基于ProxyPool创建Proxifier代理配置文件

基于ProxyPool创建Proxifier代理配置文件

前言

刚开始学习安全渗透,想着用御剑去扫后台目录看有没有后台登录入口。扫着扫着我发现不能访问网站,浏览器界面提示访问重定向。 问群里的大神才知道是 waf 把此IP的请求给拦截,那就弄个代理池。不是单一IP地址进行访问,不会被waf 拦截了吧!

环境搭建

使用github开源ProxyPool项目进行免费的代理IP进行收集、进行可用性验证。将已经验证过代理链接信息保存在Redis 数据库中。并且支持docker部署

ProxyPool链接:https://github.com/jhao104/proxy_pool

安装Redis 数据库

参考链接:https://www.cnblogs.com/hunanzp/p/12304622.html

Redis 遇到的坑

1
2
3
4
5
6
7
8
9
10
11
12
13
# 修改redis.conf配置文件后需要重启redis服务
requirepass ""
# 设置非密码访问,也可以注释掉。

# 取消redis 安全模式
# bind 127.0.0.1
# 取消只能本地链接

daemonize no
# Redis默认不是以守护进程的方式运行,可以通过该配置项修改,使用yes启用守护进程,设置为no

protected-mode no 
# 保护模式

安装拉取ProxyPool docker

docker 安装方法 请自行百度或谷歌

Docker运行

1
2
docker pull jhao104/proxy_pool --拉取镜像
docker run --env DB_CONN=redis://:password@ip:port/db -p 5010:5010 jhao104/proxy_pool:latest --运行ProxyPool

样例:

1
2
3
docker run --env DB_CONN=redis://:redis数据库密码(不要设置密码,后续执行创建Proxifier配置文件python脚本,使用非认证操作)@ip:port/数据库序号(可以默认写0) -p 5010:5010 jhao104/proxy_pool:latest

docker run --env DB_CONN=redis://:@192.168.10.20:6379/0 -p 5010:5010 jhao104/proxy_pool:latest

image-20210813002218272

RedisDesktopManager截图

安装Proxifier

Proxifier下载链接

傻瓜式安装、汉化版本

Proxifier配置

开启HTTP代理服务器设置,因为有一些代理ip是走HTTP协议的。而Proxifier默认只支持HTTPS协议

image-20210813004118444

image-20210813004232935

Proxifier配置文件生成

运行环境:Python3.6

模块:Redis,json,ElementTree

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
# -*- coding:utf8 -*-
import redis
import json
from xml.etree import ElementTree

def RedisProxyGet():
    ConnectString = []
    pool = redis.ConnectionPool(host='192.168.10.20', port=6379, db=0, decode_responses=True)
    use_proxy = redis.Redis(connection_pool=pool)
    key = use_proxy.hkeys('use_proxy')
    for temp in key:
        try:
            ConnectString.append(json.loads(use_proxy.hget('use_proxy',temp)))
        except json.JSONDecodeError: # JSON解析异常处理
            pass
    return ConnectString

def xmlOutputs(data):
    i = 101
    ProxyIDList = []
# ProxifierProfile根
    ProxifierProfile = ElementTree.Element("ProxifierProfile")
    ProxifierProfile.set("version", str(i))
    ProxifierProfile.set("platform", "Windows")
    ProxifierProfile.set("product_id", "0")
    ProxifierProfile.set("product_minver", "310")

# Options 节点
    Options = ElementTree.SubElement(ProxifierProfile, "Options")

    # Options.Resolve
    Resolve = ElementTree.SubElement(Options, "Resolve")
    # Options.Resolve.AutoModeDetection
    AutoModeDetection = ElementTree.SubElement(Resolve, "AutoModeDetection")
    AutoModeDetection.set("enabled", "false")

    # Options.Resolve.ViaProxy
    ViaProxy = ElementTree.SubElement(Resolve, "ViaProxy")
    ViaProxy.set("enabled", "false")

    # Options.Resolve.ViaProxy.TryLocalDnsFirst
    TryLocalDnsFirst = ElementTree.SubElement(ViaProxy, "TryLocalDnsFirst")
    TryLocalDnsFirst.set("enabled", "false")

    # Options.Resolve.ExclusionList
    ExclusionList = ElementTree.SubElement(Resolve, "ExclusionList")
    ExclusionList.text = "%ComputerName%; localhost; *.local"

