vexance
commented
1 year ago Testing a quick PoC within a module's options makes it appear that something along the lines of this will work:
self._options.add_string('HTTP_PROXY', 'Web proxy (schema://host:port) to use for HTTP(S) requests (e.g., \'http://127.0.0.1:8080\')', False)
...
proxy = self.get_opt('HTTP_PROXY')
if proxy not in ['', None]:
if proxy.startswith('http'):
self.proxies = {
'http': proxy,
'https': proxy
}And then performing a request via:
res = requests.request(method, endpoint, headers=req.http_headers, verify=ssl_verification, auth=sig, json=req.http_body, proxies=self.proxies)
Add an additional framework configuration option for HTTP_PROXY that can be leveraged by modules to send web traffic through a web proxy such as Burp Suite.
Also, perhaps consider a parent-class module method to perform a request while always adhering to the framework HTTP_PROXY config. Then modules could use self.http_request(args) without needing to get/check/specify the HTTP_PROXY.