p0wnpr0xy.py is a simply python script that acts as a http/https proxy and launches commands such as sqlmap against targets that are in-scope. It relies on httpservers.py from gnucitizen to do the heavy lifting. You can download his module from here and save it to the same directory as p0wnpr0xy.
When you launch p0wnpr0xy you supply it with two arguments:
1) Part of the domain name for the in-scope hosts
2) The full command line for the tool you want to use against the target URL
p0wnpr0xy will start a proxy listener on port 8080. You modify your browsers proxy settings to browse through the proxy. The proxy will collect in-scope URLs and the cookies associated with each URL. It then walks you through all of the URL that have been collected and gives you the option to launch the specified command on each URL. If you choose to attack the URL it will launch the command specified on the command line replacing the string “{url}” with the URL collected and the string “{cookies}” with cookies it has collected.
Pretty simple, but it can make repetitive tasks easier. Here is an demonstration of how you can use p0wnpr0xy along with sqlmap.
Using p0wnpr0xy from Security Weekly on Vimeo
Download p0wnpr0xy HERE!
Don’t forget to download GNUCitizens httpservers module here.
