString

  16. def xmlOutputs(data):
  17.     i = 101
  18.     ProxyIDList = []
  19. # ProxifierProfile根
  20.     ProxifierProfile = ElementTree.Element("ProxifierProfile")
  21.     ProxifierProfile.set("version", str(i))
  22.     ProxifierProfile.set("platform", "Windows")
  23.     ProxifierProfile.set("product_id", "0")
  24.     ProxifierProfile.set("product_minver", "310")

  25. # Options 节点
  26.     Options = ElementTree.SubElement(ProxifierProfile, "Options")

  27.     # Options.Resolve
  28.     Resolve = ElementTree.SubElement(Options, "Resolve")
  29.     # Options.Resolve.AutoModeDetection
  30.     AutoModeDetection = ElementTree.SubElement(Resolve, "AutoModeDetection")
  31.     AutoModeDetection.set("enabled", "false")

  32.     # Options.Resolve.ViaProxy
  33.     ViaProxy = ElementTree.SubElement(Resolve, "ViaProxy")
  34.     ViaProxy.set("enabled", "false")

  35.     # Options.Resolve.ViaProxy.TryLocalDnsFirst
  36.     TryLocalDnsFirst = ElementTree.SubElement(ViaProxy, "TryLocalDnsFirst")
  37.     TryLocalDnsFirst.set("enabled", "false")

  38.     # Options.Resolve.ExclusionList
  39.     ExclusionList = ElementTree.SubElement(Resolve, "ExclusionList")
  40.     ExclusionList.text = "%ComputerName%; localhost; *.local"

  41.     # Options.*
  42.     Encryption = ElementTree.SubElement(Options, "Encryption")
  43.     Encryption.set("mode", 'basic')
  44.     Encryption = ElementTree.SubElement(Options, "HttpProxiesSupport")
  45.     Encryption.set("enabled", 'true')
  46.     Encryption = ElementTree.SubElement(Options, "HandleDirectConnections")
  47.     Encryption.set("enabled", 'false')
  48.     Encryption = ElementTree.SubElement(Options, "ConnectionLoopDetection")
  49.     Encryption.set("enabled", 'true')
  50.     Encryption = ElementTree.SubElement(Options, "ProcessServices")
  51.     Encryption.set("enabled", 'false')
  52.     Encryption = ElementTree.SubElement(Options, "ProcessOtherUsers")
  53.     Encryption.set("enabled", 'false')

  54.     # ProxyList
  55.     ProxyList = ElementTree.SubElement(ProxifierProfile, "ProxyList")
  56.     for temp in data:
  57.         i += 1  # 从101开始增加
  58.         # ProxyList.Proxy
  59.         Proxy = ElementTree.SubElement(ProxyList, "Proxy")
  60.         Proxy.set("id", str(i))

  61.         if not temp['https']:
  62.             Proxy.set("type", "HTTP")
  63.         else:
  64.             Proxy.set("type", "HTTPS")
  65.             Proxy.text = str(i)
  66.             ProxyIDList.append(i)

  67.         # ProxyList.Proxy.Address
  68.         Address = ElementTree.SubElement(Proxy, "Address")
  69.         Address.text = temp['proxy'].split(":", 1)[0]

  70.         # ProxyList.Proxy.Port
  71.         Port = ElementTree.SubElement(Proxy, "Port")
  72.         Port.text = temp['proxy'].split(":", 1)[1]

  73.         # ProxyList.Proxy.Options
  74.         Options = ElementTree.SubElement(Proxy, "Options")
  75.         Options.text = "48"

  76.     # RuleList
  77.     ChainList = ElementTree.SubElement(ProxifierProfile, "ChainList")

  78.     # RuleList.Chain
  79.     Chain = ElementTree.SubElement(ChainList, "Chain")
  80.     Chain.set("id", str(i))
  81.     Chain.set("type", "simple")

  82.     # RuleList.Chain.Name
  83.     Name = ElementTree.SubElement(Chain, "Name")
  84.     Name.text="AgentPool"

  85.     # RuleList.Chain.Proxy
  86.     for temp_id in ProxyIDList:
  87.         Proxy = ElementTree.SubElement(Chain, "Proxy")
  88.         Proxy.set("enabled", "true")
  89.         Proxy.text=str(temp_id)
  90.     # RuleList
  91.     RuleList = ElementTree.SubElement(ProxifierProfile, "RuleList")

  92.     # Rule
  93.     Rule = ElementTree.SubElement(RuleList, "Rule")
  94.     Rule.set("enabled", "true")
  95.     Name = ElementTree.SubElement(Rule,"Name")
  96.     Applications = ElementTree.SubElement(Rule,"Applications")
  97.     Action = ElementTree.SubElement(Rule,"Action")

  98.     Name.text="御剑后台扫描工具.exe [auto-created]"
  99.     Applications.text="御剑后台扫描工具.exe"
  100.     Action.set("type","Direct")

  101.     # Rule
  102.     Rule = ElementTree.SubElement(RuleList, "Rule")
  103.     Rule.set("enabled", "true")
  104.     Name = ElementTree.SubElement(Rule,"Name")
  105.     Targets = ElementTree.SubElement(Rule,"Targets")
  106.     Action = ElementTree.SubElement(Rule,"Action")

  107.     Name.text="Localhost"
  108.     Targets.text="localhost; 127.0.0.1; %ComputerName%"
  109.     Action.set("type", "Direct")

  110.     # Rule
  111.     Rule = ElementTree.SubElement(RuleList, "Rule")
  112.     Rule.set("enabled", "true")
  113.     Name = ElementTree.SubElement(Rule, "Name")
  114.     Action = ElementTree.SubElement(Rule, "Action")
  115.     Name.text = "Default"
  116.     Action.text = "102"
  117.     Action.set("type", "Proxy")

  118.     tree = ElementTree.ElementTree(ProxifierProfile)
  119.     tree.write("ProxifierConf.ppx", encoding="UTF-8", xml_declaration=True)
  120. if __name__ == '__main__':
  121.     proxy_data = RedisProxyGet()
  122.     xmlOutputs(proxy_data)
  123.     print("ProxifierConf.ppx配置文件创建完成....")
复制代码

创建Proxifier配置文件:

redis-to-xml
Proxifier配置文件导入:

开始奔放吧



回复

使用道具 举报

您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

小黑屋|安全矩阵

GMT+8, 2024-11-29 12:53 , Processed in 0.013397 second(s), 18 queries .

Powered by Discuz! X4.0

Copyright © 2001-2020, Tencent Cloud.

快速回复 返回顶部 返回列表