the proxify not decrypt the body response

[djallalzoldik]

Hi team ,
the proxify not decrypt the response

[MetzinAround]

Hi @djallalzoldik

could you give us some more information?

1. Proxify version
2. Command used
3. Output of command

This will help us better understand your question.

[djallalzoldik]

Yeah;
the latest version: 0.0.12
2- command used => proxify -ha 0.0.0.0:8888 -o logs
3- output

HTTP/1.1 404 Not Found
Connection: close
Content-Length: 648
Accept-Ranges: bytes
Age: 342258
Cache-Control: max-age=604800
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 05 Dec 2023 19:28:31 GMT
Expires: Tue, 12 Dec 2023 19:28:31 GMT
Last-Modified: Fri, 01 Dec 2023 20:24:13 GMT
Server: ECS (dce/268A)
Vary: Accept-Encoding
X-Cache: 404-HIT

??]}TMs? ??Wl?K2#$'i?-i??iii=??P??t?߻B?#7????]x?ﱐ???????)f?c?\3?_?o????m>ť???:(?ʚ[?>?:_?Ei1q?޷
a#(?Yy???:@?????<?%nZc?d?F
_?{Y"
     ???^򆹒7??=A9?#2C???s??3b?0Lyy???ӂ??1v	??9???a??v-??O??
                                                                !???VQ???J6?%0ޒ??\?a???,9|??r0???w¦?̡??S.a????'t?pKx;????
                                        /Q?y??9??E?&?+?2˅??\?-s5fC??.転o????ǡ%???Մ
  _?????I?bB?1??ś?b??p?L`i,??Km4NA?)?É?[???j??t~??QU???D?c??$d??
τ[??f?I$?<1v??!]?O3*n?H???Ht|m:???4t?R1????S???-Z%?#G???!?U
A???x?4???{???A?
                (?|o?

[JoeUser47]

I'm seeing the same type of issue on v0.0.13

proxify -sr

                       _ ___    
   ___  _______ __ __ (_) _/_ __
  / _ \/ __/ _ \\ \ // / _/ // /
 / .__/_/  \___/_\_\/_/_/ \_, / 
/_/                      /___/

		projectdiscovery.io

[INF] Current proxify version v0.0.13 (latest)
[INF] HTTP Proxy Listening on 127.0.0.1:8888
[INF] Saving proxify logs to proxify_logs.jsonl
[INF] Saving proxify logs (raw) to proxify_logs

In firefox, with proxify certificate imported, proxy set to proxify with foxyproxy addon, browse to https://github.com/projectdiscovery/proxify

Review the logs and see body is encoded or encrypted and not human readable.

Request info and Response headers display fine:

GET /projectdiscovery/proxify HTTP/1.1
Host: github.com
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.5
Connection: close
Cookie: _blah_perferred_color_mode=dark; tz=America%2FChicago
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0

TTP/1.1 200 OK
Connection: close
Content-Length: 65222
Accept-Ranges: bytes
Cache-Control: max-age=0, private, must-revalidate
Content-Encoding: gzip
Content-Security-Policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.
github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com api.githubcopilot.com objects-origin.githubusercontent.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
Content-Type: text/html; charset=utf-8
Date: Mon, 11 Mar 2024 14:17:10 GMT
Etag: W/"76552c17a62df052c3aea7c2cb73b66b"
Referrer-Policy: no-referrer-when-downgrade
Server: GitHub.com
Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
X-Content-Type-Options: nosniff
X-Frame-Options: deny
X-Github-Request-Id: C146:7994:8A00:C38C:65EF126D
X-Xss-Protection: 0

^_<8B>^H^@^@^@^@^@^B^C<D4>[[oܸ^U~ϯP<F5><BC><F4><E8>.1<88>^M^T<BD><ED>[^W<E8><BE>^TE!<F0>r8<C3>X^R<B5>$<E5>xR<F4><BF><F7>P<D2><D8>c<C3>N<<9C>Eaˁ<9D><E1>P<D4><E1>w.<^W<92><FE><F0>a<FE><F7><E9>^O^?<FE><FB><9F>~<FD><E7>/^?<89>^N<BE><EF><AE>>|
^_^_<A2><A8>c<C3><FE>2<86>!<C6>6<FE>H<E6>^Y^Q<A6>3<96><F4>F<C2>e<CC>&o⥻<D3><FB><83>'<FE>^@=<F6><CF>_<D6>^G<92><D9><EB>S^?h<C7>'B,M<8F><<84>^M<BA>g^^$<C1><8F>=<B8><CB><D8>^]<9D><87>>>ESC<D2><E9><E1><9A>L<83>^D<8B><AD>0<C4><DB>      ^B<95><AB>^Y{^T}:^@<93>W<D8><C0>f^O<9E>E<E2><C0><AC>^C^?^YO^<91>&^N<8F>>^E*<91><85>^NA^L<8E><8C>^V^Txq<88><A3>^C<B6>.<E3><83><F7><A3><FB><B8><DB><ED><B5>?L<FC>b<F9>`^N<89><B8

( truncated)

[ehsandeep]

@djallalzoldik @JoeUser47 should be fixed in latest release - https://github.com/projectdiscovery/proxify/releases/tag/v0.0.15

[tarunKoyalwar]

• seems like proxify is missing some encodings ( + those are shown in jsonl but not yaml multidoc )
  

Steps to reproduce

• proxify traffic ( yaml or/and jsonl )
• visit proxify github repo
• some body encoding are still encoded while others are not

Implementation Notes

• we use response chain from utils across all projects which handles normalization and decodes response body https://github.com/projectdiscovery/utils/blob/main/http/normalization.go