proxenet.1

.TH PROXENET "1" "August 2016" "proxenet v0.4" "User Commands"

.SH NAME
proxenet \- manual page for proxenet

.SH DESCRIPTION
.I proxenet
is a multi-threaded proxy which allows you to manipulate HTTP requests
and responses using your favorite scripting language. No need to learn Java
(like for Burp), or Python (like for mitmproxy).
.I proxenet
supports many languages (see the section "Language Versions") and more can be easily
added. It can also be used for Man-In-The-Middle attack, to automate the
interception and manipulation on-the-fly of HTTP/HTTPS requests and responses.

.SH BASIC OPTIONS

.TP
\fB\-h\fR, \fB\-\-help\fR
Show help
.TP
\fB\-V\fR, \fB\-\-version\fR
Show version
.TP
\fB\-d\fR, \fB\-\-daemon\fR
Start as daemon
.TP
\fB\-v\fR, \fB\-\-verbose\fR
Increase verbosity (default: 0)
.TP
\fB\-n\fR, \fB\-\-no\-color\fR
Disable colored output
.TP
\fB\-l\fR, \fB\-\-logfile=\fR/path/to/logfile
Log actions in file (default stdout)
.TP
\fB\-x\fR, \fB\-\-plugins=\fR/path/to/plugins/dir
Specify plugins directory (default: '~/.proxenet/plugins')
.PP

.SH INTERCEPT OPTIONS
.TP
\fB\-I\fR, \fB\-\-intercept\-only\fR
Intercept only hostnames matching pattern (default mode)
.TP
\fB\-E\fR, \fB\-\-intercept\-except\fR
Intercept everything except hostnames matching pattern
.TP
\fB\-m\fR, \fB\-\-pattern\fR=\fI\,PATTERN\/\fR
Specify a hostname matching pattern (default: '*')
.TP
\fB\-N\fR, \fB\-\-no\-ssl\-intercept\fR
Do not intercept any SSL traffic
.TP
\fB\-i\fR, \fB\-\-ie\-compatibility\fR
Toggle old IE compatibility mode (default: on)
.PP

.SH NETWORK OPTIONS
.TP
\fB\-4\fR
IPv4 only (default)
.TP
\fB\-6\fR
IPv6 only (default: IPv4)
.TP
\fB\-t\fR, \fB\-\-nb\-threads\fR=\fI\,N\/\fR
Number of threads (default: 20)
.TP
\fB\-b\fR, \fB\-\-bind\fR=\fI\,bindaddr\/\fR
Bind local address (default: 'localhost')
.TP
\fB\-p\fR, \fB\-\-port\fR=\fI\,N\/\fR
Bind local port file (default: '8008')
.TP
\fB\-X\fR, \fB\-\-proxy\-host\fR=\fI\,proxyhost\/\fR
Forward to proxy
.TP
\fB\-P\fR  \fB\-\-proxy\-port\fR=\fI\,proxyport\/\fR
Specify port for proxy (default: '8080')
.TP
\fB\-D\fR, \fB\-\-use\-socks\fR
The proxy to connect to is supports SOCKS4 (default: 'HTTP')
.PP

.SH SSL OPTIONS
.TP
\fB\-c\fR, \fB\-\-certfile=\fR/path/to/ssl.crt
Specify SSL cert to use (default: '~/.proxenet/keys/proxenet.crt')
.TP
\fB\-k\fR, \fB\-\-keyfile=\fR/path/to/ssl.key
Specify SSL private key file to use (default: '~/.proxenet/keys/proxenet.key')
.TP
\fB\-\-keyfile\-passphrase\fR=\fI\,MyPwd\/\fR
Specify the password for this SSL key (default: '')
.TP
\fB\-\-sslcli\-certfile=\fR/path/to/ssl.crt
Path to the SSL client certificate to use
.TP
\fB\-\-sslcli\-domain\fR=\fI\,my\/\fR.ssl.domain.com
Domain to use for invoking the client certificate (default: '*')
.TP
\fB\-\-sslcli\-keyfile=\fR/path/to/key.crt
Path to the SSL client certificate private key
.TP
\fB\-\-sslcli\-keyfile\-passphrase\fR=\fI\,MyPwd\/\fR
Specify the password for the SSL client certificate private key (default: '')
.PP

.SH CONFIGURATION
To start,
.I proxenet
requires to find :

.TP
- a valid plugin directory, which can be done easily by executing the command:

$ mkdir -p ~/.proxenet/plugins/autoload

.TP
- and a valid path for the internal Certificate Authority (CA). The script
.I proxenet-setup-ca.sh
(by default in /opt/proxenet/misc) will generate it for you.

$ mkdir -p ~/.proxenet/keys && cd ~/.proxenet/keys &&
/opt/proxenet/misc/proxenet-setup-ca.sh keys

.I proxenet
is now ready to be used.

.SH COMMAND INTERFACES
.I proxenet
can be controlled via a command line interface, or a web interface. Both tools
can be found in the misc/ directory (by default, /opt/proxenet/misc).

The command line tool will directly communicate with
.I proxenet
Unix socket automatically created when it starts.

$  /opt/proxenet/misc/proxenet-control-cli.py
 [*] 2016/06/06 10:16:41: Connected
 Welcome on proxenet control interface
 Type `help` to list available commands

>>> help
Command list
    info -> Command 'info':Display information about environment
    quit -> Command 'quit':Make proxenet leave kindly
    help -> Command 'help':Show this menu
    plugin -> Command 'plugin':Get/Set info about plugin

>>> plugin load 1RemoveAcceptEncodingHeader.py
 Plugin '1RemoveAcceptEncodingHeader.py' successfully added

.I proxenet
web interface tool will spawn a web server binding by default on
localhost:8009/tcp and allow you to control it directly from your web
browser. The web server is based on `bottle` Python package so make sure it is
installed.


.SH PLUGINS
.I proxenet
was purposely made to be extremely extensible, and as such, it is easy
to write plugins for it in your favorite language. You just have to implement
two functions called (by default)
.I proxenet_response_hook()
and
.I proxenet_request_hook()

These two functions have the following properties:
.TP
- Take 3 arguments:
.TP
.I request_id/response_id
type Integer which corresponds to the request/response identifier. This
parameter is unique for each request and allows linking a request to its
response(s) from the server (as a response can be delivered in different
chunks).
.PP
.TP
.I request/response
type String - the request/response itself. The format (depending of the
interpreter), is either a regular string or an array of bytes.
.PP
.TP
.I uri
type String - the full URI
.PP
- Return a String (or array of bytes)
.PP

To use, simply drop the new plugin into the default plugins directory (as
defined by CFG_DEFAULT_PLUGINS_PATH (by default ./proxenet-plugins), or by
specifying the command line option -x. .

You can then load the plugin via the web interface or the command client during runtime.
.IP
.B >>> plugin load 1MyNewPlugin.rb
.PP
.IP
Plugin '1MyNewPlugin.rb' successfully added!
.PP



.SH "SEE ALSO"
The full documentation for
.B proxenet
is maintained on the ReadTheDocs page, available at https://proxenet.readthedocs.org/en/latest/.

.SH AUTHOR
proxenet was written by hugsy <hugsy __AT__ blah __DOT__ cat>

.SH LICENSE
proxenet is released under license GPLv2.