proxychain4 throws "core dumped" while proxychains3 works fine with StandardNotes.AppImage

AlexClazrey commented 4 years ago

Hello, I'm using proxychains on LinuxMint 19.3. Program Standard-Notes-3.3.1.AppImage is from https://standardnotes.org/ . Proxychains4 built from source will terminate with "Trace/breakpoint trap (core dumped)". Then I install Proxychains3 from apt and that works fine.

I configure proxychains4 with -DDEBUG and get this output:

[proxychains] config file found: /etc/proxychains.conf [proxychains] preloading ./libproxychains4.so DEBUG:init_lib_wrapper called from gcc_init DEBUG:pid[12158]:at_init DEBUG:pid[12158]:wait_data DEBUG:proxy_dns: ON DEBUG:[play] socks5 127.0.0.1:1088 [proxychains] DLL init: proxychains-ng 4.14-git-8-gb8fa2a7 DEBUG:loaded symbol 'connect' real addr 0x7f3c74662730 wrapped addr 0x7f3c74a7b5ef DEBUG:loaded symbol 'sendto' real addr 0x7f3c74662a10 wrapped addr 0x7f3c74a7c057 DEBUG:loaded symbol 'gethostbyname' real addr 0x7f3c741787f0 wrapped addr 0x7f3c74a7bb66 DEBUG:loaded symbol 'getaddrinfo' real addr 0x7f3c7414abc0 wrapped addr 0x7f3c74a7bbd2 DEBUG:loaded symbol 'freeaddrinfo' real addr 0x7f3c7414b880 wrapped addr 0x7f3c74a7bc7f DEBUG:loaded symbol 'gethostbyaddr' real addr 0x7f3c741780f0 wrapped addr 0x7f3c74a7bf43 DEBUG:loaded symbol 'getnameinfo' real addr 0x7f3c74181360 wrapped addr 0x7f3c74a7711a DEBUG:loaded symbol 'close' real addr 0x7f3c74662410 wrapped addr 0x7f3c74a7b502 DEBUG:init_lib_wrapper called from gcc_init DEBUG:pid[12158]:at_init DEBUG:pid[12158]:wait_data DEBUG:proxy_dns: ON DEBUG:[play] socks5 127.0.0.1:1088 [proxychains] DLL init: proxychains-ng 4.14-git-8-gb8fa2a7 DEBUG:loaded symbol 'connect' real addr 0x7f50ce8cb8a0 wrapped addr 0x7f50cefcf5ef DEBUG:loaded symbol 'sendto' real addr 0x7f50ce8cbd90 wrapped addr 0x7f50cefd0057 DEBUG:loaded symbol 'gethostbyname' real addr 0x7f50ce8de7f0 wrapped addr 0x7f50cefcfb66 DEBUG:loaded symbol 'getaddrinfo' real addr 0x7f50ce8b0bc0 wrapped addr 0x7f50cefcfbd2 DEBUG:loaded symbol 'freeaddrinfo' real addr 0x7f50ce8b1880 wrapped addr 0x7f50cefcfc7f DEBUG:loaded symbol 'gethostbyaddr' real addr 0x7f50ce8de0f0 wrapped addr 0x7f50cefcff43 DEBUG:loaded symbol 'getnameinfo' real addr 0x7f50ce8e7360 wrapped addr 0x7f50cefcb11a DEBUG:loaded symbol 'close' real addr 0x7f50ce8b98c0 wrapped addr 0x7f50cefcf502 DEBUG:init_lib_wrapper called from gcc_init DEBUG:pid[12158]:at_init DEBUG:pid[12158]:wait_data DEBUG:proxy_dns: ON DEBUG:[play] socks5 127.0.0.1:1088 [proxychains] DLL init: proxychains-ng 4.14-git-8-gb8fa2a7 DEBUG:loaded symbol 'connect' real addr 0x7fedf8d55730 wrapped addr 0x7fedf95e95ef DEBUG:loaded symbol 'sendto' real addr 0x7fedf8d55a10 wrapped addr 0x7fedf95ea057 DEBUG:loaded symbol 'gethostbyname' real addr 0x7fedf2bf27f0 wrapped addr 0x7fedf95e9b66 DEBUG:loaded symbol 'getaddrinfo' real addr 0x7fedf2bc4bc0 wrapped addr 0x7fedf95e9bd2 DEBUG:loaded symbol 'freeaddrinfo' real addr 0x7fedf2bc5880 wrapped addr 0x7fedf95e9c7f DEBUG:loaded symbol 'gethostbyaddr' real addr 0x7fedf2bf20f0 wrapped addr 0x7fedf95e9f43 DEBUG:loaded symbol 'getnameinfo' real addr 0x7fedf2bfb360 wrapped addr 0x7fedf95e511a DEBUG:loaded symbol 'close' real addr 0x7fedf8d55410 wrapped addr 0x7fedf95e9502 DEBUG:init_lib_wrapper called from gcc_init DEBUG:pid[1]:at_init DEBUG:pid[1]:wait_data DEBUG:proxy_dns: ON DEBUG:[play] socks5 127.0.0.1:1088 [proxychains] DLL init: proxychains-ng 4.14-git-8-gb8fa2a7 DEBUG:loaded symbol 'connect' real addr 0x7fe4c88b7730 wrapped addr 0x7fe4c914b5ef DEBUG:loaded symbol 'sendto' real addr 0x7fe4c88b7a10 wrapped addr 0x7fe4c914c057 DEBUG:loaded symbol 'gethostbyname' real addr 0x7fe4c27547f0 wrapped addr 0x7fe4c914bb66 DEBUG:loaded symbol 'getaddrinfo' real addr 0x7fe4c2726bc0 wrapped addr 0x7fe4c914bbd2 DEBUG:loaded symbol 'freeaddrinfo' real addr 0x7fe4c2727880 wrapped addr 0x7fe4c914bc7f DEBUG:loaded symbol 'gethostbyaddr' real addr 0x7fe4c27540f0 wrapped addr 0x7fe4c914bf43 DEBUG:loaded symbol 'getnameinfo' real addr 0x7fe4c275d360 wrapped addr 0x7fe4c914711a DEBUG:loaded symbol 'close' real addr 0x7fe4c88b7410 wrapped addr 0x7fe4c914b502 Trace/breakpoint trap (core dumped)

