Closed flavorgold1 closed 2 years ago
Add -vvv
in the command line arguments and see what exactly it was doing when authenticating.
Add
-vvv
in the command line arguments and see what exactly it was doing when authenticating.
Thanks. It acts as though there is no authentication feature at all.
I run: ./sslocal -vvv --config /path/to/config.json
This is my config file:
{
"server":"1.2.3.4",
"server_port":1234,
"password":"abcdefg",
"local_address":"0.0.0.0",
"local_port":4321,
"socks5_auth_config_path":"/path/to/idpass.json",
"fast_open":true,
"reuse_port":true,
"no_delay":true,
"ipv6_first":false,
"mode":"tcp_and_udp",
"method":"chacha20-ietf-poly1305"
}
This is the /path/to/idpass.json
for auth info:
{
"password": {
"users": [
{
"user_name": "idhere",
"password": "passwordhere"
}
]
}
}
Read the doc carefully, the socks5_auth_config_path
is only valid in the extended format:
{
"server":"1.2.3.4",
"server_port":1234,
"password":"abcdefg",
"locals": [
{
"local_address":"0.0.0.0",
"local_port":4321,
"socks5_auth_config_path":"/path/to/idpass.json",
}
],
"fast_open":true,
"reuse_port":true,
"no_delay":true,
"ipv6_first":false,
"mode":"tcp_and_udp",
"method":"chacha20-ietf-poly1305"
}
I tried using it.
But, somehow, it is allowing me access without even punching in the right username-password combos.
It still lets me access the SOCKS5 server without a password, with the wrong password, or even the with the wrong username.
I'm on Ubuntu 20.04 LTS.
I just wanted to check if this was just me or if someone else is facing this issue too.