Proxychains on osx

Proxychains biasanya tidak bisa di compile begitu saja pada OSX, butuh modifikasi. Untuk lebih mudahnya bisa menggunakan patch. Informasi ini didapatkan dari sini. Seperti biasa, untuk archive saya tulis ulang di blog.

1. Download proxychains.
2. Apply patch, berikut ini patchnya:

diff -ruN proxychains-3.1/proxychains/Makefile.in proxychains-3.1_resolv/proxychains/Makefile.in
--- proxychains-3.1/proxychains/Makefile.in 2006-03-15 10:16:59.000000000 -0600
+++ proxychains-3.1_resolv/proxychains/Makefile.in 2011-06-16 13:17:20.000000000 -0500
@@ -121,7 +121,7 @@
LIBS = @LIBS@
libproxychains_la_DEPENDENCIES =
libproxychains_la_OBJECTS = libproxychains.lo core.lo
-CFLAGS = @CFLAGS@
+CFLAGS = @CFLAGS@ -arch x86_64 -arch i386
COMPILE = $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
LTCOMPILE = $(LIBTOOL) --mode=compile $(CC) $(DEFS) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
CCLD = $(CC)
diff -ruN proxychains-3.1/proxychains/core.c proxychains-3.1_resolv/proxychains/core.c
--- proxychains-3.1/proxychains/core.c 2006-03-15 10:16:59.000000000 -0600
+++ proxychains-3.1_resolv/proxychains/core.c 2011-06-16 13:17:19.000000000 -0500
@@ -35,12 +35,18 @@
#include
#include
#include
+#include
#include "core.h"

extern int tcp_read_time_out;
extern int tcp_connect_time_out;
extern int proxychains_quiet_mode;
-
+extern connect_t true_connect;
+extern getaddrinfo_t true_getaddrinfo;
+extern freeaddrinfo_t true_freeaddrinfo;
+extern getnameinfo_t true_getnameinfo;
+extern gethostbyaddr_t true_gethostbyaddr;
+
static const char base64[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/";

static void encode_base_64(char* src,char* dest,int max_len)
@@ -159,13 +165,14 @@

pfd[0].fd=sock;
pfd[0].events=POLLOUT;
- fcntl(sock, F_SETFL, O_NONBLOCK);
+ fcntl(sock, F_SETFL, O_NONBLOCK);
ret=true_connect(sock, addr, len);
-// printf("\nconnect ret=%d\n",ret);fflush(stdout);
+// printf("\nconnect ret=%d\n",ret); fflush(stdout);
+
if(ret==-1 && errno==EINPROGRESS)
{
ret=poll(pfd,1,tcp_connect_time_out);
-// printf("\npoll ret=%d\n",ret);fflush(stdout);
+// printf("\npoll ret=%d\n",ret);fflush(stdout);
if(ret==1)
{
value_len=sizeof(int);
@@ -388,14 +395,18 @@
inet_ntoa(*(struct in_addr*)&pd->ip),
htons(pd->port));
pd->ps=PLAY_STATE;
+
bzero(&addr,sizeof(addr));
+
addr.sin_family = AF_INET;
addr.sin_addr.s_addr = pd->ip;
addr.sin_port = pd->port;
+
if (timed_connect (*fd ,(struct sockaddr*)&addr,sizeof(addr))) {
pd->ps=DOWN_STATE;
goto error1;
}
+
pd->ps=BUSY_STATE;
return SUCCESS;
error1:
@@ -641,7 +652,7 @@
dup2(pipe_fd[1],1);
//dup2(pipe_fd[1],2);
// putenv("LD_PRELOAD=");
- execlp("proxyresolv","proxyresolv",name,NULL);
+ execlp("./proxyresolv","proxyresolv",name,NULL);
perror("can't exec proxyresolv");
exit(2);

diff -ruN proxychains-3.1/proxychains/core.h proxychains-3.1_resolv/proxychains/core.h
--- proxychains-3.1/proxychains/core.h 2006-03-15 10:16:59.000000000 -0600
+++ proxychains-3.1_resolv/proxychains/core.h 2011-06-16 13:17:19.000000000 -0500
@@ -66,29 +66,28 @@
int proxychains_write_log(char *str,...);
struct hostent* proxy_gethostbyname(const char *name);

