Doxycannon takes a pool of OpenVPN files and creates a Docker container for each one. After a successful VPN connection, each container spawns a SOCKS5 proxy server and binds it to a port on the Docker host. Combined with tools like Burp suite or proxychains, this creates your very own private botnet on the cheap.
- A VPN subscription to a provider that distributes *.ovpn files
- Install the required pip modules:
pip install -r requirements.txt
- Ensure docker is installed and enabled. Refer to the Wiki for installation instructions on Kali/Debian
proxychains4
is required for interactive mode
- Create an
auth.txt
file with your ovpn credentials inVPN
. The format is:username password
- Fill the VPN folder with
*.ovpn
files and ensure that theauth-user-pass
directive in your./VPN/*.ovpn
files saysauth-user-pass auth.txt
- Check out this wiki section for installation instructions for individual VPN providers
- Run
./doxycannon.py --build
to build your image with your OVPN files--build
will need to be run on code changes or when you modify theVPN
folder's contents
note: the way proxychains seeds its PRNG to choose a random proxy is not fast enough to ensure each subsequent request goes out through a different IP. You may get between 1-10 requests being made from the same IP. If this is unacceptable, I merged a patch to the original proxychains repo. Download and build from master to get the fix. https://github.com/haad/proxychains
While your containers are up, you can use proxychains to issue commands through random proxies
proxychains4 -q curl -s ipconfing.io/json
proxychains4 -q hydra -L users.txt -p Winter2018 manager.example.com -t 8 ssh
proxychains4 -q gobuster -w word.list -h http://manager.example.com
Use the --single
flag to bring up your proxies and create a proxy rotator.
hgfs/shared/doxycannon master
❯❯ ./doxycannon.py --single
[+] Writing HAProxy configuration
[*] Image doxyproxy built.
[*] Staring single-port mode...
[*] Proxy rotator listening on port 1337. Ctrl-c to quit
^C
[*] doxyproxy was issued a stop command
[*] Your proxies are still running.
To see what's happening, checkout out the haproxy folder. Essentially, one is building a layer 4 load-balancer between all the VPNs. This will allow you rotate through your proxies from a single port which means you can point your browsers or BURPSuite instances at it and have every request use a different VPN.
If you want to use a specific proxy, give your utility the proper SOCKS port.
Example: To make a request through Japan, use docker ps
and find the local
port to which the Japanese proxy is bound.
Configure your tool to use that port:
curl --socks5 localhost:50xx ipconfig.io/json
Once you've built your image and started your containers, run the utility with
the --interactive
flag to get a bash session where all network traffic is
redirected through proxychains4
./doxycannon.py --interactive
pry0cc for the idea
This was originally a fork of pry0cc's ProxyDock. It's been modified to an extent where less than 1% of the original code remains.
- Allow for management of remote doxycannon installs through the Docker API
- Interactive mode
- Python management script
- Faster Up/Down Container management
- Dispatch server - (will allow GUI applications to use doxycannon)
- Creates a single local proxy server that dispatches through VPNs