Get-Proxy settings
Meatballs1 opened this issue · 7 comments
Something along the lines of:
function Get-Proxy {
$reg2 = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey('CurrentUser', $env:COMPUTERNAME)
$regkey2 = $reg2.OpenSubkey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Internet Settings")
$proxy_server $regkey2.GetValue('ProxyServer')
$url = $regkey2.GetValue('AutoConfigURL')
$wpad = (new-object net.webclient).downloadstring($url)
Write-Host $proxy_server
Write-Host $u
Write-Host $wpad
}
Added to the 2.0 branch 90888d5
What is the main difference between the above approach and this one? https://github.com/rapid7/metasploit-framework/blob/master/modules/post/windows/manage/clone_proxy_settings.rb#L111
Should probably look to use a lot of those checks in this, but this one additionally pulls down WPAD and is in powershell ;)
I wasn't actually expecting you to implement these directly, I was thinking of coming back to them at a later date and coding them up :)
It could probably be expanded to check the SYSTEM proxy,and also enumerate the other users on the box to check their proxy settings. Also should go into more depth and check for advanced proxy configuration settings.
Haha, realized PowerView had been neglected the last month or so and kept meaning to get back on a dev track for it anyway :)
If you think any of the implementations could be done better/differently, definitely let me know and/or feel free to submit a pull if desired. They're not meant to be in final form at this point, but wanted to get something started. The proxy enumeration is something we've been meaning to do with Empire anyway, so it'll be good to dive into it. Thoughts on trying to parse the WPAD .pac (no idea how annoying this would be) or just leaving the output in an object?
Depending on how detailed you want to go, this might be of use:
https://www.chromium.org/developers/design-documents/network-stack/proxy-settings-fallback
Thanks Lee! Will hopefully be expanding this soon. Then again you know how our dev cycles tend to go :)