2013-02-10 08:54:00 +00:00
|
|
|
ProxyChains-NG ver 4.5 README
|
|
|
|
=============================
|
2011-02-25 09:40:11 +00:00
|
|
|
|
2012-07-08 19:44:02 +00:00
|
|
|
ProxyChains is a UNIX program, that hooks network-related libc functions
|
2013-02-10 08:54:00 +00:00
|
|
|
in DYNAMICALLY LINKED programs via a preloaded DLL (dlsym(), LD_PRELOAD)
|
|
|
|
and redirects the connections through SOCKS4a/5 or HTTP proxies.
|
|
|
|
It supports TCP only (no UDP/ICMP etc).
|
|
|
|
|
|
|
|
The way it works is basically a HACK; so it is possible that it doesn't
|
|
|
|
work with your program, especially when it's a script, or starts
|
|
|
|
numerous processes like background daemons or uses dlopen() to load
|
|
|
|
"modules" (bug in glibc dynlinker).
|
|
|
|
It should work with simple compiled (C/C++) dynamically linked programs
|
|
|
|
though.
|
|
|
|
|
|
|
|
If your program doesn't work with proxychains, consider using an
|
|
|
|
iptables based solution instead; this is much more robust.
|
|
|
|
|
|
|
|
Supported Platforms: Linux, BSD, Mac.
|
|
|
|
|
2012-07-08 19:44:02 +00:00
|
|
|
|
2011-11-14 00:57:54 +00:00
|
|
|
*********** ATTENTION ***********
|
|
|
|
|
2013-01-06 20:22:02 +00:00
|
|
|
this program can be used to circumvent censorship.
|
|
|
|
doing so can be VERY DANGEROUS in certain countries.
|
|
|
|
|
|
|
|
ALWAYS MAKE SURE THAT PROXYCHAINS WORKS AS EXPECTED
|
|
|
|
BEFORE USING IT FOR ANYTHING SERIOUS.
|
|
|
|
|
|
|
|
this involves both the program and the proxy that you're going to
|
|
|
|
use.
|
|
|
|
|
|
|
|
for example, you can connect to some "what is my ip" service
|
|
|
|
like ifconfig.me to make sure that it's not using your real ip.
|
|
|
|
|
|
|
|
ONLY USE PROXYCHAINS IF YOU KNOW WHAT YOU'RE DOING.
|
|
|
|
|
2013-01-06 20:42:02 +00:00
|
|
|
THE AUTHORS AND MAINTAINERS OF PROXYCHAINS DO NOT TAKE ANY
|
|
|
|
RESPONSIBILITY FOR ANY ABUSE OR MISUSE OF THIS SOFTWARE AND
|
|
|
|
THE RESULTING CONSEQUENCES.
|
|
|
|
|
2012-07-08 19:44:02 +00:00
|
|
|
*** Installation ***
|
2011-02-25 09:40:11 +00:00
|
|
|
|
2012-07-08 19:44:02 +00:00
|
|
|
# needs a working C compiler, preferably gcc
|
2013-01-06 18:14:43 +00:00
|
|
|
./configure --prefix=/usr --sysconfdir=/etc
|
2012-07-08 19:44:02 +00:00
|
|
|
make
|
2012-12-12 03:04:38 +00:00
|
|
|
[optional] sudo make install
|
2013-01-06 18:32:55 +00:00
|
|
|
[optional] sudo make install-config (installs proxychains.conf)
|
2012-12-12 03:04:38 +00:00
|
|
|
|
|
|
|
if you dont install, you can use proxychains from the build directory
|
|
|
|
like this: ./proxychains4 -f src/proxychains.conf telnet google.com 80
|
2011-02-25 09:40:11 +00:00
|
|
|
|
2011-11-14 00:57:54 +00:00
|
|
|
Changelog:
|
|
|
|
----------
|
2012-11-07 20:36:42 +00:00
|
|
|
|
2013-02-10 08:54:00 +00:00
|
|
|
Version 4.5:
|
|
|
|
- hook close() to prevent OpenSSH from messing with internal infrastructure.
|
|
|
|
this caused ssh client to segfault when proxified.
|
|
|
|
|
2013-01-06 18:14:43 +00:00
|
|
|
Version 4.4:
|
|
|
|
- FreeBSD port
|
|
|
|
- fixes some installation issues on Debian and Mac.
|
|
|
|
|
2012-12-12 03:04:38 +00:00
|
|
|
Version 4.3:
|
|
|
|
- fixes programs that do dns-lookups in child processes (fork()ed),
|
2012-11-07 20:36:42 +00:00
|
|
|
like irssi. to achieve this, support for compilation without pthreads
|
|
|
|
was sacrified.
|
2012-12-12 03:04:38 +00:00
|
|
|
- fixes thread safety for gethostent() calls.
|
|
|
|
- improved DNS handling speed, since hostent db is cached.
|
2012-11-07 20:36:42 +00:00
|
|
|
|
|
|
|
Version 4.2:
|
2012-12-12 03:04:38 +00:00
|
|
|
- fixes compilation issues with ubuntu 12.04 toolchain
|
|
|
|
- fixes segfault in rare codepath
|
2012-11-07 20:36:42 +00:00
|
|
|
|
2012-12-12 03:04:38 +00:00
|
|
|
Version 4.1
|
|
|
|
- support for mac os x (all archs)
|
|
|
|
- all internal functions are threadsafe when compiled with -DTHREAD_SAFE
|
|
|
|
(default).
