[solved] proxy bouncing ?
[solved] proxy bouncing ?
Let's say i have 2 proxies at my command...i want to use both for maximum security, slow as hell but what the fudge (sorry about the fudge Swan)
as in connect like this
me->proxy1->proxy2->server
Could anyone give me a tip about how to do this? (slow writing atm...eating chips )
Edit: found me some answers =)
http://www.governmentsecurity.org/archive/t15127.html
as in connect like this
me->proxy1->proxy2->server
Could anyone give me a tip about how to do this? (slow writing atm...eating chips )
Edit: found me some answers =)
http://www.governmentsecurity.org/archive/t15127.html
http://foxyproxy.mozdev.org/faq.html
It's a Firefox extension called FoxyProxy.
It may not be exactly what you were looking for, but could still be of some use.
It's a Firefox extension called FoxyProxy.
It may not be exactly what you were looking for, but could still be of some use.
About Proxies, tools, and chaining
Proxy chaining is merely connecting to more than one proxy and then to your intended destination. You can use as many proxy servers as you can or want. The more you have, the more anonymous you will be.
NOTE: Only HTTPs and SOCKS proxies support chaining.
--------------------------------------------------------------------------------
HTTP Proxy Chaining
HTTP proxies could be organized into a chain and this will considerably improve your anonymity on the Internet. However, the construction of such chain is related to a number of difficulties. The main difficulty is that for connection into a chain you should use special software. Browsers (and majority of programs) do not allow to create and use chains of proxy-servers. To organize proxies into a chain, it is necessary to organize tunneling of requests: there is created a virtual tunnel, which passes through an HTTP proxy and, using this tunnel, the program can "make a path" through some proxy-servers to a specific web server.
Besides that, in order to carry out tunneling of requests, an HTTP proxy should support SSL (Secure Sockets Layer). This is an additional feature designed for protection of connections from interception and decoding. Except for pure protection, the SSL allows to organize "a virtual tunnel" through a chain of proxy servers. To find out whether a proxy supports a SSL server is quite simple: access using this proxy any site, where set the HTTPS protocol (for example mail server HotMail.com). Make sure that in an address line before a server name there is the https:// prefix and if you could see this page through a proxy server, it means your proxy supports the SSL.
An example of a program, which is capable to create such virtual tunnel, is SocksChain. This program allows to work with any Internet service through a chain of SOCKS or HTTP proxies.
Other example is the HTTPort program. It can organize a chain from not more than 2 proxies, but it has some advantages. It allows creating a port mapping through HTTP proxy.
--------------------------------------------------------------------------------
Connection of various types proxies into a chain
You can unite not only HTTP proxies into a chain. In a chain you can "mix" them with other types of proxy servers - SOCKS and CGI. By the level of its abilities (support of various protocols, transparency in usage etc.) HTTP proxy occupies an intermediate place between SOCKS and CGI proxies. In a chain they also should occupy an intermediate place: after SOCKS proxy (if those are available in a chain) and before CGI proxy (if they present). So, the chains can look like:
SOCKS proxy >>>> HTTP proxy >>>> CGI proxy
SOCKS proxy >>>> HTTP proxy
HTTP proxy >>>> CGI proxy
and cannot look like:
HTTP proxy >>>> SOCKS proxy
CGI proxy >>>> HTTP proxy
===========
Anonymity of HTTP Proxy?
The exchange of information in Internet is made by the "client - server" model. A client sends a request (what files he needs) and a server sends a reply (required files). For close cooperation (full understanding) between a client and a server the client sends additional information about itself: a version and a name of an operating system, configuration of a browser (including its name and version) etc. This information can be necessary for the server in order to know which web-page should be given (open) to the client. There are different variants of web-pages for different configurations of browsers. However, as long as web-pages do not usually depend on browsers, it makes sense to hide this information from the web-server.
What your browser transmits to a web-server:
a name and a version of an operating system;
a name and a version of a browser;
configuration of a browser (display resolution, color depth, java / javascript support, ...);
IP-address of a client;
Other information.