Thank you.

rofl0r commented 4 years ago

can you run the same command via gdb so we can get a backtrace? thanks

AlexClazrey commented 4 years ago

It gets SIGTRAP at 0x55555a7556fc, and I think it jumped from 0x55555a7555e6. And that's in a big function, I know very little about reverse engineering. Can you figure out what's happening? Thank you.

Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
DEBUG:init_lib_wrapper called from gcc_init
DEBUG:pid[8895]:at_init
[New Thread 0x7ffff7ff4700 (LWP 8899)]
DEBUG:pid[8895]:wait_data
DEBUG:proxy_dns: ON
DEBUG:[play] socks5 127.0.0.1:1088
[proxychains] DLL init: proxychains-ng 4.14-git-8-gb8fa2a7
DEBUG:loaded symbol 'connect' real addr 0x7ffff7770730  wrapped addr 0x7ffff7b895ef
DEBUG:loaded symbol 'sendto' real addr 0x7ffff7770a10  wrapped addr 0x7ffff7b8a057
DEBUG:loaded symbol 'gethostbyname' real addr 0x7ffff72867f0  wrapped addr 0x7ffff7b89b66
DEBUG:loaded symbol 'getaddrinfo' real addr 0x7ffff7258bc0  wrapped addr 0x7ffff7b89bd2
DEBUG:loaded symbol 'freeaddrinfo' real addr 0x7ffff7259880  wrapped addr 0x7ffff7b89c7f
DEBUG:loaded symbol 'gethostbyaddr' real addr 0x7ffff72860f0  wrapped addr 0x7ffff7b89f43
DEBUG:loaded symbol 'getnameinfo' real addr 0x7ffff728f360  wrapped addr 0x7ffff7b8511a
DEBUG:loaded symbol 'close' real addr 0x7ffff7770410  wrapped addr 0x7ffff7b89502
[Thread 0x7ffff7ff4700 (LWP 8899) exited]
process 8895 is executing new program: /bin/bash
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
DEBUG:init_lib_wrapper called from gcc_init
DEBUG:pid[8895]:at_init
[New Thread 0x7ffff7ff4700 (LWP 8905)]
DEBUG:pid[8895]:wait_data
DEBUG:proxy_dns: ON
DEBUG:[play] socks5 127.0.0.1:1088
[proxychains] DLL init: proxychains-ng 4.14-git-8-gb8fa2a7
DEBUG:loaded symbol 'connect' real addr 0x7ffff74858a0  wrapped addr 0x7ffff7b895ef
DEBUG:loaded symbol 'sendto' real addr 0x7ffff7485d90  wrapped addr 0x7ffff7b8a057
DEBUG:loaded symbol 'gethostbyname' real addr 0x7ffff74987f0  wrapped addr 0x7ffff7b89b66
DEBUG:loaded symbol 'getaddrinfo' real addr 0x7ffff746abc0  wrapped addr 0x7ffff7b89bd2
DEBUG:loaded symbol 'freeaddrinfo' real addr 0x7ffff746b880  wrapped addr 0x7ffff7b89c7f
DEBUG:loaded symbol 'gethostbyaddr' real addr 0x7ffff74980f0  wrapped addr 0x7ffff7b89f43
DEBUG:loaded symbol 'getnameinfo' real addr 0x7ffff74a1360  wrapped addr 0x7ffff7b8511a
DEBUG:loaded symbol 'close' real addr 0x7ffff74738c0  wrapped addr 0x7ffff7b89502
[Thread 0x7ffff7ff4700 (LWP 8905) exited]
process 8895 is executing new program: /tmp/.mount_Standamdwc1s/standard-notes
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
DEBUG:init_lib_wrapper called from gcc_init
DEBUG:pid[8895]:at_init
[New Thread 0x7ffff7ff4700 (LWP 8906)]
DEBUG:pid[8895]:wait_data
DEBUG:proxy_dns: ON
DEBUG:[play] socks5 127.0.0.1:1088
[proxychains] DLL init: proxychains-ng 4.14-git-8-gb8fa2a7
DEBUG:loaded symbol 'connect' real addr 0x7ffff72f5730  wrapped addr 0x7ffff7b895ef
DEBUG:loaded symbol 'sendto' real addr 0x7ffff72f5a10  wrapped addr 0x7ffff7b8a057
DEBUG:loaded symbol 'gethostbyname' real addr 0x7ffff11927f0  wrapped addr 0x7ffff7b89b66
DEBUG:loaded symbol 'getaddrinfo' real addr 0x7ffff1164bc0  wrapped addr 0x7ffff7b89bd2
DEBUG:loaded symbol 'freeaddrinfo' real addr 0x7ffff1165880  wrapped addr 0x7ffff7b89c7f
DEBUG:loaded symbol 'gethostbyaddr' real addr 0x7ffff11920f0  wrapped addr 0x7ffff7b89f43
DEBUG:loaded symbol 'getnameinfo' real addr 0x7ffff119b360  wrapped addr 0x7ffff7b8511a
DEBUG:loaded symbol 'close' real addr 0x7ffff72f5410  wrapped addr 0x7ffff7b89502
[New Thread 0x7fffe8b6a700 (LWP 8907)]
DEBUG:init_lib_wrapper called from gcc_init
DEBUG:pid[1]:at_init
DEBUG:pid[1]:wait_data
DEBUG:proxy_dns: ON
DEBUG:[play] socks5 127.0.0.1:1088
[proxychains] DLL init: proxychains-ng 4.14-git-8-gb8fa2a7
DEBUG:loaded symbol 'connect' real addr 0x7ffff72f5730  wrapped addr 0x7ffff7b895ef
DEBUG:loaded symbol 'sendto' real addr 0x7ffff72f5a10  wrapped addr 0x7ffff7b8a057
DEBUG:loaded symbol 'gethostbyname' real addr 0x7ffff11927f0  wrapped addr 0x7ffff7b89b66
DEBUG:loaded symbol 'getaddrinfo' real addr 0x7ffff1164bc0  wrapped addr 0x7ffff7b89bd2
DEBUG:loaded symbol 'freeaddrinfo' real addr 0x7ffff1165880  wrapped addr 0x7ffff7b89c7f
DEBUG:loaded symbol 'gethostbyaddr' real addr 0x7ffff11920f0  wrapped addr 0x7ffff7b89f43
DEBUG:loaded symbol 'getnameinfo' real addr 0x7ffff119b360  wrapped addr 0x7ffff7b8511a
DEBUG:loaded symbol 'close' real addr 0x7ffff72f5410  wrapped addr 0x7ffff7b89502

