search

rofl0r / proxychains-ng

proxychains ng (new generation) - a preloader which hooks calls to sockets in dynamically linked programs and redirects it through one or more socks/http proxies. continuation of the unmaintained proxychains project. the sf.net page is currently not updated, use releases from github release page instead.
http://sourceforge.net/projects/proxychains-ng/files
GNU General Public License v2.0
9.82k stars 1.08k forks source link

Couldn't connect to server using proxychains-ng, but works fine with curl -x #577

Closed Kausal-Lei closed 2 months ago

Kausal-Lei commented 2 months ago

When I use proxychains to get access to huggingface.co, I got the following error. For security, I replace the $IP and %Port to IP and Port. Command : proxychains curl huggingface.co

[proxychains] config file found: /etc/proxychains.conf
[proxychains] preloading /usr/lib/x86_64-linux-gnu/libproxychains.so.4
[proxychains] DLL init: proxychains-ng 4.14
[proxychains] Strict chain  ...  IP:Port  ...  huggingface.co:80 <--denied
curl: (7) Couldn't connect to server

but when I run curl -x "IP:Port" huggingface.co, it works fine:

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>CloudFront</center>
</body>
</html>

My proxychains.conf is:

strict_chain
#
# Proxy DNS requests - no leak for DNS data
proxy_dns

# Some timeouts in milliseconds
tcp_read_time_out 15000
tcp_connect_time_out 8000

[ProxyList]
http    IP    Port
Kausal-Lei commented 2 months ago

I also try the lastest version and use proxychains4-daemon proxychains4-daemon -p 5023. proxychains4-daemon output:

127.0.0.1:49296 requested ip for huggingface.co (224.0.0.2)
127.0.0.1:54194 requested name for 224.0.0.2 (huggingface.co)
127.0.0.1:57278 requested name for 224.0.0.2 (huggingface.co)

proxychains4 with cmd proxychains curl huggingface.co ouput: (conf has been updated proxy_dns_daemon 127.0.0.1:5023)

[proxychains] config file found: /etc/proxychains.conf
[proxychains] preloading /usr/lib/libproxychains4.so
[proxychains] DLL init: proxychains-ng 4.17-git-2-g821249f
[proxychains] Strict chain  ...  IP:Port  ...  huggingface.co:80 <--denied
rofl0r commented 2 months ago

make clean ; CFLAGS=-DDEBUG ./configure ; make

then run ./proxychains4 curl whatever and paste the debug output

oh and when you use curl directly use http_proxy=ip:port curl whatever

Kausal-Lei commented 2 months ago

make clean ; CFLAGS=-DDEBUG ./configure ; make

then run ./proxychains4 curl whatever and paste the debug output

oh and when you use curl directly use http_proxy=ip:port curl whatever

Thanks a lot for your help! Here is the output root@di-xxxxxxxxxx-b8q79:~/code/proxychains-ng# ./proxychains4 curl huggingface.co