+typedef struct hostent* (*gethostbyname_t)(const char *);
+static gethostbyname_t true_gethostbyname;

typedef int (*connect_t)(int, const struct sockaddr *, socklen_t);
-connect_t true_connect;
-
-typedef struct hostent* (*gethostbyname_t)(const char *);
-gethostbyname_t true_gethostbyname;
+// connect_t true_connect;

typedef int (*getaddrinfo_t)(const char *, const char *,
const struct addrinfo *,
struct addrinfo **);
-getaddrinfo_t true_getaddrinfo;
+// getaddrinfo_t true_getaddrinfo;

typedef int (*freeaddrinfo_t)(struct addrinfo *);
-freeaddrinfo_t true_freeaddrinfo;
+// freeaddrinfo_t true_freeaddrinfo;

typedef int (*getnameinfo_t) (const struct sockaddr *,
socklen_t, char *,
socklen_t, char *,
socklen_t, unsigned int);
-getnameinfo_t true_getnameinfo;
+// getnameinfo_t true_getnameinfo;

typedef struct hostent *(*gethostbyaddr_t) (const void *, socklen_t, int);
-gethostbyaddr_t true_gethostbyaddr;
+// gethostbyaddr_t true_gethostbyaddr;

int proxy_getaddrinfo(const char *node, const char *service,
const struct addrinfo *hints,
diff -ruN proxychains-3.1/proxychains/libproxychains.c proxychains-3.1_resolv/proxychains/libproxychains.c
--- proxychains-3.1/proxychains/libproxychains.c 2006-03-15 10:16:59.000000000 -0600
+++ proxychains-3.1_resolv/proxychains/libproxychains.c 2011-06-16 13:17:19.000000000 -0500
@@ -32,7 +32,6 @@
#include
#include

-
#include "core.h"

#define satosin(x) ((struct sockaddr_in *) &(x))
@@ -57,6 +56,13 @@
unsigned int *proxy_count,
chain_type *ct);

+connect_t true_connect;
+getaddrinfo_t true_getaddrinfo;
+freeaddrinfo_t true_freeaddrinfo;
+getnameinfo_t true_getnameinfo;
+gethostbyaddr_t true_gethostbyaddr;
+
+
static void init_lib()
{
// proxychains_write_log("ProxyChains-"VERSION
@@ -291,7 +297,7 @@
int getnameinfo (const struct sockaddr * sa,
socklen_t salen, char * host,
socklen_t hostlen, char * serv,
- socklen_t servlen, unsigned int flags)
+ socklen_t servlen, int flags)
{
int ret = 0;
if(!init_l)
diff -ruN proxychains-3.1/proxychains/proxychains proxychains-3.1_resolv/proxychains/proxychains
--- proxychains-3.1/proxychains/proxychains 2006-03-15 10:16:59.000000000 -0600
+++ proxychains-3.1_resolv/proxychains/proxychains 2011-06-16 13:17:20.000000000 -0500
@@ -1,9 +1,11 @@
#!/bin/sh
echo "ProxyChains-3.1 (http://proxychains.sf.net)"
+echo "Mod for OSX - using dylib"
if [ $# = 0 ] ; then
echo " usage:"
echo " proxychains [args]"
exit
fi
-export LD_PRELOAD=libproxychains.so
+export DYLD_FORCE_FLAT_NAMESPACE=
+export DYLD_INSERT_LIBRARIES=./.libs/libproxychains.3.0.0.dylib
exec "$@"
diff -ruN proxychains-3.1/proxychains/proxyresolv proxychains-3.1_resolv/proxychains/proxyresolv
--- proxychains-3.1/proxychains/proxyresolv 2006-03-15 10:16:59.000000000 -0600
+++ proxychains-3.1_resolv/proxychains/proxyresolv 2011-06-16 13:18:51.000000000 -0500
@@ -11,6 +11,6 @@
exit
fi

-
-export LD_PRELOAD=libproxychains.so
-dig $1 @$DNS_SERVER +tcp | awk '/A.+[0-9]+\.[0-9]+\.[0-9]/{print $5;}'
+export DYLD_FORCE_FLAT_NAMESPACE=
+export DYLD_INSERT_LIBRARIES=./.libs/libproxychains.3.0.0.dylib
+dig $1 @$DNS_SERVER +tcp | awk '/^[^;].+A.+[0-9]+\.[0-9]+\.[0-9]/{print $5;}'

3. Apply patch

patch -p0 < proxychains-3.1_osx.diff

4. Compile

cd proxychains-3.1
./configure --prefix=/opt/local
cd proxychains
make
sudo make install

5. Install links

mkdir ~/.libs
mkdir ~/.proxychains
ln -s /opt/local/lib/libproxychains.3.0.0.dylib ~/.libs/
ln -s /opt/local/etc/proxychains.conf ~/.proxychains/

6. Configure proxychains.conf dari /opt/local/etc/proxychains.conf, konfigurasi default menggunakan tor (socks4 127.0.0.1 9050)

7. Tinggal pake deh

Agar lebih secure, dalam proxychains.conf ada konfigurasi untuk resolv DNS via proxy juga.