Thread 1 "standard-notes" received signal SIGTRAP, Trace/breakpoint trap.
0x000055555a7556fd in ?? ()
(gdb) bt
#0  0x000055555a7556fd in ?? ()
#1  0x00005555590002e0 in ?? ()
#2  0x000055555a75474c in ?? ()
#3  0x000055555a75a4a1 in ?? ()
#4  0x0000555558fffb7c in ?? ()
#5  0x000055555a75addb in ?? ()
#6  0x0000555558ffe191 in ?? ()
#7  0x000055555742527b in ?? ()
#8  0x00007ffff107eb97 in __libc_start_main (main=0x555557425130, argc=1, argv=0x7fffffffd9e8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffffffd9d8) at ../csu/libc-start.c:310
#9  0x000055555742502a in _start ()
(gdb) info r
rax            0x0  0
rbx            0x7fffffffcef0   140737488342768
rcx            0xffffffff   4294967295
rdx            0x0  0
rsi            0x7fffffffccc0   140737488342208
rdi            0x0  0
rbp            0x7fffffffd020   0x7fffffffd020
rsp            0x7fffffffcef0   0x7fffffffcef0
r8             0x0  0
r9             0xffffffff   4294967295
r10            0x0  0
r11            0x0  0
r12            0x2ea7acfc09a0   51297696614816
r13            0x0  0
r14            0x0  0
r15            0x22cd   8909
rip            0x55555a7556fd   0x55555a7556fd
eflags         0x246    [ PF ZF IF ]
cs             0x33 51
ss             0x2b 43
ds             0x0  0
es             0x0  0
fs             0x0  0
gs             0x0  0
(gdb) x/10i 0x00005555590002db
   0x5555590002db:  callq  0x55555a7551e0
   0x5555590002e0:  mov    %eax,%ebx
   0x5555590002e2:  mov    -0x50(%rbp),%rdi
   0x5555590002e6:  test   %rdi,%rdi
   0x5555590002e9:  je     0x5555590002f4
   0x5555590002eb:  mov    %rdi,-0x48(%rbp)
   0x5555590002ef:  callq  0x5555593dcc70 <free>
   0x5555590002f4:  mov    -0x30(%rbp),%rdi
   0x5555590002f8:  test   %rdi,%rdi
   0x5555590002fb:  je     0x555559000306
(gdb) x/300i 0x55555a7551e0
   0x55555a7551e0:  push   %rbp
   0x55555a7551e1:  mov    %rsp,%rbp
   0x55555a7551e4:  push   %r15
   0x55555a7551e6:  push   %r14
   0x55555a7551e8:  push   %r13
   0x55555a7551ea:  push   %r12
   0x55555a7551ec:  push   %rbx
   0x55555a7551ed:  sub    $0x108,%rsp
   0x55555a7551f4:  mov    %rcx,%rbx
   0x55555a7551f7:  mov    %rdx,%r12
   0x55555a7551fa:  mov    %rsi,%r15
   0x55555a7551fd:  mov    %rdi,%r14
   0x55555a755200:  mov    %fs:0x28,%rax
   0x55555a755209:  mov    %rax,-0x30(%rbp)
   0x55555a75520d:  lea    -0xe8(%rbp),%rcx
   0x55555a755214:  mov    $0x1,%edi
   0x55555a755219:  mov    $0x5,%esi
   0x55555a75521e:  xor    %edx,%edx
   0x55555a755220:  callq  0x55555c443370 <socketpair@plt>
   0x55555a755225:  test   %eax,%eax
   0x55555a755227:  jne    0x55555a7556d9
   0x55555a75522d:  mov    -0xe8(%rbp),%edi
   0x55555a755233:  callq  0x5555593e24d0
   0x55555a755238:  test   %al,%al
   0x55555a75523a:  je     0x55555a7556de
   0x55555a755240:  lea    -0xd0(%rbp),%rdi
   0x55555a755247:  callq  0x55555936b5f0
   0x55555a75524c:  lea    -0x90(%rbp),%r13
