Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support for -vv flag #142

Merged
merged 2 commits into from
Jul 27, 2022
Merged

Add support for -vv flag #142

merged 2 commits into from
Jul 27, 2022

Conversation

mjkim610
Copy link
Contributor

Proposed changes

This PR implements the -vv flag as described in #139.

Currently there is only -v flag which shows the whole request and response body. The -vv flag is added and divides logging levels into two. The -v flag only shows request and response type, and the -vv flag also shows the response body. The -vv flag implicitly includes -v.

Checklist

  • Pull request is created against the dev branch
  • All checks passed (lint, unit/integration/regression tests etc.) with my changes
  • I have added tests that prove my fix is effective or that my feature works
  • I have added necessary documentation (if appropriate)

Currently there is only -v flag which shows the whole request and
response body. The -vv flag is added and divides logging levels into
two. The -v flag only shows request and response type, and the -vv
flag also shows the response body. The -vv flag implicitly includes
-v.

Signed-off-by: Myung-jong Kim <[email protected]>
@mjkim610 mjkim610 mentioned this pull request Jul 24, 2022
4 tasks
@mjkim610
Copy link
Contributor Author

No verbosity flag:

$ ./proxify.exe 

                       _ ___
   ___  _______ __ __ (_) _/_ __      
  / _ \/ __/ _ \\ \ // / _/ // /      
 / .__/_/  \___/_\_\/_/_/ \_, /       
/_/                      /___/  v0.0.7

                projectdiscovery.io

Use with caution. You are responsible for your actions
Developers assume no liability and are not responsible for any misuse or damage.
HTTP Proxy Listening on 127.0.0.1:8888
Socks5 Proxy Listening on 127.0.0.1:10080
Saving traffic to logs

With -v:

$ ./proxify.exe -v

                       _ ___
   ___  _______ __ __ (_) _/_ __
  / _ \/ __/ _ \\ \ // / _/ // /
 / .__/_/  \___/_\_\/_/_/ \_, /
/_/                      /___/  v0.0.7

                projectdiscovery.io

Use with caution. You are responsible for your actions
Developers assume no liability and are not responsible for any misuse or damage.
HTTP Proxy Listening on 127.0.0.1:8888
Socks5 Proxy Listening on 127.0.0.1:10080
Saving traffic to logs
2022/07/26 23:58:03 [001] INFO: Running 3 CONNECT handlers
2022/07/26 23:58:03 [001] INFO: on 1th handler: &{2 <nil> 0xeb1280} optimizationguide-pa.googleapis.com:443
2022/07/26 23:58:03 [001] INFO: Assuming CONNECT is TLS, mitm proxying it
2022/07/26 23:58:03 [002] INFO: Got request /online/ quietinnershiningtreasure.neverssl.com GET http://quietinnershiningtreasure.neverssl.com/online/
2022/07/26 23:58:03 [002] INFO: Sending request GET http://quietinnershiningtreasure.neverssl.com/online/
2022/07/26 23:58:03 [001] WARN: Cannot handshake client optimizationguide-pa.googleapis.com:443 remote error: tls: unknown certificate
2022/07/26 23:58:03 [002] INFO: Received response 200 OK
2022/07/26 23:58:03 [002] INFO: Copying response to client 200 OK [200]
2022/07/26 23:58:03 [002] INFO: Copied 2238 bytes to client error=<nil>

With -vv:

$ ./proxify.exe -vv

                       _ ___
   ___  _______ __ __ (_) _/_ __
  / _ \/ __/ _ \\ \ // / _/ // /
 / .__/_/  \___/_\_\/_/_/ \_, /
/_/                      /___/  v0.0.7

                projectdiscovery.io

Use with caution. You are responsible for your actions
Developers assume no liability and are not responsible for any misuse or damage.
HTTP Proxy Listening on 127.0.0.1:8888
Socks5 Proxy Listening on 127.0.0.1:10080
Saving traffic to logs
2022/07/26 23:58:17 [001] INFO: Running 3 CONNECT handlers
2022/07/26 23:58:17 [001] INFO: on 1th handler: &{2 <nil> 0xeb1280} v10.events.data.microsoft.com:443
2022/07/26 23:58:17 [001] INFO: Assuming CONNECT is TLS, mitm proxying it
2022/07/26 23:58:18 [001] INFO: Exiting on EOF
2022/07/26 23:58:19 [002] INFO: Running 3 CONNECT handlers
2022/07/26 23:58:19 [002] INFO: on 1th handler: &{2 <nil> 0xeb1280} optimizationguide-pa.googleapis.com:443
2022/07/26 23:58:19 [002] INFO: Assuming CONNECT is TLS, mitm proxying it
2022/07/26 23:58:19 [003] INFO: Got request /online/ quietinnershiningtreasure.neverssl.com GET http://quietinnershiningtreasure.neverssl.com/online/
GET http://quietinnershiningtreasure.neverssl.com/online/ HTTP/1.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9      
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9,ko-KR;q=0.8,ko;q=0.7
Cache-Control: max-age=0
Dnt: 1
If-Modified-Since: Wed, 29 Jun 2022 00:23:22 GMT
If-None-Match: "8be-5e28b29291e10-gzip"
Proxy-Connection: keep-alive
Sec-Gpc: 1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36

