proxychains-ng icon indicating copy to clipboard operation
proxychains-ng copied to clipboard

Published 20 hours ago verified publisher icon rofl0r

Does not work with dropbox

Open meijieru opened this issue 6 years ago • 8 comments 

➜  ~ proxychains -q dropbox     
dropbox: locating interpreter
!! dropbox: can't trust path, fall back on working directory (relative)!
!! dropbox: failed to resolve program path (No such file or directory)!
!! dropbox: no executable path! (error 1)
[1]    16254 abort (core dumped)  proxychains -q dropbox

meijieru avatar Apr 24 '18 17:04 meijieru

where did you get your proxychains from ? the one from this repo uses proxychains4 command.

rofl0r avatar Apr 26 '18 19:04 rofl0r

I download it from archlinux repo

meijieru avatar Apr 27 '18 02:04 meijieru

try latest arch package. it has recently been updated and contains a couple bugfixes. feel free to reopen this if the issue persists.

rofl0r avatar Jul 13 '18 19:07 rofl0r

@rofl0r I have the same problem on archlinux:

➜ ~ proxychains dropbox [proxychains] config file found: /etc/proxychains.conf [proxychains] preloading /usr/lib/libproxychains4.so [proxychains] DLL init: proxychains-ng 4.13 dropbox: locating interpreter !! dropbox: can't trust path, fall back on working directory (relative)! !! dropbox: failed to resolve program path (No such file or directory)! !! dropbox: no executable path! (error 1) [1] 5042 abort (core dumped) proxychains dropbox

version:

pacman -Qi proxychains-ng Version : 4.13-1 Build Date : Tue 26 Jun 2018 12:48:50 AM CST

@meijieru have you solve the problem?

nooberfsh avatar Sep 19 '18 12:09 nooberfsh

I still have that problem.

meijieru avatar Sep 19 '18 15:09 meijieru

so maybe you should try to diagnose the issue? here's a start do

file `which dropbox`

then strace -o log.txt -s 256 -f dropbox followed by grep exec < log.txt which would give us clues what kind of app we're dealing with here.

rofl0r avatar Sep 19 '18 21:09 rofl0r

➜ ~ grep exec < log.txt 7631 execve("/usr/bin/dropbox", ["dropbox"], 0x7fffddb847f8 /* 51 vars /) = 0 7631 read(4, "proc /proc proc rw,nosuid,nodev,noexec,relatime 0 0\nsys /sys sysfs rw,nosuid,nodev,noexec,relatime 0 0\ndev /dev devtmpfs rw,nosuid,relatime,size=8153312k,nr_inodes=2038328,mode=755 0 0\nrun /run tmpfs rw,nosuid,nodev,relatime,mode=755 0 0\nefivarfs /sys/firm"..., 1024) = 1024 7631 read(4, "ys/fs/cgroup/pids cgroup rw,nosuid,nodev,noexec,relatime,pids 0 0\ncgroup /sys/fs/cgroup/memory cgroup rw,nosuid,nodev,noexec,relatime,memory 0 0\ncgroup /sys/fs/cgroup/net_cls,net_prio cgroup rw,nosuid,nodev,noexec,relatime,net_cls,net_prio 0 0\ncgroup /sys/"..., 1024) = 1024 7632 execve("/sbin/ldconfig", ["/sbin/ldconfig", "-p"], 0x11b6040 / 2 vars / <unfinished ...> 7632 <... execve resumed> ) = 0 7634 execve("/sbin/ldconfig", ["/sbin/ldconfig", "-p"], 0x13ae6e0 / 2 vars / <unfinished ...> 7634 <... execve resumed> ) = 0 7636 execve("/bin/sh", ["/bin/sh", "-c", "uname -p 2> /dev/null"], 0x7ffceec42f18 / 51 vars / <unfinished ...> 7636 <... execve resumed> ) = 0 7637 execve("/usr/bin/uname", ["uname", "-p"], 0x562830c948f0 / 51 vars /) = 0 7631 stat("/opt/dropbox/dropbox.foundation.async.exec_ctx.cpython-35m-x86_64-linux-gnu.so", 0x7ffceec3aad0) = -1 ENOENT (No such file or directory) 7631 read(6, "PK\3\4\24\0\0\0\0\0\201%+M\275\311X\364\225\21\0\0\225\21\0\0%\0\0\0dropbox/foundation/async/exec_ctx.pyc'4\r\n\360\251\227[\226\25\0\0\3430\360\2547y\21\0\0\370\273\272\351\267\355\334n\270m\323\347\317b\27\241\0021^\366}\30a\261\340"/\25\301\302\330^\203\361i\277|P\205\246\r6\302^H\10R\T\36GM\246\343\354k\235e\212\325\261B@\226\301\312\211'\347\2053I6\253\371\330\342Bv\177\354+,\351^\377}\305\357\206\262r\351J\212\244\275\7ca\347\365ZH6\234a\335\0\2348\261b\3011\256\226B\357\233''\306\207\376\306\340\4\202c&M{Z\205\237\3\337\350u}\263\375\25\25Jq\373\206\340?\337\213\n$Pi\375\347h{s\353\234\350-i"..., 4096) = 4096 7631 read(6, "PK\3\4\24\0\0\0\0\0\201%+M\275\311X\364\225\21\0\0\225\21\0\0%\0\0\0dropbox/foundation/async/exec_ctx.pyc'4\r\n\360\251\227[\226\25\0\0\3430\360\2547y\21\0\0\370\273\272\351\267\355\334n\270m\323\347\317b\27\241\0021^\366}\30a\261\340"/\25\301\302\330^\203\361i\277|P\205\246\r6\302^H\10R\T\36GM\246\343\354k\235e\212\325\261B@\226\301\312\211'\347\2053I6\253\371\330\342Bv\177\354+,\351^\377}\305\357\206\262r\351J\212\244\275\7ca\347\365ZH6\234a\335\0\2348\261b\3011\256\226B\357\233''\306\207\376*\306\340\4\202c&M{Z\205\237\3\337\350u}\263\375\25\25Jq\373\206\340?\337\213\n$Pi\375\347h{s\353\234\350-i"..., 4096) = 4096 7631 <... read resumed> "proc /proc proc rw,nosuid,nodev,noexec,relatime 0 0\nsys /sys sysfs rw,nosuid,nodev,noexec,relatime 0 0\ndev /dev devtmpfs rw,nosuid,relatime,size=8153312k,nr_inodes=2038328,mode=755 0 0\nrun /run tmpfs rw,nosuid,nodev,relatime,mode=755 0 0\nefivarfs /sys/firm"..., 8192) = 2649

nooberfsh avatar Sep 19 '18 22:09 nooberfsh

is there stuff missing in the log ?

anyway, it seems we're dealing with something that according to this

read(6, "PK\3\4\24\0\0\0\0\0\201%+M\275\311X\364\225\21\0\0\225\21\0\0%\0\0\0dropbox/foundation/async/exec_ctx.pyc'

seems to open a .zip file with "PK" header, and then extract compiled python objects. that kinda looks as if they're trying to obfuscate what happens. that in turn could also mean they try to suppress usage of preloaders that eventually could be used to look into their "secrets". anyway if you find more, let me know..

rofl0r avatar Sep 20 '18 01:09 rofl0r