   0x55555a755253:  mov    -0x90(%rbp),%rdi
   0x55555a75525a:  test   %rdi,%rdi
   0x55555a75525d:  je     0x55555a75527b
   0x55555a75525f:  mov    %rdi,-0x88(%rbp)
   0x55555a755266:  callq  0x5555593dcc70 <free>
   0x55555a75526b:  xorps  %xmm0,%xmm0
   0x55555a75526e:  movups %xmm0,0x0(%r13)
   0x55555a755273:  movq   $0x0,0x10(%r13)
   0x55555a75527b:  movdqu (%rbx),%xmm0
   0x55555a75527f:  movdqu %xmm0,-0x90(%rbp)
   0x55555a755287:  mov    0x10(%rbx),%rcx
   0x55555a75528b:  mov    %rcx,-0x80(%rbp)
   0x55555a75528f:  xorps  %xmm1,%xmm1
   0x55555a755292:  movups %xmm1,(%rbx)
   0x55555a755295:  movq   $0x0,0x10(%rbx)
   0x55555a75529d:  pshufd $0x4e,%xmm0,%xmm0
   0x55555a7552a2:  movq   %xmm0,%rax
   0x55555a7552a7:  cmp    %rcx,%rax
   0x55555a7552aa:  jae    0x55555a7552c5
   0x55555a7552ac:  mov    -0xe4(%rbp),%ecx
   0x55555a7552b2:  mov    %ecx,(%rax)
   0x55555a7552b4:  movl   $0x3,0x4(%rax)
   0x55555a7552bb:  addq   $0x8,-0x88(%rbp)
   0x55555a7552c3:  jmp    0x55555a7552db
   0x55555a7552c5:  lea    -0xe4(%rbp),%rsi
   0x55555a7552cc:  lea    -0x41a3e67(%rip),%rdx        # 0x5555565b146c
   0x55555a7552d3:  mov    %r13,%rdi
   0x55555a7552d6:  callq  0x555557a95720
---Type <return> to continue, or q <return> to quit---
   0x55555a7552db:  movl   $0xffffffff,-0xe0(%rbp)
   0x55555a7552e5:  movb   $0x0,-0xdc(%rbp)
   0x55555a7552ec:  cmpb   $0x0,0xd(%r14)
   0x55555a7552f1:  je     0x55555a755339
   0x55555a7552f3:  callq  0x55555a755bb0
   0x55555a7552f8:  mov    %rax,%rbx
   0x55555a7552fb:  mov    %rax,%rdi
   0x55555a7552fe:  mov    %r15,%rsi
   0x55555a755301:  callq  0x55555a755d00
   0x55555a755306:  lea    -0xd0(%rbp),%rsi
   0x55555a75530d:  lea    -0xe0(%rbp),%rdx
   0x55555a755314:  mov    %rbx,%rdi
   0x55555a755317:  callq  0x55555a755f30
   0x55555a75531c:  mov    %rbx,%rdi
   0x55555a75531f:  callq  0x55555a756460
   0x55555a755324:  test   %rbx,%rbx
   0x55555a755327:  je     0x55555a755339
   0x55555a755329:  mov    %rbx,%rdi
   0x55555a75532c:  callq  0x555557513930
   0x55555a755331:  mov    %rbx,%rdi
   0x55555a755334:  callq  0x5555593dcc70 <free>
   0x55555a755339:  cmpb   $0x0,0xc(%r14)
   0x55555a75533e:  je     0x55555a755358
   0x55555a755340:  lea    -0xd8(%rbp),%rdi
   0x55555a755347:  lea    -0xd0(%rbp),%rdx
   0x55555a75534e:  mov    %r15,%rsi
   0x55555a755351:  callq  0x55555a390c90
   0x55555a755356:  jmp    0x55555a75536e
   0x55555a755358:  lea    -0xd8(%rbp),%rdi
   0x55555a75535f:  lea    -0xd0(%rbp),%rdx
   0x55555a755366:  mov    %r15,%rsi
   0x55555a755369:  callq  0x5555593e34c0
   0x55555a75536e:  lea    -0xd8(%rbp),%rdi
   0x55555a755375:  callq  0x55555787f350
   0x55555a75537a:  test   %al,%al
   0x55555a75537c:  je     0x55555a7556e3
   0x55555a755382:  mov    -0xe0(%rbp),%edi
   0x55555a755388:  cmp    $0xffffffff,%edi
   0x55555a75538b:  je     0x55555a75539c
   0x55555a75538d:  callq  0x555559343700
