proxify -request-match-replace-dsl "replace(request,'curl','firefox')" -v -hp http://localhost:8080
curl google.com --proxy-insecure -x localhost:8888 -v -L

In the verbose output of proxify the value seems to be changed, but not the actual request.

while I'm trying to setup proxify , I'm faceing this error

and I can't get the cert from http://proxify/cacert.crt

Proxify version

When use socks proxy and access "https://www.google.com" , logs output like "ipaddress_anythinghere.txt".
And i can parse info ipaddress( in file name ), Host (in file content).

But use http proxy , logs output like "domainname_anthinghere.txt", try to pare info from it , just can get Host ,usually the Host equal to domainname so i did not know the traffic send to which ipaddress (which one i want to port scan).

Steps to reproduce:

$ ./proxify -deny 157.240.18.0/24 # proxify
$ echo 157.240.18.34 | ./httpx -proxy http://127.0.0.1:8888/ # httpx using proxify

Expected behavior:

HTTP Proxy Listening on 127.0.0.1:8888
Socks5 Proxy Listening on 127.0.0.1:10080
Saving traffic to logs
2022/03/09 12:11:32 [002] WARN: Cannot read TLS response from mitm'd server denied address found for host

Current behaviour:
Establishes connection to denied target IP

Reference: https://portswigger.net/burp/documentation/desktop/tools/proxy/options/invisible

Show correct DSL signatures. If a user provided an incorrect parameter that has a static type/enum value, provide all the available options.

High level example:

• user input: contains(123)
• expected output: "The correct method signature is contains(partToSearch Part, value string). The correct Part values are: headers, all_headers, body" etc.

Reference: #116 (comment)
Similar functionality implemented in nuclei: projectdiscovery/nuclei#1295

Related to this #29

Additional flag support -vv to include printing binary data.

Please describe your feature request:

Support basic authentication support to proxy servers

Any way to use proxify with an Android or iOS device?

It would be a cool feature to generate OpenAPI/Swagger files from proxied requests. This would help reverse engineering web applications and enable better integrations with other tools that accept such descriptors as input.

There is a similar project written in python:
https://github.com/alufers/mitmproxy2swagger

Proxify version:

dev

Current Behavior:

Miscalculation in dumped response body length

Expected Behavior:

Response body length calculated correctly

Steps To Reproduce:

1. run proxify in a terminal
2. in other terminal, run curl --insecure -x 127.0.0.1:8888 'https://pastebin.com/raw/TYsVwM0n' to ask proxify to write the HTTP request/response file
3. a file like ./logs/pastebin.com*.txt has now been created by proxify
4. observe the chunked length miscalculation:

GET /raw/TYsVwM0n HTTP/1.1
Host: pastebin.com
Accept: */*
User-Agent: curl/7.68.0

HTTP/1.1 200 OK
Transfer-Encoding: chunked
Cache-Control: max-age=1800, must-revalidate
Cf-Cache-Status: MISS
Cf-Ray: 710f4cc23fa97cc5-LAX
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Date: Wed, 25 May 2022 15:28:16 GMT
Expect-Ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires: Sat, 26 Jul 1997 05:00:00 GMT
Last-Modified: Wed, 25 May 2022 15:28:16 GMT
Pragma: no-cache
Server: cloudflare
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
X-Xss-Protection: 1;mode=block

38 <===== Wrong
line1
this is a line containing HTTP/1.1 FOO BAR
line3
0

Anything else:

Reference: projectdiscovery/nuclei#2068 (comment)

I am using WSL kali linux termux with the proxy client that serves proxy to the local host address i.e 172.x.x.x:9050.The issue i am facing with one Linux tool is its not working with that proxy till last month its supporting ,i don't know whether its stops supporting. How can i operate the application /tool with proxy via proxify.

Thanks and Regards .

• AWS
• DO
• GCP

Proxify version:

0.0.7

Current Behavior:

When both -silent and -v flags are set, most logs are turned off but resp body is printed.

Expected Behavior:

When both -silent and -v flags are set, proxify returns an error or exception.

Steps To Reproduce:

1. Run proxify -v -silent

Anything else:

Related discussion: #145

os: windows

https logs save error

Filenames cannot contain colons

Currently, proxify logs all the data into text format on the local machine.

More plugin-like implementation can be added to support additional ways to log the data.

• elasticsearch
• kafka (PR #28)

OS macOS 11.1
Browser chrome 88.0.4324.96

Hi,
can Proxify works also as TCP Proxy? That means to listen on (IP_A/localhost/0.0.0.0):port_A, do magic, and forward traffic to IP_B:port_B?

Actually , There Is One Issue While Saving The Requests And The Responses

From The Previous Image There Is not an New Line Between Body Of The POST Request And First Line Of The Response e.g. log File Should Be Like This

And If You Can Possible Add Feature To Save Only Request Without Response That Will Be a Great Because If Any One Can Use This Files With sqlmap Tool With Option -r OR fuff Tool With Option -request

fyne used?

I've been playing with this tool for a while, and just ran into an use case that I needed. In the current form only the following are allowed:

• http to http
• http to socks5

It would be very useful to also allow: socks5 to socks5

I already try running with: -addr socks5://192.168.255.10 and it complains about the formatting of my address and fails to start.

