socks5 | A toy socks 5 server written in Python | Runtime Evironment library
kandi X-RAY | socks5 Summary
kandi X-RAY | socks5 Summary
A toy socks 5 server written in Python.
Support
Quality
Security
License
Reuse
Top functions reviewed by kandi - BETA
- Handle a new connection
- Verify credentials
- Expiral exchange loop
- Return a list of supported methods
- Generate a failed reply
socks5 Key Features
socks5 Examples and Code Snippets
Community Discussions
Trending Discussions on socks5
QUESTION
I have privoxy configured and working on port 8118. I can forward HTTP and HTTPS traffic when defining the http_proxy and https_proxy variables to point out to the proxy. Examples:
ANSWER
Answered 2022-Apr-02 at 11:45I'm not entirely familiar with how Privoxy works, however I do know how intercepting proxy works on Linux.
HTTP proxies and intercepting proxies work in very different ways. An HTTP proxy get the destination from the first line of the query, which would contain the domain name (e.g. it should be GET http://www.google.com/ HTTP/1.1). For HTTPS, it does an HTTP CONNECT request with the domain:port to connect to (e.g. CONNECT www.google.com:443 HTTP/1.1).
An intercepting proxy get the original destination address from the kernel by doing a getsockopt() with some specific parameters. It has no knowledge of higher level protocol.
In general redirecting with iptables a request to an HTTP proxy does not work because of theses differences. That said, Privoxy seems to have a configuration option accept-intercepted-requests that you can use so it read the target from the Host: HTTP header. With that configuration, it should be able to handle HTTP requests redirected using iptables. As the documentation says, this is not supported for HTTPS. You will need to use some additional software which can do the forwarding to an HTTP proxy, probably much like Proxifier does. I know moproxy can do that. It ought to not be the only one, but I don't know others.
Additional questions:
- Why setting the variables works, and through iptables doesn't?
because HTTP and transparent/intercepting proxy works in different ways. When the variables are present, curl (and other) alter how they send the query, but with iptables, they don't (as they don't know you use a proxy).
- Why do I have to set the https_proxy to point to http://...? Is that privoxy-related?
the http:// in your environment variable is to describe how you connect to the proxy (it could actually be https:// if your proxy had a tls certificate, and it would work with http requests too, though they would be encrypted only from you to the proxy, not from the proxy to the remote server).
- Regarding the comment "HTTPS is not supposed to be used with transparent proxies": So how does Proxifier work on Windows? If that is not transparent a proxy, is there another term for it? Why can't we have something similar on WSL/Linux?
I don't know the specifics of how transparent proxies work on Windows. Assuming it works a lot like Linux, Proxifier probably redirect the request to a local port, get the actual destination, wrap the data in a way it's understood by HTTP/SOCKS proxy and send that to the proxy you told it to use. Maybe the capture part is a bit different (creating a new network interface, ask Windows to send the traffic their, reconstruct the stream from raw tcp packets, wrap the data). This is often called transparent proxy as the client doesn't know a proxy is used, some call it an intercepting proxy instead. And we can have something similar, moproxy is an example (probably not the only one)
QUESTION
I want to set proxies to my crawler. I'm using requests module and Beautiful Soup. I have found a list of API links that provide free proxies with 4 types of protocols.
All proxies with 3/4 protocols work (HTTP, SOCKS4, SOCKS5) except one, and thats proxies with HTTPS protocol. This is my code:
...ANSWER
Answered 2021-Sep-17 at 16:08I did some research on the topic and now I'm confused why you want a proxy for HTTPS.
While it is understandable to want a proxy for HTTP, (HTTP is unencrypted) HTTPS is secure.
Could it be possible your proxy is not connecting because you don't need one?
I am not a proxy expert, so I apologize if I'm putting out something completely stupid.
I don't want to leave you completely empty-handed though. If you are looking for complete privacy, I would suggest a VPN. Both Windscribe and RiseUpVPN are free and encrypt all your data on your computer. (The desktop version, not the browser extension.)
While this is not a fully automated process, it is still very effective.
QUESTION
I've configured shadowsocks system by running ss-server on VPS and ss-local on my client machine. Then I made a simple SOCKS5 client which connects to ss-local and resolve SOCKS request using C. All work well, when I run ss-tunnel instead of ss-local, my SOCKS5 client can't connect to ss-tunnel.
TCP connection terminates as soon as it established. I'm not sure what is the proper reason.
...ANSWER
Answered 2022-Feb-07 at 17:10ss-tunnel establishes a complete tunnel with ss-server, all traffic to ss-tunnel is directly relayed to ss-server without any SOCKS request/resolve processes. After I've removed SOCKS handshake in my client program, it worked properly.