   0x55555a755392:  movl   $0xffffffff,-0xe0(%rbp)
   0x55555a75539c:  movl   $0xffffffff,-0xe0(%rbp)
   0x55555a7553a6:  mov    -0xe4(%rbp),%edi
   0x55555a7553ac:  callq  0x55555c442270 <close@plt>
   0x55555a7553b1:  mov    (%r12),%edi
   0x55555a7553b5:  cmp    $0xffffffff,%edi
   0x55555a7553b8:  je     0x55555a7553d3
   0x55555a7553ba:  cmp    -0xe8(%rbp),%edi
   0x55555a7553c0:  je     0x55555a755706
   0x55555a7553c6:  callq  0x555559343700
   0x55555a7553cb:  movl   $0xffffffff,(%r12)
   0x55555a7553d3:  mov    -0xe8(%rbp),%eax
   0x55555a7553d9:  mov    %eax,(%r12)
   0x55555a7553dd:  lea    -0xd8(%rbp),%rdi
   0x55555a7553e4:  callq  0x55555787f360 <_ZNK2v88internal12HandlerTable21NumberOfReturnEntriesEv>
   0x55555a7553e9:  mov    %eax,%r15d
---Type <return> to continue, or q <return> to quit---
   0x55555a7553ec:  cmpb   $0x0,0xc(%r14)
   0x55555a7553f1:  jne    0x55555a7553fe
   0x55555a7553f3:  cmpb   $0x0,0xd(%r14)
   0x55555a7553f8:  je     0x55555a755630
   0x55555a7553fe:  mov    %rsp,%r12
   0x55555a755401:  mov    -0xe8(%rbp),%edi
   0x55555a755407:  pxor   %xmm0,%xmm0
   0x55555a75540b:  movdqa %xmm0,-0x110(%rbp)
   0x55555a755413:  movq   $0x0,-0x100(%rbp)
   0x55555a75541e:  lea    -0x40(%rbp),%rsi
   0x55555a755422:  lea    -0x110(%rbp),%rcx
   0x55555a755429:  lea    -0x124(%rbp),%r8
   0x55555a755430:  mov    $0xd,%edx
   0x55555a755435:  callq  0x5555593e2620
   0x55555a75543a:  cmp    $0xc,%rax
   0x55555a75543e:  jne    0x55555a755461
   0x55555a755440:  movabs $0x425f45544f47595a,%rax
   0x55555a75544a:  xor    -0x40(%rbp),%rax
   0x55555a75544e:  mov    -0x38(%rbp),%ecx
   0x55555a755451:  xor    $0x544f4f,%rcx
   0x55555a755458:  or     %rax,%rcx
   0x55555a75545b:  je     0x55555a75569e
   0x55555a755461:  xor    %r13d,%r13d
   0x55555a755464:  mov    -0x110(%rbp),%rbx
   0x55555a75546b:  test   %rbx,%rbx
   0x55555a75546e:  je     0x55555a7554e6
   0x55555a755470:  mov    %r12,-0x120(%rbp)
   0x55555a755477:  mov    %r14,%r12
   0x55555a75547a:  mov    -0x108(%rbp),%r14
   0x55555a755481:  cmp    %rbx,%r14
   0x55555a755484:  je     0x55555a7554cd
   0x55555a755486:  mov    %r15d,-0xec(%rbp)
   0x55555a75548d:  nopl   (%rax)
   0x55555a755490:  cmpb   $0x0,-0x4(%r14)
   0x55555a755495:  jne    0x55555a7556cf
   0x55555a75549b:  lea    -0x8(%r14),%r15
   0x55555a75549f:  mov    -0x8(%r14),%edi
   0x55555a7554a3:  cmp    $0xffffffff,%edi
   0x55555a7554a6:  je     0x55555a7554b5
   0x55555a7554a8:  callq  0x555559343700
   0x55555a7554ad:  movl   $0xffffffff,-0x8(%r14)
   0x55555a7554b5:  mov    %r15,%r14
   0x55555a7554b8:  cmp    %r15,%rbx
   0x55555a7554bb:  jne    0x55555a755490
   0x55555a7554bd:  mov    -0x110(%rbp),%rdi
   0x55555a7554c4:  mov    -0xec(%rbp),%r15d
   0x55555a7554cb:  jmp    0x55555a7554d0
   0x55555a7554cd:  mov    %rbx,%rdi
   0x55555a7554d0:  mov    %rbx,-0x108(%rbp)
