使用和不使用 sudo 的代理链路由不同
编辑:任何想法将不胜感激。我再次遇到这个问题,并且不知道如何解决这个问题。我最初从未解决过这个问题,也无法通过谷歌找到任何答案。
我从代理链中得到了一些非常奇怪的行为,我不确定如何处理和排除故障。当我访问一个盒子时,我使用 -R 进行 ssh 登录,以打开返回到本地计算机的反向隧道。ssh -R 1234 user@host
在此远程主机上,我的代理链配置如下(/etc/proxychains4.conf),
strict_chain
proxy_dns
remote_dns_subnet 224
tcp_read_time_out 15000
tcp_connect_time_out 8000
socks4 127.0.0.1 1234
我有两台机器,BadHost 和 GoodHost。我在这两台主机上使用完全相同的隧道技术。在 GoodHost 上,一切都按预期进行。远程主机上的代理链将流量发送到端口 1234,该端口由 ssh 传送回我的本地计算机,并在本地计算机上连接到互联网。
$ proxychains curl www.example.com
[proxychains] config file found: /etc/proxychains4.conf
[proxychains] preloading /usr/lib/x86_64-linux-gnu/libproxychains.so.4
[proxychains] DLL init: proxychains-ng 4.14
[proxychains] Strict chain ... 127.0.0.1:1234 ... www.example.com:80 ... OK
<!doctype html>
<html>
...
在 BadHost 上,我得到以下结果
$ proxychains curl www.example.com
[proxychains] config file found: /etc/proxychains4.conf
[proxychains] preloading /usr/lib/x86_64-linux-gnu/libproxychains.so.4
[proxychains] DLL init: proxychains-ng 4.14
[proxychains] Strict chain ... 127.0.0.1:1234 ... 159.x.x.7:8080 <--socket error or timeout!
curl: (7) Couldn't connect to server
在两台主机上,nslookup 返回相同的结果
$ nslookup www.example.com
Server: 159.x.x.156
Address: 159.x.x.156#53
Non-authoritative answer:
Name: www.example.com
Address: 93.184.216.34
Name: www.example.com
Address: 2606:2800:220:1:248:1893:25c8:1946
尤其让我感到困惑的是,使用 sudo 似乎可以解决 BadHost 上的问题>
$ sudo proxychains curl www.example.com
[proxychains] config file found: /etc/proxychains4.conf
[proxychains] preloading /usr/lib/x86_64-linux-gnu/libproxychains.so.4
[proxychains] DLL init: proxychains-ng 4.14
[proxychains] Strict chain ... 127.0.0.1:1234 ... www.example.com:80 ... OK
<!doctype html>
<html>
...
BadHost 上的 proxychains ... 和 sudo proxychains ... 都使用相同的配置文件,如我的输出所示...
为什么代理链会路由到这个未知的 IP通过端口 8080 的子网?159.xx7:8080
我该如何解决发生的问题?
EDIT: Any ideas would be appreciated. I am encountering this again and have no direction on how to troubleshoot this. I never solved this originally and have not been able to find any answers via google.
I am getting some very strange behavior from proxychains which I am unsure how to approach and troubleshoot. When I access a box, I ssh in with -R to open a reverse tunnel back out to my local machine.ssh -R 1234 user@host
On this remote host, I have proxychains configured as follows (/etc/proxychains4.conf)
strict_chain
proxy_dns
remote_dns_subnet 224
tcp_read_time_out 15000
tcp_connect_time_out 8000
socks4 127.0.0.1 1234
I have two machines, BadHost and GoodHost. I am using the exact same tunneling technique on both of these hosts. On GoodHost, everything works as expected. Proxychains on the remote host sends traffic to port 1234, which is carried by ssh back to my local machine, where it reaches out to the internet.
$ proxychains curl www.example.com
[proxychains] config file found: /etc/proxychains4.conf
[proxychains] preloading /usr/lib/x86_64-linux-gnu/libproxychains.so.4
[proxychains] DLL init: proxychains-ng 4.14
[proxychains] Strict chain ... 127.0.0.1:1234 ... www.example.com:80 ... OK
<!doctype html>
<html>
...
On BadHost, I get the following
$ proxychains curl www.example.com
[proxychains] config file found: /etc/proxychains4.conf
[proxychains] preloading /usr/lib/x86_64-linux-gnu/libproxychains.so.4
[proxychains] DLL init: proxychains-ng 4.14
[proxychains] Strict chain ... 127.0.0.1:1234 ... 159.x.x.7:8080 <--socket error or timeout!
curl: (7) Couldn't connect to server
On both hosts, nslookup returns the same results
$ nslookup www.example.com
Server: 159.x.x.156
Address: 159.x.x.156#53
Non-authoritative answer:
Name: www.example.com
Address: 93.184.216.34
Name: www.example.com
Address: 2606:2800:220:1:248:1893:25c8:1946
It especially confuses me that using sudo seems to solve the problem on BadHost
$ sudo proxychains curl www.example.com
[proxychains] config file found: /etc/proxychains4.conf
[proxychains] preloading /usr/lib/x86_64-linux-gnu/libproxychains.so.4
[proxychains] DLL init: proxychains-ng 4.14
[proxychains] Strict chain ... 127.0.0.1:1234 ... www.example.com:80 ... OK
<!doctype html>
<html>
...
Both proxychains ... and sudo proxychains ... on BadHost are using the same configuration file, as shown in my outputs...
Why is proxychains routing to this unknown IP on the subnet over port 8080?159.x.x.7:8080
How can I troubleshoot what is happening?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论