The most important part of such information (and absolutely needless for a web-server) is information about IP-address. Using your IP it is possible to know about you the following:
a country where you are from;
a city;
your provider's name and e-mail;
your physical address.
Information, transmitted by a client to a server is available (accessible) for a server as environment variables. Every information unit is a value of some variable. If any information unit is not transmitted, then corresponding variable will be empty (its value will be undetermined).
These are some environment variables:
REMOTE_ADDR - IP address of a client
HTTP_VIA - if it is not empty, then a proxy is used. Value is an address (or several addresses) of a proxy server, this variable is added by a proxy server itself if you use one.
HTTP_X_FORWARDED, HTTP_X_FORWARDED_FOR, HTTP_CLIENT_IP - if it is not empty, then a proxy is used. Value is a real IP address of a client (your IP), this variable is also added by a proxy server if you use one.
HTTP_ACCEPT_LANGUAGE - what language is used in browser (what language a page should be displayed in)
HTTP_USER_AGENT - so called "a user's agent". For all browsers this is Mozilla. Furthermore, browser's name and version (e.g. MSIE 5.5) and an operating system (e.g. Windows 98) is also mentioned here.
HTTP_HOST - is a web server's name�
This is a small part of environment variables. In fact there are much more of them (DOCUMENT_ROOT, HTTP_ACCEPT_ENCODING, HTTP_CACHE_CONTROL, HTTP_CONNECTION, SERVER_ADDR, SERVER_SOFTWARE, SERVER_PROTOCOL, ...). Their quantity can depend on settings of both a server and a client.
These are examples of variable values:
REMOTE_ADDR = 194.85.1.1
HTTP_ACCEPT_LANGUAGE = ru
HTTP_USER_AGENT = Mozilla/4.0 (compatible; MSIE 5.0; Windows 98)
HTTP_HOST = www.webserver.ru
HTTP_VIA = 194.85.1.1 (Squid/2.4.STABLE7)
HTTP_X_FORWARDED_FOR = 194.115.5.5
Anonymity at work in Internet is determined by what environment variables "hide" from a web-server.
If a proxy server is not used, then environment variables look in the following way:
REMOTE_ADDR = your IP
HTTP_VIA = not determined
HTTP_X_FORWARDED, HTTP_X_FORWARDED_FOR, HTTP_CLIENT_IP = not determined
According to how environment variables "hided" by proxy servers, there are several types of proxies
Transparent Proxies
They do not hide information about your IP address:
REMOTE_ADDR = proxy IP
HTTP_VIA = proxy name or IP
HTTP_X_FORWARDED or HTTP_X_FORWARDED_FOR or HTTP_CLIENT_IP = your IP
The function of such proxy servers is not the improvement of your anonymity in Internet. Their purpose is information cashing, organization of joint access to Internet of several computers, etc.
Anonymous Proxies
All proxy servers, that hide a client's IP address in any way are called anonymous proxies
Simple Anonymous Proxies
These proxy servers do not hide a fact that a proxy is used, however they replace your IP with its own:
REMOTE_ADDR = proxy IP
HTTP_VIA = proxy name or IP
HTTP_X_FORWARDED or HTTP_X_FORWARDED_FOR or HTTP_CLIENT_IP = proxy IP
These proxies are the most widespread among other anonymous proxy servers.
Distorting Proxies
As well as simple anonymous proxy servers these proxies do not hide the fact that a proxy server is used. However a client's IP address (your IP address) is replaced with another (arbitrary, random) IP:
REMOTE_ADDR = proxy IP
HTTP_VIA = proxy name or IP
HTTP_X_FORWARDED or HTTP_X_FORWARDED_FOR or HTTP_CLIENT_IP = random IP address
High Anonymity (Elite) Proxies
These proxy servers are also called "high anonymity proxy". In contrast to other types of anonymity proxy servers they hide a fact of using a proxy:
REMOTE_ADDR = proxy IP
HTTP_VIA = not determined
HTTP_X_FORWARDED and HTTP_X_FORWARDED_FOR and HTTP_CLIENT_IP = not determined
That means that values of variables are the same as if proxy is not used, with the exception of one very important thing - proxy IP is used instead of your IP address.
