声明:未经授权,严禁转载,如需转载,联系作者。请勿利用文章内的相关技术从事非法测试,如因此产生的一切不良后果与文章作者和本公众号无关。
0x00.前言
当我们在实战中对企业资产进行外网打点时,通常会使用一些批量化扫描工具,但是这些工具的流量是非常大的,企业的值守人员看到异常流量会对其进行封禁,这时我们就需要有一款代理池来不断地更改自己的IP来防止封禁。
文中展示工具在后台回复‘代理’即可获取
0x01.搭建代理池
配置Redis
在我们的公网VPS上安装redis服务
sudo apt install epel-releasesudo apt install redissudo systemctl start redis.service #启动redis服务sudo systemctl enable redis-server # Redis 在服务器启动时自动启动sudo systemctl status redis-server #查看redis服务状态
对redis的配置文件进行更改
vim /etc/redis/redis.confdaemonize yes # 守护进程开启protected-mode no # 关闭保护模式# bind 127.0.0.1 ::1 # 注释掉只允许本地访问port 6379 # redis开放端口
配置proxy_pool
git clone https://github.com/jhao104/proxy_pool.gitcd proxy_poolpip install -r requirements.txtvim setting.py #修改配置文件,如果是空密码,就设置为'redis://@127.0.0.1:6379/0',端口我设置为80,原本为5010
启动项目
python proxyPool.py schedule #启动项目python proxyPool.py server #启动api服务
开启之后,默认配置会开启vps80端口的api接口服务
| Api | Method | Description | Params |
| /get | GET | 随机获取一个代理 | 可选参数: ?type=https 过滤支持https的代理 |
| /pop | GET | 获取并删除一个代理 | 可选参数: ?type=https 过滤支持https的代理 |
| /all | GET | 获取所有代理 | 可选参数: ?type=https 过滤支持https的代理 |
| /count | GET | 查看代理数量 | / |
| /delete | GET | 删除代理 | ?proxy=host:ip |
现在代理池已经搭建成功,提供两种使用方法
-
配合proxifier使用
在vps中创建此脚本,命名为pro.py,自行配置redis端口和密码
# -*- coding:utf8 -*-
import redis
import json
from xml.etree import ElementTree
def RedisProxyGet():
ConnectString = []
pool = redis.ConnectionPool(host='127.0.0.1', port='6379', db=0, decode_responses=True)
use_proxy = redis.Redis(connection_pool=pool)
key = use_proxy.hkeys('use_proxy')
for temp in key:
try:
ConnectString.append(json.loads(use_proxy.hget('use_proxy',temp)))
except json.JSONDecodeError: # JSON解析异常处理
pass
return ConnectString
def xmlOutputs(data):
i = 101
ProxyIDList = []
# ProxifierProfile根
ProxifierProfile = ElementTree.Element("ProxifierProfile")
ProxifierProfile.set("version", str(i))
ProxifierProfile.set("platform", "Windows")
ProxifierProfile.set("product_id", "0")
ProxifierProfile.set("product_minver", "310")
# Options 节点
Options = ElementTree.SubElement(ProxifierProfile, "Options")
# Options.Resolve
Resolve = ElementTree.SubElement(Options, "Resolve")
# Options.Resolve.AutoModeDetection
AutoModeDetection = ElementTree.SubElement(Resolve, "AutoModeDetection")
AutoModeDetection.set("enabled", "false")
# Options.Resolve.ViaProxy
ViaProxy = ElementTree.SubElement(Resolve, "ViaProxy")
ViaProxy.set("enabled", "false")
# Options.Resolve.ViaProxy.TryLocalDnsFirst
TryLocalDnsFirst = ElementTree.SubElement(ViaProxy, "TryLocalDnsFirst")
TryLocalDnsFirst.set("enabled", "false")
# Options.Resolve.ExclusionList
ExclusionList = ElementTree.SubElement(Resolve, "ExclusionList")
ExclusionList.text = "%ComputerName%; localhost; *.local"
# Options.*
Encryption = ElementTree.SubElement(Options, "Encryption")
Encryption.set("mode", 'basic')
Encryption = ElementTree.SubElement(Options, "HttpProxiesSupport")
Encryption.set("enabled", 'true')
Encryption = ElementTree.SubElement(Options, "HandleDirectConnections")
