Sprocket-Security / gigaproxy

One proxy to rule them all
https://www.sprocketsecurity.com/resources/gigaproxy
96 stars 7 forks source link

Visiting various sites gives 502 bad gateway #2

Closed vysecurity closed 1 month ago

vysecurity commented 1 month ago

Various sites such as www.google.com is giving me 502 bad gateway...?

HTTP/2.0 502 Bad Gateway 36b
Nishantbhagat57 commented 1 month ago

+1 Screenshot 2024-07-16 171217

puzzlepeaches commented 1 month ago

@vysecurity, is this on all requests for you, or is it just intermittent?

If you could run the project with mitmproxy instead of mitmdump and provide a request/response pair for a 502 response, that would be useful for troubleshooting.

Nishantbhagat57 commented 1 month ago

@vysecurity, is this on all requests for you, or is it just intermittent?

For me it only works with http:// sites, it gives cert errors on https:// sites

Screenshot 2024-07-16 174556 Screenshot 2024-07-16 174825

puzzlepeaches commented 1 month ago

@vysecurity, is this on all requests for you, or is it just intermittent?

For me it only works with http:// sites, it gives cert errors on https:// sites

Screenshot 2024-07-16 174556

Did you properly install the certificates for mitmproxy before running? @Nishantbhagat57 MIght want to split this into a seperate issue, your problem looks potentially unrelated to @vysecurity 's.

vysecurity commented 1 month ago

I reckon it's to do with anti domain fronting with SNI. For example Google and cloud front has those in place so the proxy doesn't know how to correct it?

But "all requests" is the answer.

Nishantbhagat57 commented 1 month ago

Did you properly install the certificates for mitmproxy before running? @Nishantbhagat57 MIght want to split this into a seperate issue, your problem looks potentially unrelated to @vysecurity 's.

Screenshot 2024-07-16 175042

vysecurity commented 1 month ago

The first issue and screenshot he posted looks like the issue I have. Otherscreenshots not sure.

puzzlepeaches commented 1 month ago

I reckon it's to do with anti domain fronting with SNI. For example Google and cloud front has those in place so the proxy doesn't know how to correct it?

But "all requests" is the answer.

Looking fine on my end. Can you share a screenshot similar to the following, so I can see more details on the response being sent? CleanShot 2024-07-16 at 07 23 52@2x

@vysecurity check X DMs

Nishantbhagat57 commented 1 month ago

@puzzlepeaches These two issues seem to be linked in some way.

Steps to Reproduce: 1) On your vps: mitmdump -s gigaproxy.py --set auth_token="auth_token" --set proxy_endpoint="https://xyz.amazonaws.com/v1/gigaproxy-forwarder-function" --set block_global=false --listen-host 0.0.0.0 --listen-port 8888

block_global=false allows you to access the proxy using the server's public IP.

2) On your local machine, use genlogin to create a new browser with the proxy set to http://server_public_ip:8888 3) Try to access http://getip.pro/ It will work without any issues. However, when you try to access https://getip.pro/ you will receive the following error: {"message": "Internal server error"}. Also check mitmdump logs: << HTTP/2.0 502 Bad Gateway 36b

Hogman-the-Intruder commented 1 month ago

Hi @Nishantbhagat57

You mentioned you're running the mitmdump utility on a VPS. Which provider are you using?

Nishantbhagat57 commented 1 month ago

Hi @Nishantbhagat57

You mentioned you're running the mitmdump utility on a VPS. Which provider are you using?

Netcup - dedicated root server

Hogman-the-Intruder commented 1 month ago

Not able to repro if running mitmproxy locally on my Windows 10 desktop. I'll try running mitmproxy on an EC2 instance and see if the same issue pops up

image

Hogman-the-Intruder commented 1 month ago

Wait a second. @Nishantbhagat57 in your first screenshot, can you take another screenshot but with the full output? I think I see at least one of the problems.

The one in this comment -> https://github.com/Sprocket-Security/gigaproxy/issues/2#issuecomment-2230730060

Nevermind, I thought I was able to repro this when running mitmproxy on a fresh Ubuntu 22.04 in AWS, but it's working as expected on my end.

@Nishantbhagat57 I would recommend trying to run mitmproxy locally or on another netcup instance (or another provider) to see if that solves the problem. When was that instance last updated as well? I see an unexpected OpenSSL "no such file or directory" error in one of the screenshots you posted: gigaproxy-testing1

Here's the output from my own tests:

(Terminal session on Ubuntu box in AWS) Capture

(Output from local Powershell session utilizing proxy connection to AWS Ubuntu box) image

puzzlepeaches commented 1 month ago

The issue was resolved outside of this thread. @Nishantbhagat57, please create a separate issue if you would like to perform further troubleshooting.

HexHunter01 commented 1 month ago

Hi! I have the same issue. I followed the instructions and installed all certificates Tried on the following systems: 1) WSL with kali 2) VPS with Ubuntu 24.04

On the linux servers, I accessed the proxy via proxychains4. I also installed certificates in firefox and to host system of WSL.

The proxy behavior is quite strange (google isn't the only exception): Screenshot_4

More interesting is this situation: in the first two screenshots, the request is made to twitch from browser, and in the next two via proxychains4 from the server. 1 2


3 4

This is what happens when I try to access facebook.com from firefox:

image

Tried running it through python:

import requests

r = requests.get('https://github.com')
print(r.text)

But I get the error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate.

Although certificates are added to the correct directory: DefaultVerifyPaths(cafile='/usr/lib/ssl/cert.pem', capath='/usr/lib/ssl/certs', openssl_cafile_env='SSL_CERT_FILE', openssl_cafile='/usr/lib/ssl/cert. pem', openssl_capath_env='SSL_CERT_DIR', openssl_capath='/usr/lib/ssl/certs') and updated via update-ca-certificates.

It is worth noting that there are no problems with http.