   0x55555a7554d7:  callq  0x5555593dcc70 <free>
   0x55555a7554dc:  mov    %r12,%r14
   0x55555a7554df:  mov    -0x120(%rbp),%r12
   0x55555a7554e6:  mov    %r12,%rsp
   0x55555a7554e9:  test   %r13b,%r13b
   0x55555a7554ec:  je     0x55555a7556f2
   0x55555a7554f2:  cmpl   $0x1,-0x124(%rbp)
---Type <return> to continue, or q <return> to quit---
   0x55555a7554f9:  jle    0x55555a7556f7
   0x55555a7554ff:  mov    %rsp,%rbx
   0x55555a755502:  mov    -0xe8(%rbp),%edi
   0x55555a755508:  pxor   %xmm0,%xmm0
   0x55555a75550c:  movdqa %xmm0,-0x110(%rbp)
   0x55555a755514:  movq   $0x0,-0x100(%rbp)
   0x55555a75551f:  lea    -0x40(%rbp),%rsi
   0x55555a755523:  lea    -0x110(%rbp),%rcx
   0x55555a75552a:  lea    -0x114(%rbp),%r8
   0x55555a755531:  mov    $0xb,%edx
   0x55555a755536:  callq  0x5555593e2620
   0x55555a75553b:  cmp    $0xa,%rax
   0x55555a75553f:  jne    0x55555a755560
   0x55555a755541:  movabs $0x4f5f45544f47595a,%rax
   0x55555a75554b:  xor    -0x40(%rbp),%rax
   0x55555a75554f:  movzwl -0x38(%rbp),%ecx
   0x55555a755553:  xor    $0x4b,%rcx
   0x55555a755557:  or     %rax,%rcx
   0x55555a75555a:  je     0x55555a7556b5
   0x55555a755560:  mov    %r14,%r12
   0x55555a755563:  xor    %r13d,%r13d
   0x55555a755566:  mov    -0x110(%rbp),%r14
   0x55555a75556d:  test   %r14,%r14
   0x55555a755570:  je     0x55555a7555e0
   0x55555a755572:  mov    %rbx,-0x120(%rbp)
   0x55555a755579:  mov    -0x108(%rbp),%rbx
   0x55555a755580:  cmp    %r14,%rbx
   0x55555a755583:  je     0x55555a7555ca
   0x55555a755585:  mov    %r15d,-0xec(%rbp)
   0x55555a75558c:  nopl   0x0(%rax)
   0x55555a755590:  cmpb   $0x0,-0x4(%rbx)
   0x55555a755594:  jne    0x55555a7556d4
   0x55555a75559a:  lea    -0x8(%rbx),%r15
   0x55555a75559e:  mov    -0x8(%rbx),%edi
   0x55555a7555a1:  cmp    $0xffffffff,%edi
   0x55555a7555a4:  je     0x55555a7555b2
   0x55555a7555a6:  callq  0x555559343700
   0x55555a7555ab:  movl   $0xffffffff,-0x8(%rbx)
   0x55555a7555b2:  mov    %r15,%rbx
   0x55555a7555b5:  cmp    %r15,%r14
   0x55555a7555b8:  jne    0x55555a755590
   0x55555a7555ba:  mov    -0x110(%rbp),%rdi
   0x55555a7555c1:  mov    -0xec(%rbp),%r15d
   0x55555a7555c8:  jmp    0x55555a7555cd
   0x55555a7555ca:  mov    %r14,%rdi
   0x55555a7555cd:  mov    %r14,-0x108(%rbp)
   0x55555a7555d4:  callq  0x5555593dcc70 <free>
   0x55555a7555d9:  mov    -0x120(%rbp),%rbx
   0x55555a7555e0:  mov    %rbx,%rsp
   0x55555a7555e3:  test   %r13b,%r13b
   0x55555a7555e6:  je     0x55555a7556fc
   0x55555a7555ec:  mov    -0x114(%rbp),%eax
   0x55555a7555f2:  cmp    $0x1,%eax
   0x55555a7555f5:  jle    0x55555a755701
   0x55555a7555fb:  mov    %r12,%r14
   0x55555a7555fe:  cmp    %r15d,%eax
---Type <return> to continue, or q <return> to quit---
   0x55555a755601:  je     0x55555a755630
   0x55555a755603:  lea    -0x128(%rbp),%rbx
   0x55555a75560a:  lea    -0xd8(%rbp),%rsi
   0x55555a755611:  mov    %rbx,%rdi