QUESTION
I am trying to implement a Socks5 server that could relay both HTTP and HTTPS traffic.
As the RFC1928 mentions, the following steps to establish a connection and forward the data must be taken :
- Client sends a greeting message to the proxy.
- Client & proxy authentication (assuming it is successful).
- Client sends a request to the proxy to connect to the destination.
- The proxy connects to the destination and sends back a response to the client to indicate a successful open tunnel.
- The proxy reads the data from the client and forwards it to the destination.
- The proxy reads the data from the destination and forwards it to the client.
So far, the proxy works as it should. It is able to relay HTTP traffic using its basic data forwarding mechanism. However, any request from the client to an HTTPS website will be aborted because of SSL/TLS encryption.
Is there another sequence/steps that should be followed to be able to handle SSL/TLS (HTTPS) traffic?
...ANSWER
Answered 2022-Jan-01 at 04:00The sequence you have described is correct, even for HTTPS. When the client wants to send a request to an HTTPS server through a proxy, it will request the proxy to connect to the target server's HTTPS port, and then once the tunnel is established, the client will negotiate a TLS handshake with the target server, then send an (encrypted) HTTP request and receive an (encrypted) HTTP response. The tunnel is just a passthrough of raw bytes, the proxy has no concept of any encryption between the client and server. It doesn't care what the bytes represent, its job is just to pass them along as-is.
QUESTION
When using local forwarding we are free to pick destination port:
ssh -L 8000:10.10.1.11:80 user@192.168.56.102 - 80 is destination port - we explicitly specify which port to forward to.
Take a look at diagram in this article. If I understand correctly, in dynamic forwarding destination port is somewhat implicit (?):
ssh -D 8080 user@192.168.56.102 - 8080 is local host port, but still it somehow forwards to 80 for us.
Questions:
- How SOCKS5 proxy knows which port to forward traffic to?
- Does SOCKS5 proxy somehow sniff destination from the protocol of the traffic it proxies?
- Can that destination port be configured?
- Where is it configured - on my local machine, or remote that does final forwarding for us? Nowhere?
- Is it a predefined fixed set of protocols/ports? Smth like http=80 destination port?
- Any other internal details of forwarding you can add to clarify the picture.
thanks.
PS. Here https://unix.stackexchange.com/questions/213213/difference-between-local-port-forwarding-and-dynamic-port-forwarding#comment401063_213219 i found some hint to what i'm interested in, pity there are no details provided...
...ANSWER
Answered 2021-Dec-31 at 17:54SSH and SOCKS are two completely different and unrelated protocols. But, to answer your questions:
How SOCKS5 proxy knows which port to forward traffic to?
A SOCKS client explicitly tells it where to connect. The destination host/ip and port are input fields in the SOCKS CONNECT command. So, there is no guessing/infering at all.
Does SOCKS5 proxy somehow sniff destination from the protocol of the traffic it proxies?
No. SOCKS is just a tunnel of raw bytes, it has no concept of protocols beyond its own.
Can that destination port be configured?
Not on the proxy itself, no. Since the client decides where to connect, any configuration would be on the client side.
Is it a predefined fixed set of protocols/ports? Smth like http=80 destination port?
No.
Any other internal details of forwarding you can add to clarify the picture.
Read the SOCKS protocol specs.
SOCKS v4: https://www.openssh.com/txt/socks4.protocol
SOCKS v4a: https://www.openssh.com/txt/socks4a.protocol
QUESTION
I want to understand the theory of exposing clients behind NATs via a public server, for example to use the client as a proxy (preferably SOCKS5). It would be ideal to find a ready solution but theory would good enough.
To point out what I mean. The client behind the NAT does not directly listen on TCP. It just opens up a TCP connection to the public server which should expose the client. The SOCKS5 proxy on client behind NAT is not directly exposed so the dialed TCP connection should somehow behave like a TCP listener.
If a client behind NAT connects to a public server, how do other users connect and how should I forward the requests?
I think basically it's the same technique that TeamViewer is using:
"When establishing a session, TeamViewer determines the optimal type of connection. After the handshake through our master servers, a direct connection via UDP or TCP is established in 70% of all cases (even behind standard gateways, NATs and firewalls). The rest of the connections are routed through our highly redundant router network via TCP or https tunneling. You do not have to open any ports in order to work with TeamViewer."
But how exactly?
...ANSWER
Answered 2021-Dec-14 at 23:32To summarize, for a proxy server in golang, you have to
- Create a server that listens to requests with some parameters.