|
2011-11-14 00:57:54 +00:00
|
|
|
|
2012-12-12 03:04:38 +00:00
|
|
|
Version 4.0
|
|
|
|
- replaced dnsresolver script (which required a dynamically linked "dig"
|
|
|
|
binary to be present) with remote DNS lookup.
|
|
|
|
this speeds up any operation involving DNS, as the old script had to use TCP.
|
|
|
|
additionally it allows to use .onion urls when used with TOR.
|
|
|
|
- removed broken autoconf build system with a simple Makefile.
|
|
|
|
there's a ./configure script though for convenience.
|
|
|
|
it also adds support for a config file passed via command line switches/
|
|
|
|
environment variables.
|
2011-11-14 00:57:54 +00:00
|
|
|
|
2012-12-12 03:04:38 +00:00
|
|
|
Version 3.0
|
|
|
|
- support for DNS resolving through proxy
|
|
|
|
supports SOCKS4, SOCKS5 and HTTP CONNECT proxy servers.
|
|
|
|
Auth-types: socks - "user/pass" , http - "basic".
|
2011-02-25 09:40:11 +00:00
|
|
|
|
|
|
|
When to use it ?
|
|
|
|
1) When the only way to get "outside" from your LAN is through proxy server.
|
|
|
|
2) To get out from behind restrictive firewall which filters outgoing ports.
|
|
|
|
3) To use two (or more) proxies in chain:
|
|
|
|
like: your_host <--> proxy1 <--> proxy2 <--> target_host
|
|
|
|
4) To "proxify" some program with no proxy support built-in (like telnet)
|
|
|
|
5) Access intranet from outside via proxy.
|
2012-12-12 03:04:38 +00:00
|
|
|
6) To use DNS behind proxy.
|
|
|
|
7) To access hidden tor onion services.
|
2011-02-25 09:40:11 +00:00
|
|
|
|
|
|
|
Some cool features:
|
|
|
|
|
|
|
|
* This program can mix different proxy types in the same chain
|
|
|
|
like: your_host <-->socks5 <--> http <--> socks4 <--> target_host
|
|
|
|
* Different chaining options supported
|
|
|
|
random order from the list ( user defined length of chain ).
|
|
|
|
exact order (as they appear in the list )
|
|
|
|
dynamic order (smart exclude dead proxies from chain)
|
2013-02-10 08:54:00 +00:00
|
|
|
* You can use it with most TCP client applications, possibly even network
|
|
|
|
scanners, as long as they use standard libc functionality.
|
|
|
|
pcap based scanning does not work.
|
2011-02-25 09:40:11 +00:00
|
|
|
* You can use it with servers, like squid, sendmail, or whatever.
|
|
|
|
* DNS resolving through proxy.
|
|
|
|
|
2011-11-14 00:57:54 +00:00
|
|
|
|
2011-02-25 09:40:11 +00:00
|
|
|
Configuration:
|
2011-11-14 00:57:54 +00:00
|
|
|
--------------
|
|
|
|
|
2011-02-25 09:40:11 +00:00
|
|
|
proxychains looks for config file in following order:
|
2013-02-10 08:54:00 +00:00
|
|
|
1) file listed in environment variable PROXYCHAINS_CONF_FILE or
|
2011-02-25 15:48:33 +00:00
|
|
|
provided as a -f argument to proxychains script or binary.
|
|
|
|
2) ./proxychains.conf
|
|
|
|
3) $(HOME)/.proxychains/proxychains.conf
|
2013-02-10 08:54:00 +00:00
|
|
|
4) $(sysconfdir)/proxychains.conf **
|
2011-02-25 09:40:11 +00:00
|
|
|
|
2013-02-10 08:54:00 +00:00
|
|
|
** usually /etc/proxychains.conf
|
2011-02-25 09:40:11 +00:00
|
|
|
|
|
|
|
Usage Example:
|
|
|
|
|
2012-07-08 19:44:02 +00:00
|
|
|
$ proxychains telnet targethost.com
|
2011-02-25 09:40:11 +00:00
|
|
|
|
|
|
|
in this example it will run telnet through proxy(or chained proxies)
|
|
|
|
specified by proxychains.conf
|
|
|
|
|
2011-02-25 15:48:33 +00:00
|
|
|
Usage Example:
|
|
|
|
|
2012-07-08 19:44:02 +00:00
|
|
|
$ proxychains -f /etc/proxychains-other.conf targethost2.com
|
2011-02-25 15:48:33 +00:00
|
|
|
|
|
|
|
in this example it will use different configuration file then proxychains.conf
|
|
|
|
to connect to targethost2.com host.
|
|
|
|
|
2011-02-25 09:40:11 +00:00
|
|
|
Usage Example:
|
|
|
|
|
2012-07-08 19:44:02 +00:00
|
|
|
$ proxyresolv targethost.com
|
2011-02-25 09:40:11 +00:00
|
|
|
|
|
|
|
in this example it will resolve targethost.com through proxy(or chained proxies)
|
|
|
|
specified by proxychains.conf
|
|
|
|
|
2013-03-05 12:48:06 +00:00
|
|
|
Community:
|
|
|
|
----------
|
|
|
|
#proxychains on irc.freenode.net
|
|
|
|
|