[proxychains] config file found: /etc/proxychains.conf
[proxychains] preloading ./libproxychains4.so
DEBUG:pid[59713]:init_lib_wrapper called from gcc_init
[proxychains] DLL init: proxychains-ng 4.17-git-2-g821249f
DEBUG:pid[59713]:loaded symbol 'connect' real addr 0x7fdbdef9c550  wrapped addr 0x7fdbdf07388d
DEBUG:pid[59713]:loaded symbol 'sendto' real addr 0x7fdbdef9c830  wrapped addr 0x7fdbdf0746b7
DEBUG:pid[59713]:loaded symbol 'gethostbyname' real addr 0x7fdbdeec7610  wrapped addr 0x7fdbdf07419f
DEBUG:pid[59713]:loaded symbol 'getaddrinfo' real addr 0x7fdbdee9ce30  wrapped addr 0x7fdbdf074226
DEBUG:pid[59713]:loaded symbol 'freeaddrinfo' real addr 0x7fdbdee9db00  wrapped addr 0x7fdbdf0742e0
DEBUG:pid[59713]:loaded symbol 'gethostbyaddr' real addr 0x7fdbdeec6ea0  wrapped addr 0x7fdbdf07459a
DEBUG:pid[59713]:loaded symbol 'getnameinfo' real addr 0x7fdbdeed02b0  wrapped addr 0x7fdbdf074345
DEBUG:pid[59713]:loaded symbol 'close' real addr 0x7fdbdef9c420  wrapped addr 0x7fdbdf0733da
DEBUG:pid[59713]:get_chain_data()
DEBUG:pid[59713]:proxy_dns: thread
DEBUG:pid[59713]:[play] http 100.xx.yy.20:3128
DEBUG:pid[59713]:at_init()
DEBUG:pid[59713]:wait_data()
DEBUG:pid[59713]:connect()
DEBUG:pid[59713]:target: 100.xx.yy.20
DEBUG:pid[59713]:port: 3128
DEBUG:pid[59713]:connect_proxy_chain()
DEBUG:pid[59713]:[play] http 100.xx.yy.20:3128
[proxychains] Strict chain  ...  100.xx.yy.20:3128 DEBUG:pid[59713]:timed_connect()
DEBUG:pid[59713]:
connect ret=-1
DEBUG:pid[59713]:
poll ret=1
DEBUG:pid[59713]:
value=0
DEBUG:pid[59713]:chain_step()
 ...  100.xx.yy.20:3128 DEBUG:pid[59713]:tunnel_to()
DEBUG:pid[59713]:host dns <NULL>
DEBUG:pid[59713]:HTTP proxy blocked: buff="HTTP/1.1 403 Forbidden
Server: openresty/1.19.3.1
Date: Tue, 20 Aug 2024 03:56:35 GMT
Content-Type: text/html
Content-Length: 159
Connection: close

�"
<--denied
curl: (7) Couldn't connect to server

http_proxy=100.xx.yy.20:3128 curl huggingface.co

<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>CloudFront</center>
</body>
</html>

I also run the debug mode of curl http_proxy=100.xx.yy.20:3128 curl -v huggingface.co

* Uses proxy env variable http_proxy == '100.xx.yy.20:3128'
*   Trying 100.xx.yy.20:3128...
* TCP_NODELAY set
* Connected to 100.xx.yy.20 (100.xx.yy.20) port 3128 (#0)
> GET http://huggingface.co/ HTTP/1.1
> Host: huggingface.co
> User-Agent: curl/7.68.0
> Accept: */*
> Proxy-Connection: Keep-Alive
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 301 Moved Permanently
< Server: openresty/1.19.3.1
< Date: Tue, 20 Aug 2024 04:08:50 GMT
< Content-Type: text/html
< Content-Length: 167
< Connection: keep-alive
< Location: https://huggingface.co/
< X-Cache: Redirect from cloudfront
< Via: 1.1 500f4e37798a0a47047ecfa48f4fd932.cloudfront.net (CloudFront)
< X-Amz-Cf-Pop: SIN2-P1
< X-Amz-Cf-Id: oLpGB1OZD_rNkQId38_YVMuCvtYFCbgX70l8HRjWlv1IkCbMJM2YrA==
< 
<html>
<head><title>301 Moved Permanently</title></head>
<body>
<center><h1>301 Moved Permanently</h1></center>
<hr><center>CloudFront</center>
</body>
</html>
* Connection #0 to host 100.xx.yy.20 left intact
rofl0r commented 2 months ago

http proxies have 2 work modes, one is protocol aware and works only with unencrypted http traffic, the other one (known as CONNECT method) works anywhere. proxychains-ng only uses the CONNECT method because it's general purpose. it would appear that the proxy you use supports only the http-to-http method, which curl uses in this case. therefore it works using curl built-in http proxy support.

curl has an option --proxytunnel which you can use to verify the veracity of my analysis.

Kausal-Lei commented 2 months ago

http proxies have 2 work modes, one is protocol aware and works only with unencrypted http traffic, the other one (known as CONNECT method) works anywhere. proxychains-ng only uses the CONNECT method because it's general purpose. it would appear that the proxy you use supports only the http-to-http method, which curl uses in this case. therefore it works using curl built-in http proxy support.

curl has an option --proxytunnel which you can use to verify the veracity of my analysis.

http_proxy=100.xx.yy.20:3128 curl  --proxytunnel huggingface.co
curl: (56) Received HTTP code 403 from proxy after CONNECT

Yes, you are right! Thanks a lot~