Created
May 12, 2025 14:20
-
-
Save grittyninja/fac8c69fdcaf213ee89b248b59ad4897 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| ######################################################################### | |
| # Proxy Manager Script | |
| # | |
| # A utility to setup and manage proxy configurations for Burp Suite | |
| # or other HTTP/HTTPS proxies for security testing and analysis. | |
| # | |
| ######################################################################### | |
| set -e # Exit immediately if a command exits with non-zero status | |
| set -u # Treat unset variables as an error | |
| set -o pipefail # Pipeline fails on any command error | |
| ######################################################################### | |
| # Configuration variables with defaults (can be overridden by arguments) | |
| ######################################################################### | |
| HOST="127.0.0.1" | |
| PORT="8089" | |
| CERT_PATH="/tmp" | |
| DER_CERT="" | |
| PEM_CERT="" | |
| VERBOSE=false | |
| LOG_FILE="" | |
| COMMAND="setup" | |
| ######################################################################### | |
| # Logging Functions | |
| ######################################################################### | |
| # Log levels: INFO, WARN, ERROR, DEBUG | |
| log() { | |
| local level="$1" | |
| local message="$2" | |
| local timestamp | |
| timestamp=$(date "+%Y-%m-%d %H:%M:%S") | |
| # Format the log message | |
| local formatted_message="[$timestamp] [$level] $message" | |
| # Print to stdout if verbose mode is enabled | |
| if [[ "$VERBOSE" == true || "$level" == "ERROR" ]]; then | |
| echo "$formatted_message" | |
| fi | |
| # Log to file if specified | |
| if [[ -n "$LOG_FILE" ]]; then | |
| echo "$formatted_message" >> "$LOG_FILE" | |
| fi | |
| } | |
| log_info() { | |
| log "INFO" "$1" | |
| } | |
| log_warn() { | |
| log "WARN" "$1" | |
| } | |
| log_error() { | |
| log "ERROR" "$1" | |
| } | |
| log_debug() { | |
| if [[ "$VERBOSE" == true ]]; then | |
| log "DEBUG" "$1" | |
| fi | |
| } | |
| ######################################################################### | |
| # Utility Functions | |
| ######################################################################### | |
| # Check if a command exists | |
| command_exists() { | |
| command -v "$1" >/dev/null 2>&1 | |
| } | |
| # Validate required dependencies | |
| validate_dependencies() { | |
| local missing_deps=false | |
| if ! command_exists curl; then | |
| log_error "Missing dependency: curl" | |
| missing_deps=true | |
| fi | |
| if ! command_exists openssl; then | |
| log_error "Missing dependency: openssl" | |
| missing_deps=true | |
| fi | |
| if [[ "$missing_deps" == true ]]; then | |
| log_error "Please install missing dependencies and try again." | |
| exit 1 | |
| fi | |
| } | |
| # Setup certificate and PEM paths | |
| setup_paths() { | |
| # If the paths weren't explicitly set via arguments | |
| if [[ -z "$DER_CERT" ]]; then | |
| DER_CERT="${CERT_PATH}/burp.cer" | |
| fi | |
| if [[ -z "$PEM_CERT" ]]; then | |
| PEM_CERT="${CERT_PATH}/cert.pem" | |
| fi | |
| # Create cert path if it doesn't exist | |
| if [[ ! -d "$CERT_PATH" ]]; then | |
| log_debug "Creating certificate directory: $CERT_PATH" | |
| mkdir -p "$CERT_PATH" | |
| fi | |
| } | |
| ######################################################################### | |
| # Main Functions | |
| ######################################################################### | |
| # Function to download and convert certificate | |
| setup_certificate() { | |
| log_info "Downloading certificate from $HOST:$PORT..." | |
| if ! curl --silent --show-error "$HOST:$PORT/cert" -o "$DER_CERT" 2>/dev/null; then | |
| log_error "Failed to download certificate from $HOST:$PORT" | |
| return 1 | |
| fi | |
| log_info "Converting certificate to PEM format..." | |
| if ! openssl x509 -inform der -in "$DER_CERT" -out "$PEM_CERT" 2>/dev/null; then | |
| log_error "Certificate conversion failed" | |
| return 1 | |
| fi | |
| log_info "Certificate setup successful" | |
| log_debug "Certificate path: $PEM_CERT" | |
| return 0 | |
| } | |
| # Function to set up proxy environment variables | |
| setup_proxy() { | |
| log_info "Setting up proxy environment variables..." | |
| # Verify certificate exists before setting up proxy | |
| if [[ ! -f "$PEM_CERT" ]]; then | |
| log_warn "Certificate not found at $PEM_CERT. Running certificate setup..." | |
| if ! setup_certificate; then | |
| log_error "Failed to set up certificate. Proxy setup aborted." | |
| return 1 | |
| fi | |
| fi | |
| export HTTP_PROXY="http://$HOST:$PORT" | |
| export HTTPS_PROXY="http://$HOST:$PORT" | |
| export REQUESTS_CA_BUNDLE="$PEM_CERT" | |
| export SSL_CERT_FILE="$PEM_CERT" | |
| log_info "Proxy environment configured successfully" | |
| log_debug "HTTP_PROXY=$HTTP_PROXY" | |
| log_debug "HTTPS_PROXY=$HTTPS_PROXY" | |
