n1nj4sec / pr0cks-py Goto Github PK

python script setting up a transparent proxy to forward all TCP and DNS traffic through a SOCKS / SOCKS5 or HTTP(CONNECT) proxy using iptables -j REDIRECT target

License: GNU General Public License v3.0

Python 100.00%

pr0cks-py's Introduction

PROJECT DEPRECATED

deprecated in favor of a more efficient golang version available here https://github.com/n1nj4sec/pr0cks

pr0cks

python script to transparently forward all TCP and DNS traffic through a socks (like ssh -D option) or HTTPS (CONNECT) proxy using iptables -j REDIRECT target. Only works on linux for now.

Features :

set up a local transparent proxy compatible with socks4 socks5 and HTTP CONNECT proxies allowing to forward any TCP traffic transparently using iptables
set up a local transparent DNS proxy translating UDP port 53 requests to TCP allowing DNS traffic to go through a proxy without UDP support (like ssh -D option)
DNS caching mechanism to speed up the DNS resolutions through pr0cks

Usage example: let's rock

As an example we will use the socks5 proxy of openssh (the option -D)

$ ssh -D 1080 user@sshserver

then you can add some iptables rules :

$ iptables -t nat -A OUTPUT ! -d <my_ssh_server_IP>/32 -o eth0 -p tcp -m tcp -j REDIRECT --to-ports 10080
$ iptables -t nat -A OUTPUT -o eth0 -p udp -m udp --dport 53 -j REDIRECT --to-ports 1053

then start pr0cks :

$ python pr0cks.py --proxy SOCKS5:127.0.0.1:1080

All your TCP traffic and DNS traffic should now pass through the ssh server kinda like if you had setup a tun VPN through ssh but without admin rights on the server ! #help

python pr0cks.py -h
usage: procks [-h] [--proxy PROXY] [-p PORT] [-v] [--username USERNAME]
              [--password PASSWORD] [--dns-port DNS_PORT]
              [--dns-server DNS_SERVER]

Transparent SOCKS5/SOCKS4/HTTP_CONNECT Proxy

optional arguments:
  -h, --help            show this help message and exit
  --proxy PROXY         proxytype:ip:port to forward our connections through.
                        proxytype can be SOCKS5, SOCKS4 or HTTP
  -p PORT, --port PORT  port to bind the transparent proxy on the local socket
                        (default 10080)
  -v, --verbose         print all the connections requested through the proxy
  --username USERNAME   Username to authenticate with to the server. The
                        default is no authentication.
  --password PASSWORD   Only relevant when a username has been provided
  --dns-port DNS_PORT   dns port to listen on (default 1053)
  --dns-server DNS_SERVER
                        ip:port of the DNS server to forward all DNS requests
                        to using TCP through the proxy (default
                        208.67.222.222:53)

Dependencies

dnslib (https://pypi.python.org/pypi/dnslib) for DNS UDP to TCP translation support
tested with Python 2.7

TODO

support UDP (with socks5)
support proxy chaining

Don't hesitate to send me your feedback or any issue you may find

I hope it will be useful to someone ! Have fun :)

pr0cks-py's People

Contributors

Stargazers

Watchers

Forkers

cicadamikoto fo0nikens johnjohnsp1 torque59 jmigot-tehtris carnal0wnage nonfind yd0str f0r34chb3t4 javaperson bytecod3r evil1-2 zigitax velocitystorm pombredanne helitools ngocngv tudyzhou go-spider fork42541 eniac888 0x6b386f sycam0re tzubal gitcollect b1gw00d security-geeks itamarjp peterdocter witchfindertr diegslva owensa wateroot heeeello johnmnemonik ht13 olivierh59500 cybershieldconsulting touyachrist subinacls n4yk ecore2018 gofullthrottle team-firebugs ncrisler m41doror h0k5 sportsbitenews hadidonk jjqq2013 hackmycontrolsystem patrickanthony ragodev certego r00tarded wolfwhoami seabreg ykankaya hktalent chishubiao cyberjarv xuacker ip-2014 f0829 secretnonempty antonio24 somecat1996 cclauss artnoc1 johndoex1 xiaokanghub add1ct3d linuxl0s3r attackgithub loveisgrief simoncaogit marciopocebon unoffices raystyle marcoxuu adampielak ameg-yag beyondcy coldzoo kirrathmx kokizzu 9ooo sp4h-hash rakhithjk gonzaloamadio ttuanhung ngseecheong zwessels hartl3y94 fdlucifer undetec7able fmode boythx reverse-dusk atlassion

pr0cks-py's Issues

Remote DNS Queries.

Greetings!

SOCKS 5 allows you to resolve domain names via proxy itself. As far as I understood pr0cks uses an OpenDNS server to resolve domain names and only the DNS request itself is being proxified (so that you do not leak an IP address to the DNS server). Is it possible to implement a feature that will allow you to ask pr0cks to resolve the domain names via SOCKS 5 proxy? It seems like the SocksiPy module that is being used in pr0cks had this feature: setdefaultproxy function has an rdns argument (Please correct me if I am wrong). Or is this feature is already implemented in pr0cks but not documented because as I can see the rdns argument is True on default.