- When a request is received, it will make the request to the desired address.
- Then it will return the response to the original client in the private network.
QUESTION
As socks5 rfc says,
A UDP association terminates when the TCP connection that the UDP ASSOCIATE request arrived on terminates.
I wonder, doesn't "the TCP connection that the UDP ASSOCIATE request arrived on" just terminate when it timeouts? As there is no more data need to be sent in that TCP connection.
Should the client send meaningless data in that TCP connection just to keep it alive while it need the UDP association?
...ANSWER
Answered 2021-Dec-14 at 09:40I wonder, doesn't "the TCP connection that the UDP ASSOCIATE request arrived on" just terminate when it timeouts?
No. The TCP connection is kept alive as a signal that the proxied UDP socket is still valid. Without it, the client has no way of knowing whether the server is still reachable or whether the UDP socket is still allocated.
Similarly, without the TCP connection the server has no other way of knowing whether the client is still connected.
Should the client send meaningless data in that TCP connection just to keep it alive while it need the UDP association?
There's no need to send meaningless data. Just keep the connection alive. TCP has a built-in keepalive mechanism which can be turned on.
Edit: It's worth pointing out that the default TCP keepalive times on both Linux and Windows is fairly long. See this question on ways of tweaking it for specific sockets.
QUESTION
I need to get the proxy from the proxy.txt file:
...ANSWER
Answered 2021-Dec-14 at 07:38Not sure about HTTP proxy or others, but you can use MTPROTO proxy with super ease:
QUESTION
Trying to build an iteration that goes through weblinks in order to extract the integer that is in the p tag that follows the p tag that contains the words "AGGREGATE AMOUNT BENEFICIALLY OWNED BY EACH REPORTING PERSON". The target pages have close enough patterns but are not identical. That AGGREGATE AMOUNT sentence is not formatted identically (sometimes capitalized, sometimes not, and spacing might not be identical). I included 3 examples below on the section I am trying to extract the integer value from.
Below are the steps I am trying to achieve:
1-Iterate through links Some links: https://www.sec.gov/Archives//edgar/data/29669/000119312521353247/d228949dsc13da.htm https://www.sec.gov/Archives//edgar/data/1482018/000119312521353071/d258656dsc13d.htm https://www.sec.gov/Archives//edgar/data/1590854/000119312521353064/d210475dsc13d.htm https://www.sec.gov/Archives//edgar/data/1021944/000119312521353050/d243715dsc13g.htm https://www.sec.gov/Archives//edgar/data/1609492/000119312521353003/d251372dsc13da.htm ...
2-Find p tag that contains partial words "AGGREGATE AMOUNT BENEFICIALLY", which can be small caps , titled, or all caps
Aggregate Amount Beneficially Owned by Each Reporting Person:
3-Once the p tag found, continue to look in the following p tags until we get to the first p tag where the string (if exists), stripped of its commas is an integer (not empty).This can be the immediate p tag that follows, or the one after as in the code below.
10,927,100*
10,927,100 is the number I need, although it needs to be stripped from its commas (I know we can use the code below), but the string needs to be stripped from any other characters that are not numbers as well...
int(shares.replace(',', '')
example1:
...ANSWER
Answered 2021-Dec-11 at 15:07You should be able to adapt this. The pages you're visiting are very plain HTML (no Javascript) so it's very simple and efficient just to process the page in a simple loop.
What happens here is that we look for a p tag with text matching "AGGREGATE AMOUNT BENEFICIALLY OWNED BY EACH REPORTING PERSON" in a case-insensitive manner. If we find that, we set a flag. Then on subsequent iterations of the p tags found by BeautifulSoup, we look for text that is a) not empty and b) contains a sequence of digits (ignoring commas).
And so on...
QUESTION
I'm using boost::asio to handle network communication between my program and remote server. To establish a connection with a server I do the following sequence of operations:
...ANSWER
Answered 2021-Oct-30 at 19:36I went ahead with the finger exercise and implemented socks5.hpp like I did before for socks4: socks4 with asynchronous boost::asio
Without further ado:
Community Discussions, Code Snippets contain sources that include Stack Exchange Network
Vulnerabilities
Install socks5
You can use socks5 like any standard Python library. You will need to make sure that you have a development environment consisting of a Python distribution including header files, a compiler, pip, and git installed. Make sure that your pip, setuptools, and wheel are up to date. When using pip it is generally recommended to install packages in a virtual environment to avoid changes to the system.
Support
Reuse Trending Solutions
Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items
Find more librariesStay Updated
Subscribe to our newsletter for trending solutions and developer bootcamps
Share this Page
