proxychains-ng icon indicating copy to clipboard operation
proxychains-ng copied to clipboard

Published 20 hours ago verified publisher icon rofl0r

Add support for macOS connectx? (Used by Objective-C API's in many GUI applications)

Open AlexanderOMara opened this issue 4 years ago • 4 comments

The Objective-C API's on macOS don't use the connect function under the hood, instead they use connectx which according to the man page is like a combination of bind and connect.

The parameter socket is a socket. In general, connectx() may be used as a substitute for cases when bind(2) and connect(2) are issued in succession, as well as a mechanism to transmit data at connection establishment time.

Since this function doesn't appear to be hooked, code that uses these API's bypass proxychains completely.

Here's a sample program that demonstrates the issue:

// clang -framework Foundation main.m -o main

#import <Foundation/Foundation.h>
#include <unistd.h>

int done = 0;

int main(int argc, const char * argv[]) {
	@autoreleasepool {
		NSMutableURLRequest *request = [[NSMutableURLRequest alloc] init];
		[request setHTTPMethod:@"GET"];
		[request setURL:[NSURL URLWithString:@"http://icanhazip.com/"]];
		[
			[
				[NSURLSession sharedSession]
				dataTaskWithRequest:request
				completionHandler:^(
					NSData * _Nullable data,
					NSURLResponse * _Nullable response,
					NSError * _Nullable error
				) {
					NSString *myString = [
						[NSString alloc]
						initWithData:data
						encoding:NSUTF8StringEncoding
					];
					NSLog(@"Data received: %@", myString);
					done = 1;
				}
			]
			resume
		];
	}
	while (!done) {
		usleep(1);
	}
	return 0;
}

Support for connectx would greatly improve compatibility with macOS software.

AlexanderOMara avatar Sep 04 '20 00:09 AlexanderOMara

can you come up with a C example that actually calls connectx directly?

generally i'm not opposed to this but since i don't own a mac i guess someone else would need to provide a PR for this.

rofl0r avatar Sep 04 '20 13:09 rofl0r

Sure thing (it's not pretty, but it works): https://gist.github.com/AlexanderOMara/26dd909dcef674c2109054720e09afaf

With some pointers I could probably lend a hand to this issue.

AlexanderOMara avatar Sep 04 '20 22:09 AlexanderOMara

thanks. if you use proxychains-ng on your C test program, does it work ? it's possible that connectx uses connect behind the scenes.

ftr, the manpage of it is http://manpagez.com/man/2/connectx/

in order to support connectx check all the special code in libproxychains.c dealing with __xnet_connect. the equivalent is needed for connectx, however we can't just simply call connect as the xnet code does, we would need to also do an appropriate bind if so requested. but i guess for some preliminary support we could just ignore the bind-related stuff or if passed, fallback to true_connectx.

the harder part is dealing with the iovec stuff. there's currently no code in proxychains to deal with this. i guess for starters we should just return a suitable errorcode according to the manpage if one of those arguments is passed.

rofl0r avatar Sep 05 '20 13:09 rofl0r

thanks. if you use proxychains-ng on your C test program, does it work ? it's possible that connectx uses connect behind the scenes.

No it doesn't. I even double-checked with lldb, a breakpoint on connect never tripped. The connectx function is actually just a small wrapper for a syscall.

AlexanderOMara avatar Sep 05 '20 14:09 AlexanderOMara