proxychains-ng icon indicating copy to clipboard operation
proxychains-ng copied to clipboard

Published 20 hours ago verified publisher icon rofl0r

proxychains4 make hostname to 127.0.0.1

Open yjp211 opened this issue 7 years ago • 9 comments

Normal:

root@t2:~# hostname -i
192.168.40.232
root@t2:~#

Proxy:

root@t2:~# proxychains4 hostname -i
[proxychains] config file found: /usr/local/etc/proxychains.conf
[proxychains] preloading /usr/local/lib/libproxychains4.so
[proxychains] DLL init: proxychains-ng 4.11-git-9-gcf9a16d
127.0.0.1
root@t2:~#

This lead to: java rmi server start with proxychains, it's client can't find the remote server, some error like:

Client exception: java.rmi.ConnectException: Connection refused to host: 127.0.0.1; nested exception is: 
	java.net.ConnectException: Connection refused
java.rmi.ConnectException: Connection refused to host: 127.0.0.1; nested exception is: 
	java.net.ConnectException: Connection refused
	at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:619)
	at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:216)
	at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:202)
	at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:130)
	at java.rmi.server.RemoteObjectInvocationHandler.invokeRemoteMethod(RemoteObjectInvocationHandler.java:194)
	at java.rmi.server.RemoteObjectInvocationHandler.invoke(RemoteObjectInvocationHandler.java:148)
	at com.sun.proxy.$Proxy0.sayHello(Unknown Source)
	at Client.main(Client.java:53)
Caused by: java.net.ConnectException: Connection refused
	at java.net.PlainSocketImpl.socketConnect(Native Method)
	at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:345)
	at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
	at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
	at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
	at java.net.Socket.connect(Socket.java:589)
	at java.net.Socket.connect(Socket.java:538)
	at java.net.Socket.<init>(Socket.java:434)
	at java.net.Socket.<init>(Socket.java:211)
	at sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(RMIDirectSocketFactory.java:40)
	at sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(RMIMasterSocketFactory.java:148)
	at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:613)
	... 7 more

yjp211 avatar Mar 22 '17 03:03 yjp211

can you figure out which function it is calling ? you could set breakpoints (with gdb) on the following functions:

connect
sendto
gethostbyname
getaddrinfo
freeaddrinfo
gethostbyaddr
getnameinfo

and then see which one gets hit.

rofl0r avatar Mar 22 '17 04:03 rofl0r

wechatimg16

last break at getnameinfo

yjp211 avatar Mar 22 '17 06:03 yjp211 

root@t2:~/proxychains-ng# ./proxychains4 hostname -i
[proxychains] config file found: /usr/local//etc/proxychains.conf
[proxychains] preloading ./libproxychains4.so
DEBUG:init_lib_wrapper called from gcc_init
DEBUG:pid[14965]:at_init
DEBUG:added localnet: netaddr=0.0.0.0, netmask=0.0.0.0
DEBUG:pid[14965]:wait_data
DEBUG:[play] socks5 127.0.0.1:3088
[proxychains] DLL init: proxychains-ng 4.12
DEBUG:loaded symbol 'connect' real addr 0x7fd4483b8530  wrapped addr 0x7fd448899ceb
DEBUG:loaded symbol 'sendto' real addr 0x7fd4483b88f0  wrapped addr 0x7fd44889a716
DEBUG:loaded symbol 'gethostbyname' real addr 0x7fd4483ca090  wrapped addr 0x7fd44889a225
DEBUG:loaded symbol 'freeaddrinfo' real addr 0x7fd44839fd10  wrapped addr 0x7fd44889a33e
DEBUG:loaded symbol 'gethostbyaddr' real addr 0x7fd4483c9b00  wrapped addr 0x7fd44889a602
DEBUG:loaded symbol 'close' real addr 0x7fd4483a7d00  wrapped addr 0x7fd448899be9
DEBUG:getaddrinfo: t2 null
DEBUG:pid[14965]:proxy_getaddrinfo
DEBUG:pid[14965]:proxy_gethostbyname
DEBUG:return hostent space
DEBUG:pid[14965]:pc_getnameinfo
127.0.0.1
root@t2:~/proxychains-ng#

yjp211 avatar Mar 22 '17 08:03 yjp211

src/core.c wechatimg19

I modified the program, so that can make the rmi client work. but I don't know whether other arrival, I also want to use it to agent for the DNS

https://github.com/yjp211/proxychains-ng/commit/1d5cd6cbfa6735146cd2b205d3301c6a7df84c36

yjp211 avatar Mar 22 '17 10:03 yjp211

good work tracking down the issue!

sorry but i dont understand what you mean with:

but I don't know whether other arrival

I also want to use it to agent for the DNS

i guess with this you mean you want to do DNS resolution on the proxy (i.e. proxy_dns)

rofl0r avatar Mar 22 '17 19:03 rofl0r

to further investigate what's happening, you can add the following line at line number 737:

dprintf(2, "%s\n", name);

and tell me what it says (after recompile).

rofl0r avatar Mar 22 '17 19:03 rofl0r 

root@t2:/tmp/yjp211/proxychains-ng# ./proxychains4 hostname -i
[proxychains] config file found: /tmp/yjp211/proxychains-ng/proxychains.conf
[proxychains] preloading ./libproxychains4.so
[proxychains] DLL init: proxychains-ng 4.12-git-1-g1d5cd6c
t2
192.168.40.232

t2 is the machine hostname

Use proxychains4 and shadowsocks agent my service go international line to speed up the access, rather than using a global VPN. I modified the code, fear will have influence on this.

The program (after modify) has been running for 10 hours, it seems no problem :)

yjp211 avatar Mar 23 '17 01:03 yjp211

and t2 has an entry in /etc/hosts, right ?

rofl0r avatar Mar 23 '17 01:03 rofl0r

yes

if i remove t2 entry, the rmi client can't work no matter whether use the proxy

yjp211 avatar Mar 23 '17 02:03 yjp211