2022/07/26 23:58:19 [003] INFO: Sending request GET http://quietinnershiningtreasure.neverssl.com/online/
2022/07/26 23:58:19 [002] WARN: Cannot handshake client optimizationguide-pa.googleapis.com:443 remote error: tls: unknown certificate
2022/07/26 23:58:19 [003] INFO: Received response 200 OK
HTTP/1.1 200 OK
Accept-Ranges: bytes
Connection: Upgrade
Content-Type: text/html; charset=UTF-8
Date: Tue, 26 Jul 2022 14:58:19 GMT
Etag: "8be-5e28b29291e10-gzip"
Last-Modified: Wed, 29 Jun 2022 00:23:22 GMT
Server: Apache/2.4.53 ()
Upgrade: h2,h2c
Vary: Accept-Encoding

<html>
        <head>
                <title>NeverSSL - helping you get online</title>

                <style>
                body {
                        font-family: Montserrat, helvetica, arial, sans-serif;
                        font-size: 16x;
                        color: #444444;
                        margin: 0;
                }
                h2 {
                        font-weight: 700;
                        font-size: 1.6em;
                        margin-top: 30px;
                }
                p {
                        line-height: 1.6em;
                }
                .container {
                        max-width: 650px;
                        margin: 20px auto 20px auto;
                        padding-left: 15px;
                        padding-right: 15px
                }
                .header {
                        background-color: #42C0FD;
                        color: #FFFFFF;
                        padding: 10px 0 10px 0;
                        font-size: 2.2em;
                }
                <!-- CSS from Mark Webster https://gist.github.com/markcwebster/9bdf30655cdd5279bad13993ac87c85d -->
                </style>
        </head>
        <body>

        <div class="header">
                <div class="container">
                <h1>NeverSSL</h1>
                </div>
        </div>

        <div class="content">
        <div class="container">

        <h2>What?</h2>
        <p>This website is for when you try to open Facebook, Google, Amazon, etc
        on a wifi network, and nothing happens. Type "http://neverssl.com"
        into your browser's url bar, and you'll be able to log on.</p>

        <h2>How?</h2>
        <p>neverssl.com will never use SSL (also known as TLS). No
        encryption, no strong authentication, no <a
        href="https://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security">HSTS</a>,
        no HTTP/2.0, just plain old unencrypted HTTP and forever stuck in the dark
        ages of internet security.</p>

        <h2>Why?</h2>
        <p>Normally, that's a bad idea. You should always use SSL and secure
        encryption when possible. In fact, it's such a bad idea that most websites
        are now using https by default.</p>

        <p>And that's great, but it also means that if you're relying on
        poorly-behaved wifi networks, it can be hard to get online.  Secure
        browsers and websites using https make it impossible for those wifi
        networks to send you to a login or payment page. Basically, those networks
        can't tap into your connection just like attackers can't. Modern browsers
        are so good that they can remember when a website supports encryption and
        even if you type in the website name, they'll use https.</p>

        <p>And if the network never redirects you to this page, well as you can
        see, you're not missing much.</p>

        <a href="https://twitter.com/neverssl">Follow @neverssl</a>

        </div>
        </div>
        </body>
</html>
2022/07/26 23:58:19 [003] INFO: Copying response to client 200 OK [200]
2022/07/26 23:58:19 [003] INFO: Copied 2238 bytes to client error=<nil>
2022/07/26 23:58:21 [004] INFO: Running 3 CONNECT handlers
2022/07/26 23:58:21 [004] INFO: on 1th handler: &{2 <nil> 0xeb1280} v10.events.data.microsoft.com:443
2022/07/26 23:58:21 [004] INFO: Assuming CONNECT is TLS, mitm proxying it
2022/07/26 23:58:21 [004] INFO: Exiting on EOF

@mjkim610
Copy link
Contributor Author

Hi @ehsandeep.

Could you please take a look and provide any feedback or merge? Thanks :)

@ehsandeep ehsandeep requested a review from Mzack9999 July 26, 2022 18:15
@ehsandeep ehsandeep merged commit 1be00ea into projectdiscovery:dev Jul 27, 2022
@ehsandeep
Copy link
Member

thank you @mjkim610 for the PR.

@ehsandeep ehsandeep linked an issue Jul 27, 2022 that may be closed by this pull request
@mjkim610 mjkim610 deleted the vv-flag branch July 27, 2022 11:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Make the verbosity option more granular
3 participants