   0x55555a755614:  callq  0x5555593e5060
   0x55555a755619:  mov    %rbx,%rdi
   0x55555a75561c:  callq  0x5555593e3150
   0x55555a755621:  mov    %rbx,%rdi
   0x55555a755624:  callq  0x5555574252d0 <uv_pipe_pending_instances>
   0x55555a755629:  mov    -0x114(%rbp),%r15d
   0x55555a755630:  mov    %r14,%rdi
   0x55555a755633:  mov    %r15d,%esi
   0x55555a755636:  callq  0x55555a755090
   0x55555a75563b:  lea    -0xd8(%rbp),%rdi
   0x55555a755642:  callq  0x5555574252d0 <uv_pipe_pending_instances>
   0x55555a755647:  cmpb   $0x0,-0xdc(%rbp)
   0x55555a75564e:  jne    0x55555a7556e8
   0x55555a755654:  mov    -0xe0(%rbp),%edi
   0x55555a75565a:  cmp    $0xffffffff,%edi
   0x55555a75565d:  je     0x55555a75566e
   0x55555a75565f:  callq  0x555559343700
   0x55555a755664:  movl   $0xffffffff,-0xe0(%rbp)
   0x55555a75566e:  lea    -0xd0(%rbp),%rdi
   0x55555a755675:  callq  0x55555936b7b0
   0x55555a75567a:  mov    %fs:0x28,%rax
   0x55555a755683:  cmp    -0x30(%rbp),%rax
   0x55555a755687:  jne    0x55555a7556ed
   0x55555a755689:  mov    %r15d,%eax
   0x55555a75568c:  add    $0x108,%rsp
   0x55555a755693:  pop    %rbx
   0x55555a755694:  pop    %r12
   0x55555a755696:  pop    %r13
   0x55555a755698:  pop    %r14
   0x55555a75569a:  pop    %r15
   0x55555a75569c:  pop    %rbp
   0x55555a75569d:  retq   
   0x55555a75569e:  mov    -0x110(%rbp),%rax
   0x55555a7556a5:  cmp    -0x108(%rbp),%rax
   0x55555a7556ac:  sete   %r13b
   0x55555a7556b0:  jmpq   0x55555a755464
   0x55555a7556b5:  mov    %r14,%r12
   0x55555a7556b8:  mov    -0x110(%rbp),%rax
   0x55555a7556bf:  cmp    -0x108(%rbp),%rax
   0x55555a7556c6:  sete   %r13b
   0x55555a7556ca:  jmpq   0x55555a755566
   0x55555a7556cf:  int3   
   0x55555a7556d0:  ud2    
   0x55555a7556d2:  pushq  $0x5
   0x55555a7556d4:  int3   
   0x55555a7556d5:  ud2    
   0x55555a7556d7:  pushq  $0x5
   0x55555a7556d9:  int3   
   0x55555a7556da:  ud2    
   0x55555a7556dc:  pushq  $0x17
   0x55555a7556de:  int3   
   0x55555a7556df:  ud2    
---Type <return> to continue, or q <return> to quit---
   0x55555a7556e1:  pushq  $0x18
   0x55555a7556e3:  int3   
   0x55555a7556e4:  ud2    
   0x55555a7556e6:  pushq  $0x19
   0x55555a7556e8:  int3   
   0x55555a7556e9:  ud2    
   0x55555a7556eb:  pushq  $0x5
   0x55555a7556ed:  callq  0x55555c442180 <__stack_chk_fail@plt>
   0x55555a7556f2:  int3   
   0x55555a7556f3:  ud2    
   0x55555a7556f5:  pushq  $0x1a
   0x55555a7556f7:  int3   
   0x55555a7556f8:  ud2    
   0x55555a7556fa:  pushq  $0x1b
   0x55555a7556fc:  int3   
=> 0x55555a7556fd:  ud2    
   0x55555a7556ff:  pushq  $0x1c
   0x55555a755701:  int3   
   0x55555a755702:  ud2    
   0x55555a755704:  pushq  $0x1d
   0x55555a755706:  callq  0x55555c4421c0 <abort@plt>
   0x55555a75570b:  int3   
   0x55555a75570c:  int3   
   0x55555a75570d:  int3   
   0x55555a75570e:  int3   
   0x55555a75570f:  int3