| log_debug "REQUESTS_CA_BUNDLE=$REQUESTS_CA_BUNDLE" | |
| log_debug "SSL_CERT_FILE=$SSL_CERT_FILE" | |
| # Create proxy status file for reference | |
| echo "HOST=$HOST" > "$CERT_PATH/proxy_status" | |
| echo "PORT=$PORT" >> "$CERT_PATH/proxy_status" | |
| echo "TIMESTAMP=$(date +%s)" >> "$CERT_PATH/proxy_status" | |
| return 0 | |
| } | |
| # Function to unset proxy environment variables | |
| unset_proxy() { | |
| log_info "Unsetting proxy environment variables..." | |
| unset HTTP_PROXY | |
| unset HTTPS_PROXY | |
| unset REQUESTS_CA_BUNDLE | |
| unset SSL_CERT_FILE | |
| # Remove proxy status file if it exists | |
| if [[ -f "$CERT_PATH/proxy_status" ]]; then | |
| rm -f "$CERT_PATH/proxy_status" | |
| fi | |
| log_info "Proxy environment variables unset successfully" | |
| return 0 | |
| } | |
| # Function to check proxy status | |
| check_status() { | |
| if [[ -f "$CERT_PATH/proxy_status" ]]; then | |
| log_info "Proxy is currently ACTIVE with the following configuration:" | |
| cat "$CERT_PATH/proxy_status" | |
| # Check if certificate file exists | |
| if [[ -f "$PEM_CERT" ]]; then | |
| log_info "Certificate file: $PEM_CERT (exists)" | |
| else | |
| log_warn "Certificate file: $PEM_CERT (missing)" | |
| fi | |
| # Test connectivity to proxy | |
| if curl --silent --connect-timeout 3 -x "$HOST:$PORT" http://example.com >/dev/null 2>&1; then | |
| log_info "Proxy connectivity test: SUCCESS" | |
| else | |
| log_warn "Proxy connectivity test: FAILED - Proxy may be unreachable" | |
| fi | |
| else | |
| log_info "Proxy is currently NOT ACTIVE" | |
| fi | |
| } | |
| # Function to display help information | |
| show_help() { | |
| cat << EOF | |
| Usage: $(basename "$0") [OPTIONS] COMMAND | |
| A utility to manage HTTP/HTTPS proxy configuration for security testing. | |
| Commands: | |
| setup Setup proxy and certificate (default command) | |
| unset Remove proxy environment variables | |
| status Check current proxy status | |
| help Show this help message | |
| Options: | |
| -h, --host HOST Proxy host (default: $HOST) | |
| -p, --port PORT Proxy port (default: $PORT) | |
| -c, --cert-path PATH Path to store certificates (default: $CERT_PATH) | |
| -d, --der FILE Path to save DER certificate | |
| -o, --pem FILE Path to save PEM certificate | |
| -v, --verbose Enable verbose output | |
| -l, --log FILE Log to specified file | |
| --help Display this help message | |
| Examples: | |
| $(basename "$0") setup # Setup with default settings | |
| $(basename "$0") -h 192.168.1.100 -p 8080 setup # Custom host and port | |
| $(basename "$0") unset # Remove proxy configuration | |
| $(basename "$0") status # Check proxy status | |
| $(basename "$0") -v -c /path/to/certs setup # Verbose mode with custom cert path | |
| Environment Variables: | |
| After running setup, the script sets the following environment variables: | |
| - HTTP_PROXY | |
| - HTTPS_PROXY | |
| - REQUESTS_CA_BUNDLE | |
| - SSL_CERT_FILE | |
| These variables affect programs running in the same shell session. | |
| For system-wide configuration, consider modifying your profile files. | |
| Note: This script must be sourced (not executed) to affect the current shell: | |
| source $(basename "$0") setup | |
| . $(basename "$0") setup | |
| EOF | |
| } | |
| # Parse command line arguments | |
| parse_args() { | |
| while [[ $# -gt 0 ]]; do | |
| case "$1" in | |
| -h|--host) | |
| HOST="$2" | |
| shift 2 | |
| ;; | |
| -p|--port) | |
| PORT="$2" | |
| shift 2 | |
| ;; | |
| -c|--cert-path) | |
| CERT_PATH="$2" | |
| shift 2 | |
| ;; | |
| -d|--der) | |
| DER_CERT="$2" | |
| shift 2 | |
| ;; | |
| -o|--pem) | |
| PEM_CERT="$2" | |
| shift 2 | |
| ;; | |
| -v|--verbose) | |
| VERBOSE=true | |
| shift | |
| ;; | |
| -l|--log) | |
| LOG_FILE="$2" | |
| shift 2 | |
| ;; | |
| --help) | |
| show_help | |
| exit 0 | |
| ;; | |
| setup|unset|status|help) | |
| COMMAND="$1" | |
| shift | |
| ;; | |
| *) | |
| log_error "Unknown option: $1" | |
| show_help | |
| exit 1 | |
| ;; | |
| esac | |
| done | |
| } | |
| ######################################################################### | |
| # Main Execution | |
| ######################################################################### | |
| main() { | |
| # Parse command line arguments | |
| parse_args "$@" | |
| # Validate dependencies | |
| validate_dependencies | |
| # Setup paths | |
| setup_paths | |
| # Process command | |
| case "$COMMAND" in | |
| setup) | |
| setup_certificate && setup_proxy | |
| ;; | |
| unset) | |
| unset_proxy | |
| ;; | |
| status) | |
| check_status | |
| ;; | |
| help) | |
| show_help | |
| ;; | |
| *) | |
| log_error "Unknown command: $COMMAND" | |
| show_help | |
| exit 1 | |
| ;; | |
| esac | |
| } | |
| # Main execution | |
| # No direct source detection needed - just run the main function | |
| # This works in both zsh and bash | |
| main "$@" |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment