rofl0r
commented
3 years ago the answer is in your output:
DEBUG:pid[1597142]:HTTP proxy blocked: buff="HTTP/1.0 403 Forbidden
Closed hongyi-zhao closed 3 years ago
rofl0r
commented
3 years ago the answer is in your output:
DEBUG:pid[1597142]:HTTP proxy blocked: buff="HTTP/1.0 403 Forbidden
hongyi-zhao
commented
3 years ago Why does this happen? I can't figure out the reason. In fact, the HTTP proxy is converted by delegate from an upstream socks5 proxy running on my host:
$ dg.exe -P8080 SERVER=http -v ADMIN=hongyi.zhao@gmai.com SOCKS=127.0.0.1:18889
Based on the CURL test, the HTTP proxy itself works fine:
werner@X10DAi:~$ curl -I -x http://127.0.0.1:8080 https://www.google.com
HTTP/1.1 200 Connection established.
Proxy-Connection: close
Proxy-Agent: DeleGate/9.9.13
HTTP/2 200
content-type: text/html; charset=ISO-8859-1
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Thu, 18 Mar 2021 03:45:52 GMT
server: gws
x-xss-protection: 0
x-frame-options: SAMEORIGIN
expires: Thu, 18 Mar 2021 03:45:52 GMT
cache-control: private
set-cookie: 1P_JAR=2021-03-18-03; expires=Sat, 17-Apr-2021 03:45:52 GMT; path=/; domain=.google.com; Secure
set-cookie: NID=211=P4ndN5ewMOvpPEAmiKOpy62g0pjijOLg5Skmr0QITrVnb0Xf87qqbl-DYew2fZo3ydkGROkXo0AYoCp8S9jiJ7ic_tuVfds8UHokXjDBVE6OolmRur7hw1u3dTYq5c0xXtp5pVautM3DCpcN31iASdwN0Er_-I713LHnhLwme_0; expires=Fri, 17-Sep-2021 03:45:52 GMT; path=/; domain=.google.com; HttpOnly
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
proxy may refuse http 1.0. try to change line
247 src/core.c "CONNECT %s:%d HTTP/1.0\r\nHost: %s:%d\r\n%s%s%s\r\n",
to ....HTTP/1.1....
hongyi-zhao
commented
3 years ago Still fails:
werner@X10DAi:~/Public/repo/github.com/rofl0r$ proxychains4 -q -f proxychains-ng-http.conf telnet news.rusnet.ru 119
DEBUG:pid[1438208]:init_lib_wrapper called from gcc_init
DEBUG:pid[1438208]:get_chain_data()
DEBUG:pid[1438208]:proxy_dns: daemon
DEBUG:pid[1438208]:[play] http 127.0.0.1:8080
DEBUG:pid[1438208]:loaded symbol 'connect' real addr 0x7ffa2892f2f0 wrapped addr 0x7ffa28c1c247
DEBUG:pid[1438208]:loaded symbol 'sendto' real addr 0x7ffa2892f7d0 wrapped addr 0x7ffa28c1cf43
DEBUG:pid[1438208]:loaded symbol 'gethostbyname' real addr 0x7ffa2893f6a0 wrapped addr 0x7ffa28c1c9ef
DEBUG:pid[1438208]:loaded symbol 'getaddrinfo' real addr 0x7ffa28914fb0 wrapped addr 0x7ffa28c1ca82
DEBUG:pid[1438208]:loaded symbol 'freeaddrinfo' real addr 0x7ffa28915c80 wrapped addr 0x7ffa28c1cb48
DEBUG:pid[1438208]:loaded symbol 'gethostbyaddr' real addr 0x7ffa2893ef30 wrapped addr 0x7ffa28c1ce1a
DEBUG:pid[1438208]:loaded symbol 'getnameinfo' real addr 0x7ffa28948340 wrapped addr 0x7ffa28c16f09
DEBUG:pid[1438208]:loaded symbol 'close' real addr 0x7ffa2891d970 wrapped addr 0x7ffa28c1c12e
DEBUG:pid[1438208]:gethostbyname: X10DAi
DEBUG:pid[1438208]:proxy_gethostbyname()
DEBUG:pid[1438208]:return hostent space
DEBUG:pid[1438208]:getaddrinfo: news.rusnet.ru 119
DEBUG:pid[1438208]:proxy_getaddrinfo node:news.rusnet.ru service: 119, flags: 4
DEBUG:pid[1438208]:getaddrinfo: news.rusnet.ru 119
DEBUG:pid[1438208]:proxy_getaddrinfo node:news.rusnet.ru service: 119, flags: 2
DEBUG:pid[1438208]:proxy_gethostbyname()
DEBUG:pid[1438208]:sendto()
DEBUG:pid[1438208]:return hostent space
DEBUG:pid[1438208]:mygetservbyname_r()
DEBUG:pid[1438208]:using host getservbyname_r
DEBUG:pid[1438208]:pc_getnameinfo()
Trying 224.0.0.82...
DEBUG:pid[1438208]:connect()
DEBUG:pid[1438208]:target: 224.0.0.82
DEBUG:pid[1438208]:port: 119
DEBUG:pid[1438208]:connect_proxy_chain()
DEBUG:pid[1438208]:[play] http 127.0.0.1:8080
DEBUG:pid[1438208]:timed_connect()
DEBUG:pid[1438208]:
connect ret=-1
DEBUG:pid[1438208]:
poll ret=1
DEBUG:pid[1438208]:
value=0
DEBUG:pid[1438208]:chain_step()
DEBUG:pid[1438208]:sendto()
DEBUG:pid[1438208]:tunnel_to()
DEBUG:pid[1438208]:sendto()
DEBUG:pid[1438208]:host dns news.rusnet.ru
DEBUG:pid[1438208]:HTTP proxy blocked: buff="HTTP/1.1 403 Forbidden
Date: Thu, 18 Mar 2021 04:22:45 GMT
Server: DeleGate/9.9.13
DeleGate-Ver: 9.9.13 (delay=0)
MIME-Version: 1.0
Content-Type: text/html
Content-Length: 1776
Connection: keep-alive, timeout=60, maxreq=60
��(�"
telnet: Unable to connect to remote host: Connection refused
DEBUG:pid[1438208]:freeaddrinfo 0x55b535f66530
DEBUG:pid[1438208]:proxy_freeaddrinfo()
werner@X10DAi:~/Public/repo/github.com/rofl0r$ proxychains4 -q -f proxychains-ng-http.conf telnet news.rusnet.ru 119
DEBUG:pid[1439612]:init_lib_wrapper called from gcc_init
DEBUG:pid[1439612]:get_chain_data()
DEBUG:pid[1439612]:proxy_dns: daemon
DEBUG:pid[1439612]:[play] http 127.0.0.1:8080
DEBUG:pid[1439612]:loaded symbol 'connect' real addr 0x7f3b161032f0 wrapped addr 0x7f3b163f0247
DEBUG:pid[1439612]:loaded symbol 'sendto' real addr 0x7f3b161037d0 wrapped addr 0x7f3b163f0f43
DEBUG:pid[1439612]:loaded symbol 'gethostbyname' real addr 0x7f3b161136a0 wrapped addr 0x7f3b163f09ef
DEBUG:pid[1439612]:loaded symbol 'getaddrinfo' real addr 0x7f3b160e8fb0 wrapped addr 0x7f3b163f0a82
DEBUG:pid[1439612]:loaded symbol 'freeaddrinfo' real addr 0x7f3b160e9c80 wrapped addr 0x7f3b163f0b48
DEBUG:pid[1439612]:loaded symbol 'gethostbyaddr' real addr 0x7f3b16112f30 wrapped addr 0x7f3b163f0e1a
DEBUG:pid[1439612]:loaded symbol 'getnameinfo' real addr 0x7f3b1611c340 wrapped addr 0x7f3b163eaf09
DEBUG:pid[1439612]:loaded symbol 'close' real addr 0x7f3b160f1970 wrapped addr 0x7f3b163f012e
DEBUG:pid[1439612]:gethostbyname: X10DAi
DEBUG:pid[1439612]:proxy_gethostbyname()
DEBUG:pid[1439612]:return hostent space
DEBUG:pid[1439612]:getaddrinfo: news.rusnet.ru 119
DEBUG:pid[1439612]:proxy_getaddrinfo node:news.rusnet.ru service: 119, flags: 4
DEBUG:pid[1439612]:getaddrinfo: news.rusnet.ru 119
DEBUG:pid[1439612]:proxy_getaddrinfo node:news.rusnet.ru service: 119, flags: 2
DEBUG:pid[1439612]:proxy_gethostbyname()
DEBUG:pid[1439612]:sendto()
DEBUG:pid[1439612]:return hostent space
DEBUG:pid[1439612]:mygetservbyname_r()
DEBUG:pid[1439612]:using host getservbyname_r
DEBUG:pid[1439612]:pc_getnameinfo()
Trying 224.0.0.82...
DEBUG:pid[1439612]:connect()
DEBUG:pid[1439612]:target: 224.0.0.82
DEBUG:pid[1439612]:port: 119
DEBUG:pid[1439612]:connect_proxy_chain()
DEBUG:pid[1439612]:[play] http 127.0.0.1:8080
DEBUG:pid[1439612]:timed_connect()
DEBUG:pid[1439612]:
connect ret=-1
DEBUG:pid[1439612]:
poll ret=1
DEBUG:pid[1439612]:
value=0
DEBUG:pid[1439612]:chain_step()
DEBUG:pid[1439612]:sendto()
DEBUG:pid[1439612]:tunnel_to()
DEBUG:pid[1439612]:sendto()
DEBUG:pid[1439612]:host dns news.rusnet.ru
telnet: Unable to connect to remote host: Connection refused
DEBUG:pid[1439612]:freeaddrinfo 0x55abda4d8560
DEBUG:pid[1439612]:proxy_freeaddrinfo()
werner@X10DAi:~/Public/repo/github.com/rofl0r$
I tried to test it with curl but still encounter the same error:
werner@X10DAi:~$ curl -vIx http://127.0.0.1:8080 telnet://news.rusnet.ru:119
* Trying 127.0.0.1:8080...
* TCP_NODELAY set
* Connected to 127.0.0.1 (127.0.0.1) port 8080 (#0)
* allocate connect buffer!
* Establish HTTP proxy tunnel to news.rusnet.ru:119
> CONNECT news.rusnet.ru:119 HTTP/1.1
> Host: news.rusnet.ru:119
> User-Agent: curl/7.68.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 403 Forbidden
< Date: Thu, 18 Mar 2021 07:11:54 GMT
< Server: DeleGate/9.9.13
< DeleGate-Ver: 9.9.13 (delay=0)
< MIME-Version: 1.0
< Content-Type: text/html
< Content-Length: 1776
< Proxy-Connection: keep-alive, timeout=60, maxreq=60
<
* Received HTTP code 403 from proxy after CONNECT
* CONNECT phase completed!
* Closing connection 0
curl: (56) Received HTTP code 403 from proxy after CONNECT
well, in that case either the proxy server is bogus or someone is interfereing... in either case apparently proxychains-ng is innocent, so closing.
hongyi-zhao
commented
3 years ago the proxy server is bogus
You're right, it's due to the delegate which exposes me a bogus converted HTTP server. The similar test using python-proxy will succeed with the same upstream socks5 proxy as shown below:
$ pproxy --reuse -r socks5://127.0.0.1:18889 -l http://:8081/ -vv
Using uvloop
Serving on :8081 by http
DIRECT: 0 (0.0K/s,0.0K/s) PROXY: 0 (0.0K/s,0.0K/s)
$ curl -vIx http://127.0.0.1:8081 telnet://news.rusnet.ru:119
* Trying 127.0.0.1:8081...
* TCP_NODELAY set
* Connected to 127.0.0.1 (127.0.0.1) port 8081 (#0)
* allocate connect buffer!
* Establish HTTP proxy tunnel to news.rusnet.ru:119
> CONNECT news.rusnet.ru:119 HTTP/1.1
> Host: news.rusnet.ru:119
> User-Agent: curl/7.68.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 OK
< Connection: close
<
* Proxy replied 200 to CONNECT request
* CONNECT phase completed!
* CONNECT phase completed!
^CAnd the following info will be observed on the server side:
$ pproxy --reuse -r socks5://127.0.0.1:18889 -l http://:8081/ -vv
Using uvloop
Serving on :8081 by http
2021-03-18 21:54:15 http 127.0.0.1:33264 -> socks5 127.0.0.1:18889 -> news.rusnet.ru:119
DIRECT: 0 (0.0K/s,0.0K/s) PROXY: 0 (0.0K/s,0.0K/s)So, I should discard the delegate tool.
rofl0r
commented
3 years ago you can use tinyproxy with an upstream socks5 a.b.c.d:port rule to make a http proxy forwarding requests to the socks5.
hongyi-zhao
commented
3 years ago What about the performance and the and stability? Can it also proxy HTTPS request?
rofl0r
commented
3 years ago What about the performance and the and stability?
