Open abazzalo opened 1 month ago
Hi, firstly thanks for the coffees! :D
Out of interest what happens when you don't use sudo? There shouldn't be a need to use sudo when using proxychains, because it can't use SYN scanning. The --proxychains argument should force nmap scans run through AutoRecon to full TCP scans.
Anytime man, you deserve it! ;)
Did not know that proxychains can't use SYN scanning. Usually I don't use sudo, but since I've missed a couple of udp ports in the past I started adding it to the command. TBH I think I've tried it all regarding adding and switching commands/flags/switches but I'll will give it a try again without sudo since also as you mentioned, it won't benefit me either as you pointed out and fingers crossed adding sudo was when the issues started.
I wish there was a way to debug it. Off the top of my head I was thinking proxying the calls or similar, but proxying proxychains mm. It sounds like a bad idea to me hah 🤣
Ty!!
I should probably note that as far as I'm aware proxychains doesn't support SYN scanning, at least I know it can't when you're using a SOCKS proxy, because SOCKS doesn't support it.
That's why I'm thinking it's something that sudo is doing, especially because your raw nmap example doesn't use it.
I'm indeed using SOCKS. Got it, makes sense, will try using chisel without socks or ssh and let you know the outcome, thx again!
Hi,
I used to use both without problems at least some weeks ago.
I used to use it only by typing "proxychains autorecon ....." (no flag --proxychains)
However now, it's not working with or with flags, using sudo, from root, etc. It seems like autorecon it's just omitting proxychains.
I'm using the latest version probably after an upgrade.
1) Autorecon Example: `└─$ proxychains sudo /home/kali/.local/pipx/venvs/autorecon/bin/autorecon --proxychains 127.0.0.1 -vv --exclude-tags="dirbuster"
[proxychains] config file found: /etc/proxychains.conf [proxychains] preloading /usr/lib/x86_64-linux-gnu/libproxychains.so.4 [] Scanning target 127.0.0.1 [] Port scan Top TCP Ports (top-tcp-ports) running against 127.0.0.1 [] Port scan Top TCP Ports (top-tcp-ports) is running the following command against 127.0.0.1: nmap -vv --reason -Pn -T4 -sT -sV -sC --version-all -oN "/home/kali/Documents/PEN-200/challenge_labs/relia/246/autorecon/results/127.0.0.1/scans/_quick_tcp_nmap.txt" -oX "/home/kali/Documents/PEN-200/challenge_labs/relia/246/autorecon/results/127.0.0.1/scans/xml/_quick_tcp_nmap.xml" 127.0.0.1 [] Port scan All TCP Ports (all-tcp-ports) running against 127.0.0.1 [] Port scan All TCP Ports (all-tcp-ports) is running the following command against 127.0.0.1: nmap -vv --reason -Pn -T4 -sT -sV -sC --version-all -p- -oN "/home/kali/Documents/PEN-200/challenge_labs/relia/246/autorecon/results/127.0.0.1/scans/_full_tcp_nmap.txt" -oX "/home/kali/Documents/PEN-200/challenge_labs/relia/246/autorecon/results/127.0.0.1/scans/xml/_full_tcp_nmap.xml" 127.0.0.1 [] [127.0.0.1/all-tcp-ports] Discovered open port tcp/80 on 127.0.0.1 [] [127.0.0.1/all-tcp-ports] Discovered open port tcp/1080 on 127.0.0.1 [] [127.0.0.1/all-tcp-ports] Discovered open port tcp/40800 on 127.0.0.1 child process pid 129191 exit status already read: will report returncode 255 child process pid 129190 exit status already read: will report returncode 255 ` Those are the ports open on my own machine. I got the same result without using proxychains
2) Nmap Example: ` proxychains nmap 127.0.0.1 [...] [proxychains] Strict chain ... 127.0.0.1:1080 ... 127.0.0.1:3031 <--socket error or timeout! [...] Nmap scan report for localhost (127.0.0.1)
Host is up (0.091s latency).
Not shown: 996 closed tcp ports (conn-refused)
PORT STATE SERVICE
80/tcp open http
443/tcp open https
2222/tcp open EtherNetIP-1
8000/tcp open http-alt
Nmap done: 1 IP address (1 host up) scanned in 91.18 seconds`
Could you please help me? It's driving me nuts.
Thanks in advance! Awesome tool :)