Kind Regards,
Arthur

Authentication for HTTP

Hi, pro0cks does not send username/password for HTTP proxy servers. you should send authentication right after CONNECT ... like this :

CONNECT google.com:443 HTTP/1.1
Host: google.com:443
Proxy-Authorization: Basic base64edUsername:Password

I modified socks.py line326 and added my authentication string ...

help please...

i cannot redirect traffic on my pi zero w(((( please it is very impotent for me...

ifconfig

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10
loop txqueuelen 1000 (Local Loopback)
RX packets 4 bytes 444 (444.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 4 bytes 444 (444.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

uap0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.50.1 netmask 255.255.255.0 broadcast 192.168.50.255
ether b8:27:eb:b9:a3:4f txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 30 bytes 4054 (3.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.0.148 netmask 255.255.255.0 broadcast 192.168.0.255
inet6 fe80::ba27:ebff:feb9:a34f prefixlen 64 scopeid 0x20
ether b8:27:eb:b9:a3:4f txqueuelen 1000 (Ethernet)
RX packets 87 bytes 9268 (9.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 132 bytes 20408 (19.9 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

command exe:

ssh -D 1080 [email protected]
iptables -t nat -A OUTPUT ! -d 51.75.221.175/32 -o wlan0 -p tcp -m tcp -j REDIRECT --to-ports 10080
iptables -t nat -A OUTPUT -o wlan0 -p udp -m udp --dport 53 -j REDIRECT --to-ports 1053

iptables-save

Generated by iptables-save v1.6.0 on Tue Aug 6 12:58:17 2019

*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
-A OUTPUT ! -d 51.75.221.175/32 -o wlan0 -p tcp -m tcp -j REDIRECT --to-ports 10080
-A OUTPUT -o wlan0 -p udp -m udp --dport 53 -j REDIRECT --to-ports 1053
-A POSTROUTING -j MASQUERADE
-A POSTROUTING -s 192.168.50.0/24 ! -d 192.168.50.0/24 -j MASQUERADE
COMMIT

Completed on Tue Aug 6 12:58:17 2019

pr0cks
python pr0cks.py --proxy SOCKS5:127.0.0.1:1080 --dns-server 1.1.1.1:853

netstat -antp

tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 468/lighttpd
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 566/dnsmasq
tcp 0 0 192.168.50.1:53 0.0.0.0:* LISTEN 566/dnsmasq
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 453/sshd
tcp 0 0 127.0.0.1:1080 0.0.0.0:* LISTEN 876/ssh
tcp 0 0 127.0.0.1:10080 0.0.0.0:* LISTEN 918/python
tcp 0 0 192.168.0.148:57424 51.75.221.175:22 ESTABLISHED 876/ssh
tcp 0 0 192.168.0.148:22 192.168.0.128:46752 ESTABLISHED 770/sshd: pi [priv]
tcp 0 0 192.168.0.148:22 192.168.0.128:46748 ESTABLISHED 732/sshd: pi [priv]
tcp 0 304 192.168.0.148:22 192.168.0.128:46758 ESTABLISHED 816/sshd: pi [priv]
tcp6 0 0 :::80 :::* LISTEN 468/lighttpd
tcp6 0 0 ::1:53 :::* LISTEN 566/dnsmasq
tcp6 0 0 :::22 :::* LISTEN 453/sshd

crash

Hi,

my setup ubuntu 14.04 LTS x64 (192.168.83.129) with latest pr0cks and dnslib copied to /opt/pr0cks . following the README file and setting up the ssh socks -D (192.168.83.128 and 172.19.4.14) and conf the iptables rules when trying to use local nessus to make a scan on 172.19.4.19 4545tcp it just gives this error.

dnslib is the latest pulled from git "https://github.com/paulchakravarti/dnslib"

any ideas?

Exception happened during processing of request from ('192.168.83.130', 45276)
Traceback (most recent call last):
File "/usr/lib/python2.7/SocketServer.py", line 295, in _handle_request_noblock
self.process_request(request, client_address)
File "/usr/lib/python2.7/SocketServer.py", line 321, in process_request
self.finish_request(request, client_address)
File "/usr/lib/python2.7/SocketServer.py", line 334, in finish_request
self.RequestHandlerClass(request, client_address, self)
File "/usr/lib/python2.7/SocketServer.py", line 649, in init
self.handle()
File "/opt/pr0cks/dnslib/server.py", line 141, in handle
rdata = self.get_reply(data)
File "pr0cks.py", line 79, in get_reply
response = send_tcp(data,host,port)
File "pr0cks.py", line 102, in send_tcp
sock.connect((host,port))
File "/usr/lib/python2.7/socket.py", line 224, in meth
return getattr(self._sock,name)(*args)

error: [Errno 101] Network is unreachable

Is it working only on Linux?

I want to use it on Windows.

But It looks do not working on Windows.