Information about replay binay is missing in installation guide.

From Source

▶ GO111MODULE=on go get -v github.com/projectdiscovery/proxify/cmd/proxify
▶ GO111MODULE=on go get -v github.com/projectdiscovery/proxify/cmd/replay

From Github

▶ git clone https://github.com/projectdiscovery/proxify.git;
cd proxify/cmd/proxify; go build; cp proxify /usr/local/bin; proxify -version ;
cd ../replay; go build; cp replay /usr/local/bin; replay -version

sudo  /usr/local/bin/replay -burp-addr http://127.0.0.1:8080 -output logs/

• handle differentiating path param from resource path

Since we already support saving requests into files, it would be nice if we would also enable post-processing/filtering of those requests.

Use-case:

1. automatically/manually crawl an application and proxy the requests through proxify
2. look at the saved requests saved, notice some interesting things/patterns
3. filter the existing local requests using your observations (e.g. consider requests only targeting a specific URL path like /api/v1/)
4. realize it would make sense to change the session id (e.g. admin vs user session to look for authorization issues)
5. replay the filtered and modified local requests against the target, or potentially even against another similar targets
6. pipe it through httpx and filter only requests that returned 200 OK

Note: merging current reply in proxify will be handled in a follow-up ticket

I'm thinking that by default verbose flag should not print binary data, and -vv should, any thoughts?

This will be used to inspect/manipulate various encoded formated data (Ex. Protobuf, Soap, etc.)

Problem:
Currently Proxify cant handle multiple upstream proxies at once. For example, running
proxify -http-proxy http://127.0.0.1:8080 -http-proxy http://127.0.0.1:8081 -addr 127.0.0.1:8888 curl https://google.com -x 127.0.0.1:8888

This will forward the request to last http-proxy provided via the command line. So in the above example, the curl would only use http://127.0.0.1:8081 as the upstream proxy.

Suggested result:
Ideally when specifying multiple upstream proxies, Proxify should forward the request to both proxies and subsequently forward both responses back to the client.

Once this is implemented, another feature or cli argument can be created to specify how many requests to forward to one proxy, before switching to the other. The use case for this could be a proxy rotator that round-robins the requests based on a user provider integer. For example, adding a --count/-c argument.

In this hypothetical example, proxfiy would forward one http request to one proxy before switching to the next proxy (optionally it could read from a file of http-proxies).

proxify -http-proxy http://127.0.0.1:8080 -http-proxy http://127.0.0.1:8081 -addr 127.0.0.1:8888 -c 1
curl https://google.com -x 127.0.0.1:8888 >> forwards request to http://127.0.0.1:8081
curl https://google.com -x 127.0.0.1:8888 >> forwards request to http://127.0.0.1:8080
curl https://google.com -x 127.0.0.1:8888 >> forwards request to http://127.0.0.1:8081

and so on.

For Example , I Need To Forward Requests To Burp And Zap At The Same Time

So It Is Possible To Make It To Use List Of Upstream Proxy e.g. 127.0.0.1:8080 AND 127.0.0.1:8090 As You Can See In The Previous Figure

proxify -response-match-replace-dsl "regex(response,'aaaa','bbb')"
panic: interface conversion: interface {} is bool, not string

Note: DSL will be deprecated

Using the -v flag with proxify, shows the whole request.

It would be nice if -v would only show the target and the request type (e.g. HTTP POST https://projectdiscovery.io), and the body would only be shown if the -vv flag is specified.

Note: -vv should implicitly include -v.

To reproduce this, use proxify with -v flag.

We can start with a simple UI allowing visualize the request/response history easily with a simple text-based search on it.

• Single Request / Response view
• History of Request / Respose view
• Search bar allowing text based search on request / response.

Issue: The current Docker image was released using arm64 instead of amd64.

Fix: Release a new latest tag with amd64 arch.

• Intercept, dump and manipulate non-http traffic (natively or interfacing with third party tools like burp/zap/mitmproxy)
• Invisible proxy support
• TLS MITM support with client/server certificates
• Match/Replace DSL support
• Plugin Support to decode specific protocols (e.g XMPP/SMTP/FTP/SSH/) => Callback functions
• Native embedded DNS server (e.g allows non-http connections hijack without rooting/jailbreaking the device)

Proxify command:

proxify -request-match-replace-dsl "replace(request,'r=','r=#')" -v

GET request:

http://testphp.vulnweb.com:80/redir.php?r=http%3A%2F%2F127.0.0.1%3A8080%23%40testphp.vulnweb.com

output:

GET /redir.php?r=http%3A%2F%2F127.0.0.1%3A8080%23%40testphp.vulnweb.com HTTP/1.1
Host: testphp.vulnweb.com:80
Accept-Encoding: gzip
User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0

HTTP/1.1 302 Moved Temporarily
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Mon, 07 Jun 2021 17:03:23 GMT
Location: http://127.0.0.1:8080#@testphp.vulnweb.com
Server: nginx/1.19.0
X-Powered-By: PHP/5.6.40-38+ubuntu20.04.1+deb.sury.org+1