# Proxy DNS requests - no leak for DNS data
proxy_dns

Somehow, proxychains untuk MacOS ini masih error jika feature tersebut diaktifkan.


$ proxychains lynx http://www.google.com
ProxyChains-3.1 (http://proxychains.sf.net)
Mod for OSX - using dylib

Looking up http://www.google.com|DNS-request| http://www.google.com
can't exec proxyresolv: No such file or directory
|DNS-response|: http://www.google.com is not exist
Alert!: Unable to connect to remote host.

Jadi kita bisa memilih untuk disable feature tersebut dengan resiko keberadaan kita bisa terdeteksi via DNS request. Namun jika ingin menggunakan feature tersebut solusi paling mudah menjalankan sendiri program proxyresolv,


$ proxyresolv http://www.google.com
|S-chain|--127.0.0.1:9050--4.2.2.2:53--OK
74.125.224.147
74.125.224.148
74.125.224.144
74.125.224.145
74.125.224.146

Setelah itu baru browsing via IP,


$ proxychains lynx http://74.125.224.147
ProxyChains-3.1 (http://proxychains.sf.net)
Mod for OSX - using dylib

Google

______________________________________________________________________________________________________
______________________________________________________________________________________________________
______________________________________________________________________________________________________
______________________________________________________________________________________________________

Web Images Videos Maps News Shopping Gmail more
Settings | Sign in

_________________________________________________________
Google Search I'm Feeling Lucky Advanced searchLanguage tools

Advertising ProgramsBusiness SolutionsAbout GoogleGo to Google.com

2011 - Privacy

(Textarea) Enter text. Use UP/DOWN arrows or TAB to move off.1:9050--74.125.224.147:80--OK
Data transfeEnter text into the field by typing on the keyboard

Solusi sementara. Lagi males cari tau kenapa feature tersebut masih error. Have phun!

!!!UPDATE!!!!

Barusan baca patch nya sedikit dan noticed ada bagian ini:

@@ -641,7 +652,7 @@
dup2(pipe_fd[1],1);
//dup2(pipe_fd[1],2);
// putenv("LD_PRELOAD=");
- execlp("proxyresolv","proxyresolv",name,NULL);
+ execlp("./proxyresolv","proxyresolv",name,NULL);
perror("can't exec proxyresolv");
exit(2);

Kurang tau apa alasannya tapi patch diatas menganggap “proxyresolv” diakses dari current directory. Untuk yang mau jalanin proxychains dari directory sourcenya sih gak masalah, tapi klo untuk yang pake “make install” tentu akan menjadi masalah. Untuk itu, kita bisa remove bagian diatas dari proxychains-3.1_osx.diff sehingga hasil compile nya akan berjalan dengan normal nanti dan proxyresolv dapat digunakan secara otomatis.


$ proxychains lynx http://www.google.com
ProxyChains-3.1 (http://proxychains.sf.net)
Mod for OSX - using dylib

Looking up http://www.google.com|DNS-request| http://www.google.com
|S-chain|--127.0.0.1:9050--4.2.2.2:53--OK
|DNS-response| http://www.google.com is 209.85.148.105
Making HTTP connection to http://www.google.com|S-chain|--127.0.0.1:9050--209.85.148.105:80--OK

…atau untuk SSH connection


$ proxychains ssh root@team.infosec-id.com
ProxyChains-3.1 (http://proxychains.sf.net)
Mod for OSX - using dylib
|DNS-request| xxx.infosec-id.com
|S-chain|--127.0.0.1:9050--4.2.2.2:53--OK
|DNS-response| team.infosec-id.com is 205.185.x.x
|S-chain|--127.0.0.1:9050--205.185.x.x:22--OK
Linux byteskrew xxxxxxxxxxx #3 SMP Fri Jun 3 16:37:31 PDT 2011 i686 GNU/Linux
Ubuntu 10.04.1 LTS

Welcome to Ubuntu!
* Documentation: https://help.ubuntu.com/

You have mail.
Last login: Tue Jul 19 05:11:45 2011 from raidz.torservers.net
root@byteskrew:~#

Phunnn!!!

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s