From 28fee469e3891fa5e0ad9ff7317d657bfaf9f618 Mon Sep 17 00:00:00 2001
From: tennc <670357+tennc@users.noreply.github.com>
Date: Sun, 15 Aug 2021 16:34:22 +0800
Subject: [PATCH] add proxy.py

tencent cloud scf  with proxy to connect webshell
use :  apiurl/url=hxxp://xxx.xx/xxx.shell
from : https://mp.weixin.qq.com/s/kBSe3rhaIVvtH3uomM-efA
---
 proxy.py | 60 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 60 insertions(+)
 create mode 100644 proxy.py

diff --git a/proxy.py b/proxy.py
new file mode 100644
index 0000000..ea13ab7
--- /dev/null
+++ b/proxy.py
@@ -0,0 +1,60 @@
+#!/usr/bin/env python
+# -*- coding:utf-8 -*-
+import time
+import random
+import requests
+import ssl
+from urllib.parse import unquote
+
+
+#忽略证书校验
+requests.packages.urllib3.disable_warnings()
+try:
+    _create_unverified_https_context = ssl._create_unverified_context
+except AttributeError:
+    pass
+else:
+    ssl._create_default_https_context = _create_unverified_https_context
+
+
+user_agent = ['Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.8.1) Gecko/20061010 Firefox/2.0']
+
+def requests_headers():
+    UA = random.choice(user_agent)
+    headers = {
+        'Accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8',
+        'User-Agent': UA,
+        'X-Forwarded-For': '10.10.{}.{}'.format(str(random.randint(0, 255)), str(random.randint(0, 255))),
+    }
+    return headers
+
+
+
+
+def main_handler(event, context):
+    #url = unquote(event['queryString']['url'])
+url = event['queryString']['url']
+    agrs = event['queryString']
+    for key in agrs.keys():
+        if key != "url":
+            url += "&" +  key + "=" + agrs[key]
+    method = event['httpMethod']
+    headers = requests_headers()
+    #headers = event['headers']
+    timeout = 60
+    try:
+        data = event['body']
+    except:
+        data = None
+    if method == "POST":
+        headers.update({'Content-Type': 'application/x-www-form-urlencoded'})
+        html = requests.post(url=url, headers=headers, timeout=timeout, verify=False, data=data)
+    elif method == "GET":
+        html = requests.get(url=url, headers=headers, timeout=timeout, verify=False, data=data)
+    print(len(html.text))
+    return {
+        "isBase64Encoded": False,
+        "statusCode": html.status_code,
+        "headers": {'Content-Type': 'text/html; charset=utf-8'},
+        "body": html.text
+    }