Security News
Supply Chain Attack Detected in Solana's web3.js Library
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
AllProxy is similar to Fiddler and Charles, but in addition to HTTP(S), it also can captures SQL, gRPC, MongoDB, Redis, Memcached, TCP, and log messages.
Features:
Version 10 or higher is required. Use nvm to install the appropriate node version.
The AllProxy may be install from either NPM or GitHub.
$ npm install -g allproxy
$ cd ~/git/allproxy
allproxy$ npm install
The AllProxy server is started using either the NPM installed allproxy script or using npm start, depending on how it was installed.
$ allproxy
Listening on http: 8888
Open browser to http://localhost:8888/allproxy
Listening on https: 9999
allproxy$ npm start
Listening on http: 8888
Open browser to http://localhost:8888/allproxy
Listening on https: 9999
The allproxy-ca is used to install the CA certificate in your browser so it is trusted.
The ca.pem location:
You may need to manually install the AllProxy ca.pem. These online how tos many help:
$ allproxy-ca
$ cd ~/git/allproxy/bin
bin$ ./allproxy-ca
Enter http://localhost:8888/allproxy in browser.
To capture HTTP and HTTPS messages, configure your browser to proxy HTTP/HTTPS messages to the AllProxy. The default is to proxy HTTP messages to port 8888, and HTTPS messages to port 9999. This is how Firefox can be configured to proxy HTTP and HTTPS messages.
For chrome and chromium you can set the browser proxy using environment variables http_proxy and https_proxy.
$ http_proxy=http://localhost:8888 https_proxy://9999 chromium-browser
Chrome has some extensions that make it easy to configure an http and https proxy:
This section gives example on how to configure the AllProxy. Clicking the settings icon in the upper right corner opens the Setting modal.
Both a forward and reverse proxy is supported for HTTP/HTTPS messages. Your browser must be configured to proxy HTTP/HTTPS messages to the forward proxy. See Configure Browser Proxy for more information on configuring your browser.
The reverse proxy can be used to transparently capture HTTP/HTTPS messages sent by backend services. The backend service is configured to send the HTTP/HTTPS messages to the AllProxy. For example, a -search- microservice could be configured to send Elasticsearch messages to the AllProxy by setting environment variables.
Example -search- microservice configuration:
ELASTIC_HOST=elasticsearch
ELASTIC_PORT=9200
Modified -search- micorservice configuration:
ELASTIC_HOST=allproxy # allproxy is the docker container host name
ELASTIC_PORT=8888 # allproxy HTTP port is 8888. Use 9999 for HTTPS.
An HTTP path is added to proxy HTTP requests to the elasticsearch host. All HTTP requests matching path /_search are proxied to the elasticsearch host on port 9200.
The SQL proxy can transparently capture SQL messages sent by backend microservices to a MySQL server.
Example microservice config file:
MYSQL_HOST=mysql
MYSQL_PORT=3306
Modified microservice config file:
MYSQL_HOST=allproxy # Proxy queries to the AllProxy
MYSQL_PORT=3306
The AllProxy is configured to proxy MySQL requests to the MySQL server:
The gRPC proxy can transparently capture gRPC HTTP/2 messages sent to backend microservices. Only unsecure connections are supported. Secure TLS support may be added in the future.
Example gRPC microservice config file:
GRPC_HOST=grpchost # gRPC host name
GRPC_PORT=12345 # gRPC port number
Modified gRPC microservice config file:
GRPC_HOST=allproxy # Proxy gRPC requests to the AllProxy
GRPC_PORT=12345
The AllProxy is configured to proxy gRPC requests to a microservice:
The MongoDB proxy can transparently capture MongoDB messages sent by backend microservices.
Example MongoDB microservice config file:
MONGO_HOST=mongodb # MongoDB host name
MONGO_PORT=27017 # MongoDB port number
Modified MongoDB microservice config file:
MONGO_HOST=allproxy # Proxy MongoDB requests to the AllProxy
MONGO_PORT=27017
The AllProxy is configured to proxy MongoDB requests to a microservice:
The Redis proxy can transparently capture Redis messages sent by backend microservices.
Example Redis microservice config file:
REDIS_HOST=redis # Redis host name
REDIS_PORT=6379 # Redis port number
Modified Redis microservice config file:
REDIS_HOST=allproxy # Proxy Redis requests to the AllProxy
REDIS_PORT=6379
The AllProxy is configured to proxy Redis requests to a microservice:
The TCP proxy can transparently capture TCP request/response messages sent by backend microservices. For example, the TCP proxy can be used to capture memcached messages.
Example Memcached microservice config file:
MEMCACHED_HOST=memcached # Memcached host name
MEMCACHED_PORT=11211 # Memcached port number
Modified Memcached microservice config file:
MEMCACHED_HOST=allproxy # Proxy Memcached requests to the AllProxy
MEMCACHED_PORT=11211
The AllProxy is configured to proxy Memcached requests to a microservice:
The Docker log proxy can capture log messages.
The AllProxy is configured to capture Dockers log messages:
The AllProxy dashboard is stated from the browser with URL http://localhost:8888/allproxy.
The recording of messages can be temporarily stopped, to allow time to examine the messages without the log wrapping.
Filtering allows you to find messages matching a search filter, and hide other messages. The entire message is search for a match. The filter may be case insensitive, case sensitive, a logical expression, or a regular expression.
Types of filters:
Boolean filters can use &&, ||, !, and parenthesis.
To resend an HTTP or HTTPS request, click on the icon next to the request to open a modal. Optionally modify the request body, and then click the send button. If the dashboard is not paused, the resent request should appear at the bottom of the dashboard request log.
Clicking on the camera icon will take a snapshot of the currently captured messages, and create a new snapshot tab. A snapshot tab may be exported to a file, and later imported again.
Multiple Dashboard instances can be opened in separate browser tabs, and all of the open Dashboards will record messages.
Each Dashboard instance keeps its own copy of the messages, so clearing or stopping recording in one Dashboard instance, does not affect another other Dashboard instances.
Certificates are managed by the node-http-mitm-proxy package.
Generated certificates are stored in allproxy/.http-mitm-proxy/certs/. Import allproxy/ca.pem to your browser to trust all AllProxy generated certificates.
The allproxy-ca script can be used to install the CA certificate on MacOS and Linux.
For Windows, execute the allproxy-ca script to get the path of the CA certificate, and manually import it to your browser.
Usage: allproxy [--listen [host:]port] [--listenHttps [host:]port]
Options:
--listen - listen for incoming http connections. Default is 8888.
--listenHttps - listen for incoming https connections.
Example: allproxy --listen 8888 --listenHttps 9999
This code is licensed under the MIT License.
FAQs
AllProxy: MITM HTTP Debugging Tool.
The npm package allproxy receives a total of 301 weekly downloads. As such, allproxy popularity was classified as not popular.
We found that allproxy demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
A supply chain attack has been detected in versions 1.95.6 and 1.95.7 of the popular @solana/web3.js library.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.