    # Options.*
    Encryption = ElementTree.SubElement(Options, "Encryption")
    Encryption.set("mode", 'basic')
    Encryption = ElementTree.SubElement(Options, "HttpProxiesSupport")
    Encryption.set("enabled", 'true')
    Encryption = ElementTree.SubElement(Options, "HandleDirectConnections")
    Encryption.set("enabled", 'false')
    Encryption = ElementTree.SubElement(Options, "ConnectionLoopDetection")
    Encryption.set("enabled", 'true')
    Encryption = ElementTree.SubElement(Options, "ProcessServices")
    Encryption.set("enabled", 'false')
    Encryption = ElementTree.SubElement(Options, "ProcessOtherUsers")
    Encryption.set("enabled", 'false')

    # ProxyList
    ProxyList = ElementTree.SubElement(ProxifierProfile, "ProxyList")
    for temp in data:
        i += 1  # 从101开始增加
        # ProxyList.Proxy
        Proxy = ElementTree.SubElement(ProxyList, "Proxy")
        Proxy.set("id", str(i))

        if not temp['https']:
            Proxy.set("type", "HTTP")
        else:
            Proxy.set("type", "HTTPS")
            Proxy.text = str(i)
            ProxyIDList.append(i)

        # ProxyList.Proxy.Address
        Address = ElementTree.SubElement(Proxy, "Address")
        Address.text = temp['proxy'].split(":", 1)[0]

        # ProxyList.Proxy.Port
        Port = ElementTree.SubElement(Proxy, "Port")
        Port.text = temp['proxy'].split(":", 1)[1]

        # ProxyList.Proxy.Options
        Options = ElementTree.SubElement(Proxy, "Options")
        Options.text = "48"

    # RuleList
    ChainList = ElementTree.SubElement(ProxifierProfile, "ChainList")

    # RuleList.Chain
    Chain = ElementTree.SubElement(ChainList, "Chain")
    Chain.set("id", str(i))
    Chain.set("type", "simple")

    # RuleList.Chain.Name
    Name = ElementTree.SubElement(Chain, "Name")
    Name.text="AgentPool"

    # RuleList.Chain.Proxy
    for temp_id in ProxyIDList:
        Proxy = ElementTree.SubElement(Chain, "Proxy")
        Proxy.set("enabled", "true")
        Proxy.text=str(temp_id)
    # RuleList
    RuleList = ElementTree.SubElement(ProxifierProfile, "RuleList")

    # Rule
    Rule = ElementTree.SubElement(RuleList, "Rule")
    Rule.set("enabled", "true")
    Name = ElementTree.SubElement(Rule,"Name")
    Applications = ElementTree.SubElement(Rule,"Applications")
    Action = ElementTree.SubElement(Rule,"Action")

    Name.text="御剑后台扫描工具.exe [auto-created]"
    Applications.text="御剑后台扫描工具.exe"
    Action.set("type","Direct")

    # Rule
    Rule = ElementTree.SubElement(RuleList, "Rule")
    Rule.set("enabled", "true")
    Name = ElementTree.SubElement(Rule,"Name")
    Targets = ElementTree.SubElement(Rule,"Targets")
    Action = ElementTree.SubElement(Rule,"Action")

    Name.text="Localhost"
    Targets.text="localhost; 127.0.0.1; %ComputerName%"
    Action.set("type", "Direct")

    # Rule
    Rule = ElementTree.SubElement(RuleList, "Rule")
    Rule.set("enabled", "true")
    Name = ElementTree.SubElement(Rule, "Name")
    Action = ElementTree.SubElement(Rule, "Action")
    Name.text = "Default"
    Action.text = "102"
    Action.set("type", "Proxy")

    tree = ElementTree.ElementTree(ProxifierProfile)
    tree.write("ProxifierConf.ppx", encoding="UTF-8", xml_declaration=True)
if __name__ == '__main__':
    proxy_data = RedisProxyGet()
    xmlOutputs(proxy_data)
    print("ProxifierConf.ppx配置文件创建完成....")

创建Proxifier配置文件:

Proxifier配置文件导入:

开始奔放吧

redis > Python > Docker > 安全渗透 > 代理池 > Proxifier
#日常笔记 #Linux #Docker #安全渗透 #Python #redis #代理池 #Proxifier
基于ProxyPool创建Proxifier代理配置文件
https://hesc.info/a1910a6a5b94/
作者
需要哈气的纸飞机
发布于
2023年3月8日
许可协议