Add HTTP proxy support

README.md

@@ -67,6 +67,7 @@ $ python3 ssrfmap.py
     --lport LPORT       LPORT reverse shell
     --uagent USERAGENT  User Agent to use
     --ssl [SSL]         Use HTTPS without verification
+    --proxy PROXY       Use HTTP(s) proxy (ex: http://localhost:8080)
     --level [LEVEL]     Level of test to perform (1-5, default: 1)
 ```
 

core/requester.py

@@ -12,7 +12,7 @@ class Requester(object):
     headers    = {}
     data       = {}
 
-    def __init__(self, path, uagent, ssl):
+    def __init__(self, path, uagent, ssl, proxies):
         try:
             # Read file request
             with open(path, 'r') as f:
@@ -45,6 +45,8 @@ class Requester(object):
             # Handling HTTPS requests
             if ssl == True:
                 self.protocol   = "https"
+            
+            self.proxies = proxies
 
         except Exception as e:
             logging.warning("Bad Format or Raw data !")
@@ -88,7 +90,8 @@ class Requester(object):
                             json=data_injected,
                             timeout=timeout,
                             stream=stream,
-                            verify=False
+                            verify=False,
+                            proxies=self.proxies
                         )
 
                     # Handle FORM data
@@ -99,7 +102,8 @@ class Requester(object):
                             data=data_injected,
                             timeout=timeout,
                             stream=stream,
-                            verify=False
+                            verify=False,
+                            proxies=self.proxies
                         )
                 else:
                     if self.headers['Content-Type'] and "application/xml" in self.headers['Content-Type']:
@@ -115,7 +119,8 @@ class Requester(object):
                                 data=data_xml,
                                 timeout=timeout,
                                 stream=stream,
-                                verify=False
+                                verify=False,
+                                proxies=self.proxies
                             )                            
                             
                         else:
@@ -134,7 +139,8 @@ class Requester(object):
                     headers=self.headers,
                     timeout=timeout,
                     stream=stream,
-                    verify=False
+                    verify=False,
+                    proxies=self.proxies
                 )
         except Exception as e:
             logging.error(e)

core/ssrf.py

@@ -24,8 +24,15 @@ class SSRF(object):
             handler = self.handler.exploit(args.lport)
             handler.start()
 
+        proxies = None
+        if args.proxy:
+            proxies = { 
+                "http"  : args.proxy, 
+                "https" : args.proxy, 
+            }
+
         # Init a requester
-        self.requester = Requester(args.reqfile, args.useragent, args.ssl)
+        self.requester = Requester(args.reqfile, args.useragent, args.ssl, proxies)
 
         # NOTE: if args.param == None, target everything
         if args.param == None:

ssrfmap.py

@@ -34,6 +34,7 @@ def parse_args():
     parser.add_argument('--rfiles', action ='store', dest='targetfiles', help="Files to read with readfiles module", nargs='?', const=True)
     parser.add_argument('--uagent',action ='store', dest='useragent', help="User Agent to use")
     parser.add_argument('--ssl',   action ='store', dest='ssl',       help="Use HTTPS without verification", nargs='?', const=True)
+    parser.add_argument('--proxy',   action ='store', dest='proxy',   help="Use HTTP(s) proxy (ex: http://localhost:8080)")
     parser.add_argument('--level', action ='store', dest='level',     help="Level of test to perform (1-5, default: 1)", nargs='?', const=1, default=1, type=int)
     results = parser.parse_args()