rofl0r commented 4 years ago

it seems libc malloc detected a double-free or a similar condition and called abort() so the program stops executing rather than causing exploitable memory corruption. why that happens i can't tell exactly but it's probably due to the proxy_dns functionality

walksanatora commented 1 year ago

I also get a Trace/breakpoint trap (core dumped) when i try discord

rofl0r commented 1 year ago

try proxydns_daemon or proxydns_old method

walksanatora commented 1 year ago

after trying proxydns_old (testing by ping google), it fails with

[proxychains] config file found: /etc/proxychains.conf
[proxychains] preloading /usr/lib/libproxychains4.so
[proxychains] DLL init: proxychains-ng 4.16
|DNS-request| google.com 
can't exec proxyresolv: No such file or directory
|DNS-response|: google.com does not exist
err_dns: Success
ping: google.com: Unknown error

and with proxydns_daemon

[proxychains] config file found: /etc/proxychains.conf
[proxychains] preloading /usr/lib/libproxychains4.so
[proxychains] DLL init: proxychains-ng 4.16
PING google.com (224.0.0.1) 56(84) bytes of data.
^C
--- google.com ping statistics ---
78 packets transmitted, 0 received, 100% packet loss, time 78032ms

rofl0r commented 1 year ago

ping command doesnt work with proxychains anyway. it uses ICMP, not TCP.

walksanatora commented 1 year ago

so i should proxychains curl google.com to test

walksanatora commented 1 year ago

yep that works

walksanatora commented 1 year ago

yep it works

walksanatora commented 1 year ago

also quickly created a systemd unit to just autostart the proxychains daemon

rofl0r / proxychains-ng

proxychain4 throws "core dumped" while proxychains3 works fine with StandardNotes.AppImage #320