From e56af3fc6591546de82afcb779ba41ce0f64d458 Mon Sep 17 00:00:00 2001
From: Anthony BALITRAND <anthony.balitrand@airbus.com>
Date: Thu, 16 Dec 2021 11:11:36 +0100
Subject: [PATCH 1/2] Command argument to bypass proxies to reach target URL,
 and use only for DNS callback service provider

---
 log4j-scan.py | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/log4j-scan.py b/log4j-scan.py
index 94f1944..276acee 100755
--- a/log4j-scan.py
+++ b/log4j-scan.py
@@ -113,6 +113,10 @@
                     dest="disable_redirects",
                     help="Disable HTTP redirects. Note: HTTP redirects are useful as it allows the payloads to have higher chance of reaching vulnerable systems.",
                     action='store_true')
+parser.add_argument("--bypass-proxy-for-target-urls", 
+                    dest="bypass_proxy_for_target_urls", 
+                    help="Bypass proxies to send request to target URLs. Use only for DNS callback provider.", 
+                    action='store_true')
 
 args = parser.parse_args()
 
@@ -276,7 +280,7 @@ def scan_url(url, callback_host):
                                  verify=False,
                                  timeout=timeout,
                                  allow_redirects=(not args.disable_redirects),
-                                 proxies=proxies)
+                                 proxies=proxies if not args.bypass_proxy_for_target_urls else None)
             except Exception as e:
                 cprint(f"EXCEPTION: {e}")
 
@@ -291,7 +295,7 @@ def scan_url(url, callback_host):
                                  verify=False,
                                  timeout=timeout,
                                  allow_redirects=(not args.disable_redirects),
-                                 proxies=proxies)
+                                 proxies=proxies if not args.bypass_proxy_for_target_urls else None)
             except Exception as e:
                 cprint(f"EXCEPTION: {e}")
 
@@ -305,7 +309,7 @@ def scan_url(url, callback_host):
                                  verify=False,
                                  timeout=timeout,
                                  allow_redirects=(not args.disable_redirects),
-                                 proxies=proxies)
+                                 proxies=proxies if not args.bypass_proxy_for_target_urls else None)
             except Exception as e:
                 cprint(f"EXCEPTION: {e}")
 

From 825adf1095a68a22a7372db8c5245e0d175d2eb3 Mon Sep 17 00:00:00 2001
From: Anthony BALITRAND <anthony.balitrand@airbus.com>
Date: Thu, 16 Dec 2021 11:21:16 +0100
Subject: [PATCH 2/2] Update README for proxy bypass

---
 README.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/README.md b/README.md
index ef5585e..aebff07 100644
--- a/README.md
+++ b/README.md
@@ -56,6 +56,8 @@ optional arguments:
                         Custom DNS Callback Host.
   --disable-http-redirects
                         Disable HTTP redirects. Note: HTTP redirects are useful as it allows the payloads to have higher chance of reaching vulnerable systems.
+  --bypass-proxy-for-target-urls
+                        Bypass proxies to send request to target URLs. Use only for DNS callback provider.
 ```
 
 ## Scan a Single URL