1.11-rc1 works fine for me. never had any crashes.
Can it can also proxy HTTPS request?
the year is 2021, not 1995.
hongyi-zhao
commented
3 years ago Is this project initiated by you?
rofl0r
commented
3 years ago not initiated, but maintained. i also revamped the core network server engine (based on microsocks) to use modern threads instead of 90's style fork() tech.
hongyi-zhao
commented
3 years ago Wonderful. Based on my testings, tinyproxy shows excellent performance and stability. I'll use it for my scenario. But I still can't figure out how to compile a static version of tinyproxy. I tried with the following method, but it still generated a shared version:
$ LDFLAGS="-static" ./configure --enable-filter --enable-reverse --enable-silent-rules --enable-transparent --enable-upstream
$ make
$ ldd src/tinyproxy
linux-vdso.so.1 (0x00007fff08f49000)
libpthread.so.0 => /lib/x86_64-linux-gnu/libpthread.so.0 (0x00007f8b070f8000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f8b06f06000)
/lib64/ld-linux-x86-64.so.2 (0x00007f8b07169000)Any hints will be highly appreciated.
Regards, HY
hongyi-zhao
commented
3 years ago Got it. Based on the notes here, the linker flag setting above is correct, but I forgot to clean up the residue due to the previous make command. So, the following steps will do the trick:
$ sudo apt build-dep tinyproxy
$ git clean -xdf
$ git pull
$ ./autogen.sh
$ LDFLAGS=-static ./configure --enable-filter --enable-reverse --enable-silent-rules --enable-transparent --enable-upstream
$ make
$ ldd src/tinyproxy
not a dynamic executableyou can use tinyproxy with an
upstream socks5 a.b.c.d:portrule to make a http proxy forwarding requests to the socks5.
Thank you very much. I tried with the following tinyproxy.conf:
$ egrep '^[^#]' tinyproxy.conf
User nobody
Group nobody
Port 8080
Timeout 600
DefaultErrorFile "/usr/local/share/tinyproxy/default.html"
StatFile "/usr/local/share/tinyproxy/stats.html"
LogLevel Info
upstream socks5 127.0.0.1:18889
MaxClients 100
Allow 127.0.0.1
Allow ::1
ViaProxyName "tinyproxy"It works smoothly:
werner@X10DAi:~$ proxychains4 -f /home/werner/Public/repo/github.com/rofl0r/proxychains-ng-socks5.conf telnet news.rusnet.ru 119
[proxychains] config file found: /home/werner/Public/repo/github.com/rofl0r/proxychains-ng-socks5.conf
[proxychains] preloading /usr/local/lib/libproxychains4.so
[proxychains] DLL init: proxychains-ng 4.14-git-42-g931e0df
Trying 224.0.0.22...
[proxychains] Strict chain ... 127.0.0.1:18889 ... news.rusnet.ru:119 ... OK
Connected to news.rusnet.ru.
Escape character is '^]'.
Connection closed by foreign host.
werner@X10DAi:~$ proxychains4 -f /home/werner/Public/repo/github.com/rofl0r/proxychains-ng-http.conf telnet news.rusnet.ru 119
[proxychains] config file found: /home/werner/Public/repo/github.com/rofl0r/proxychains-ng-http.conf
[proxychains] preloading /usr/local/lib/libproxychains4.so
[proxychains] DLL init: proxychains-ng 4.14-git-42-g931e0df
Trying 224.0.0.22...
[proxychains] Strict chain ... 127.0.0.1:8080 ... news.rusnet.ru:119 ... OK
Connected to news.rusnet.ru.
Escape character is '^]'.
Connection closed by foreign host.
werner@X10DAi:~$
On Ubuntu 20.04, I try to test the connectivity to the news server
news.rusnet.ruthroughproxychains-ngcompiled based on the git master branch and running inproxychains4-daemonmode.I found that the test was successful with the SOCKS5 proxy, but failed with the HTTP proxy. See following for more detailed info:
Any hints for this problem?
Regards HY