Encryption.set("enabled", 'false')
Encryption = ElementTree.SubElement(Options, "ConnectionLoopDetection")
Encryption.set("enabled", 'true')
Encryption = ElementTree.SubElement(Options, "ProcessServices")
Encryption.set("enabled", 'false')
Encryption = ElementTree.SubElement(Options, "ProcessOtherUsers")
Encryption.set("enabled", 'false')
# ProxyList
ProxyList = ElementTree.SubElement(ProxifierProfile, "ProxyList")
for temp in data:
i += 1 # 从101开始增加
# ProxyList.Proxy
Proxy = ElementTree.SubElement(ProxyList, "Proxy")
Proxy.set("id", str(i))
if not temp['https']:
Proxy.set("type", "HTTP")
else:
Proxy.set("type", "HTTPS")
Proxy.text = str(i)
ProxyIDList.append(i)
# ProxyList.Proxy.Address
Address = ElementTree.SubElement(Proxy, "Address")
Address.text = temp['proxy'].split(":", 1)[0]
# ProxyList.Proxy.Port
Port = ElementTree.SubElement(Proxy, "Port")
Port.text = temp['proxy'].split(":", 1)[1]
# ProxyList.Proxy.Options
Options = ElementTree.SubElement(Proxy, "Options")
Options.text = "48"
# RuleList
ChainList = ElementTree.SubElement(ProxifierProfile, "ChainList")
# RuleList.Chain
Chain = ElementTree.SubElement(ChainList, "Chain")
Chain.set("id", str(i))
Chain.set("type", "simple")
# RuleList.Chain.Name
Name = ElementTree.SubElement(Chain, "Name")
Name.text="AgentPool"
# RuleList.Chain.Proxy
for temp_id in ProxyIDList:
Proxy = ElementTree.SubElement(Chain, "Proxy")
Proxy.set("enabled", "true")
Proxy.text=str(temp_id)
# RuleList
RuleList = ElementTree.SubElement(ProxifierProfile, "RuleList")
# Rule
Rule = ElementTree.SubElement(RuleList, "Rule")
Rule.set("enabled", "true")
Name = ElementTree.SubElement(Rule,"Name")
Applications = ElementTree.SubElement(Rule,"Applications")
Action = ElementTree.SubElement(Rule,"Action")
Name.text="御剑后台扫描工具.exe [auto-created]"
Applications.text="御剑后台扫描工具.exe"
Action.set("type","Direct")
# Rule
Rule = ElementTree.SubElement(RuleList, "Rule")
Rule.set("enabled", "true")
Name = ElementTree.SubElement(Rule,"Name")
Targets = ElementTree.SubElement(Rule,"Targets")
Action = ElementTree.SubElement(Rule,"Action")
Name.text="Localhost"
Targets.text="localhost; 127.0.0.1; %ComputerName%"
Action.set("type", "Direct")
# Rule
Rule = ElementTree.SubElement(RuleList, "Rule")
Rule.set("enabled", "true")
Name = ElementTree.SubElement(Rule, "Name")
Action = ElementTree.SubElement(Rule, "Action")
Name.text = "Default"
Action.text = "102"
Action.set("type", "Proxy")
tree = ElementTree.ElementTree(ProxifierProfile)
tree.write("ProxifierConf.ppx", encoding="UTF-8", xml_declaration=True)
if __name__ == '__main__':
proxy_data = RedisProxyGet()
xmlOutputs(proxy_data)
print("ProxifierConf.ppx配置文件创建完成....")运行此脚本后,生成proxifier配置文件
直接双击.ppx文件即可导入
并且在此界面打开HTTP代理
查看代理池
如图,代理成功
-
配合Auto Proxy插件使用
在谷歌拓展中开启开发者模式,并导入插件
点击配置中心,代理池配置,设置远程代理服务器配置,将自己的http://vps-ip/all写入即可
添加代理成功
当我们使用漏扫工具时,我们可以在proxifier中设置特定程序来使用此代理
关注公众号‘WebSec’带你了解更多姿势
扫一扫
499
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
