Being able to hide or continually rotate the source IP address when making web calls can be difficult or expensive. A number of tools have existed for some time but they were either limited with the number of IP addresses, were expensive, or required deployment of lots of VPS's. FireProx leverages the AWS API Gateway to create pass-through proxies that rotate the source IP address with every request! Use FireProx to create a proxy URL that points to a destination server and then make web requests to the proxy URL which returns the destination server response!
Brought to you by:
- Follow me on Twitter for more tips, tricks, and tools (or just to say hi)! (Mike Felch - @ustayready)
- Rotates IP address with every request
- Configure separate regions
- All HTTP methods supported
- All parameters and URI's are passed through
- Create, delete, list, or update proxies
- Spoof X-Forwarded-For source IP header by requesting with an X-My-X-Forwarded-For header
Source IP address is passed to the destination in the X-Forwarded-For header by AWS- I am not responsible if you don't abide by the robots.txt :)
- CloudFlare seems to sometimes detect X-Forwarded-For when blocking scrapers (NEED TO TEST W/ NEW PATCH)
- Use of this tool on systems other than those that you own are likely to violate the AWS Acceptable Use Policy and could potentially lead to termination or suspension of your AWS account. Further, even use of this tool on systems that you do own, or have explicit permission to perform penetration testing on, is subject to the AWS policy on penetration testing.
After releasing FireProx publicly, I learned two others were already using the AWS API Gateway technique. Researching the chain of events and having some great conversations, I came to the realization that the only reason I even knew about it was because of these people. I thought it would be cool to give them a few shout-outs and credit, follow these people -- they are awesome.
Credit goes to Ryan Hanson - @ryHanson who is the first known source of the API Gateway technique
Shout-out to Mike Hodges - @rmikehodges for making it public in at BlackHat Arsenal 2018
Major shout-out, once again, to my good friend Ralph May - @ralphte1 for introducing me to the technique awhile back.
usage: fire.py [-h] [--access_key ACCESS_KEY] [--secret_access_key SECRET_ACCESS_KEY] [--region REGION] [--command COMMAND] [--api_id API_ID] [--url URL]
FireProx API Gateway Manager
optional arguments:
-h, --help show this help message and exit
--access_key ACCESS_KEY
AWS Access Key
--secret_access_key SECRET_ACCESS_KEY
AWS Secret Access Key
--region REGION AWS Region
--command COMMAND Commands: list, create, delete, update
--api_id API_ID API ID
--url URL URL end-point
- Examples
- examples/google.py: Use a FireProx proxy to scrape Google search.
- examples/bing.py: Use a FireProx proxy to scrape Bing search.
You can install and run with the following command:
$ git clone https://github.com/ustayready/fireprox
$ cd fireprox
~/fireprox$ virtualenv -p python3 .
~/fireprox$ source bin/activate
(fireprox) ~/fireprox$ pip install -r requirements.txt
(fireprox) ~/fireprox$ python fire.py
Note that Python 3.6 is required.
Building a Docker image: (Currently does not work on Docker for Windows, possibly due to line endings in entrypoint.sh.)
$ git clone https://github.com/ustayready/fireprox
$ cd fireprox
$ docker build -t fireprox .
$ docker run --rm -it fireprox -h
- Create an issue to discuss your idea
- Fork FireProx (https://github.com/ustayready/fireprox/fork)
- Create your feature branch (
git checkout -b my-new-feature
) - Commit your changes (
git commit -am 'Add some feature'
) - Push to the branch (
git push origin my-new-feature
) - Create a new Pull Request
Bug reports, feature requests and patches are welcome.