Lib.rs

Web programmingWebSocketRustyproxy
#proxy-server #sqlite #security #http-proxy #http-request #requests #save

app rustyproxy-srv

Proxy server for the RustyProxy project. Used to save HTTP(s) requests for security analysis

Owned by Vaelio.

6 stable releases

1.0.6 Apr 18, 2024
1.0.5 Aug 30, 2023
1.0.4 Jul 26, 2023
1.0.1 May 31, 2023

#27 in WebSocket

Download history 4/week @ 2024-02-26 104/week @ 2024-03-04 4/week @ 2024-03-11 4/week @ 2024-04-01 130/week @ 2024-04-15

134 downloads per month

GPL-3.0-only

120KB
2.5K SLoC

rustyproxy-srv

If you are looking for the GUI see this repository

Contributing

At this point the priority is making a user interface to be able to view/edit/replay requests. The overall goal is to provide the equivalent of the repeater and intruder of Burpsuite. But this part of the project should only store request coming from browsers.

TL;DR: Message me on Matrix and i'll guide you: @vaelio

Getting started

If you are using the binary:

$ rustyproxy -h

rustyproxy-srv 
MITM Proxy server that stores requests in sqlite for later usage

USAGE:
    rustyproxy-srv [OPTIONS] --directory <DIRECTORY> --secret <SECRET>

OPTIONS:
    -a, --addr <ADDR>
            addr to bind to [default: 127.0.0.1]

    -A, --api-addr <API_ADDR>
            addr for the api [default: 127.0.0.1]

        --allow-localhost
            disable localhost protection

    -d, --directory <DIRECTORY>
            Path for the project to be stored

        --enable-auth
            add auth for everything

        --enable-paging
            

        --force-https
            forced target uses https ?

        --force-target <FORCE_TARGET>
            force target for any incoming request [default: ]

    -h, --help
            Print help information

    -p, --port <PORT>
            port to bind to [default: 8000]

    -P, --api-port <API_PORT>
            port for the api [default: 8443]

    -s, --secret <SECRET>
            shared secret for the API

    -S, --scope <SCOPE>
            add a scope to prevent registering out of scope stuff [default: ]

    -v, --verbose
            allow debug logs

if you are using cargo:

$ cargo run -- [OPTIONS] --directory <DIRECTORY> -s <SECRET>

For example:

$ cargo run --release -- -a 0.0.0.0 -p 8080 -d /tmp/rustyproxy-project/ -s SUPAHSECRET

Or with docker:

$ sudo docker run -d -v /path/to/directory:/tmp/dir -p8000:8000 -p 8443:8443 registry.gitlab.com/r2367/rustyproxy-srv:dev-203f680e /opt/rustyproxy-srv -d /tmp/dir -s supahsecret -A 0.0.0.0 -a 0.0.0.0 -v

Roadmap

This part of the project is now in a usable state. If you ever have the time to trace which requests created the problem feel free to send it to me so that I can reproduce and fix.

  • HTTPS Mitm proxy
  • HTTP proxy
  • HTTP(s) Reverse Proxy
  • HTTPS Api for GUIs
  • Upstream Proxy
  • Handle websockets
  • Code optimization and bug termination

What kind of performance should i expect ?

For now it should be "decent" but i'm sure someone more experienced should be able to optimize further.

However, as an exemple, i get pretty consistent results like this one: (Most likely, the performance advantage with the proxy comes from the fact that i ignore certificates validation)

❯ time curl https://httpbin.org/ip 1>/dev/null 2>&1

real	0m0.405s
user	0m0.027s
sys	0m0.025s

~
❯ time curl https://httpbin.org/ip -k --proxy-insecure --proxy 127.0.0.1:8000 1>/dev/null 2>&1

real	0m0.368s
user	0m0.004s
sys	0m0.018s

This program is licensed under GPL-3.0

Dependencies

~30–40MB
~657K SLoC