Summary
Depending on purposes there are transparent and anonymity proxies. However, remember, using proxy servers you hide only your IP from a web-server, but other information (about browser configuration) is accessible!
==============
When sending emails, most email clients to do not support SOCKS for the very reason that they do not want to contribute to the already existing spam epidemic. In this case, there are two options: Use a bulk-mailing tool that supports proxies, including SOCKS, or use a program like SocksChain (http://ufasoft.com) for Windows or Proxychains (www.proxychains.sf.net) for UNIX. This essentially "proxifies" any connection you set so that you can use any networked application through SOCKS. With the Proxychains programming you can also chain your proxies together to set a route and improve your odds against someone tracking you.
==============
Proxy Chaining
Proxy chaining is merely connecting to more than one proxy and then to your intended destination. You can use as many proxy servers as you can or want. The more you have, the more anonymous you will be. Remember, it doesn’t matter how many proxies you chain together, you will never be 100% anonymous. Let’s look at an example…
[User]>>>>>[Proxy1]>>>>>[Proxy2]>>>>>[Proxy3]>>>>>[Destination]
The example shows that for a proxy chain to be created, the user must first connect to Proxy1. Once the user is connected to Proxy1, from Proxy1, the user will connect to Proxy2, from Proxy2, the user will connect to Proxy3, from Proxy3, the user will connect to Proxy4, from Proxy4, the user will then connect to the intended destination (web page, Unix server, ftp server, etc.). All together we have 4 proxies in this example. Each proxy is a link in the chain. If the user would be scanned while on the proxy chain in the example, the IP address or domain of Proxy4 would appear on the scan. Now the problem with proxies is they tend to “die out” in a few weeks or less. It all depends. So if Proxy2 were to cease functioning, the chain wouldn’t work. You would need to get rid of Proxy2 and just use Proxy1, Proxy3, and Proxy4 or find another proxy to take Proxy2’s place. This is why proxy chaining can be a real pain if you are using them just to surf the net. If one dies, you have to figure out which one is the one not working, so you have to go through each one to check them or until you find the one that isn’t working.
Proxy chaining is a necessity if you plan on using proxies to execute a “hack”. If you are attempting to gain unauthorized remote access to any server, whether it is through telnet, ftp, or http, chaining is a must. As I said, you will never be 100% anonymous no matter what you do online so it is possible that you still can be tracked even if u chain proxies. Chaining just makes it a lot hard to track someone. To make it even harder, its best to use foreign proxies because if someone wanted to trace you, they would need to get logs of your use of each proxy from each proxy administrator. This could take quite a while or even never at all if one of the proxy’s, or all for that matter, belong to an admin in a country that isn’t too fond of the country you are located in. The longer it takes for the authorities to subpoena the logs of your usage of a single proxy from that proxy’s administrator, the more chance that the other proxies that you used in the chain will have their logs deleted by the time anyone gets to the server administrators of those proxies. So when attempting to do any kind of “hack”, it’s best to use at least five or six proxies in a chain.
HTTP Chaining
HTTP chaining is basically chaining a proxy server in your browser’s address bar. Example…
http://proxy.magusnet.com/-_-http://www.yahoo.com
Notice how the above proxy and destination (yahoo) are seperated by a (-_-) If you wanted to make a chain out of this you would simply add another proxy ex.
( http://proxy1.com/-_-http://proxy2.com/ ... nation.com)
Another way to use proxys in your address bar is by adding the proxy IP or domain then the port number. Example…
http://anon.free.anonymizer.com:80/http ... google.com
Notice how the above proxy and destination server are seperated this time by a (/) forward slash instead of a (-_-) dash, underscore, dash. To make a chain out of this you would again simply add another proxy ex. ( http://proxy1:80/http://proxy2:80/proxy ... .yahoo.com)
Browser Chaining
To browser chain is fairly easy. I’ll use Internet Explorer as an example since I believe it is the browser that most people have and use. First you need to find the Internet Options. You can do this by either finding the Explorer icon on the desktop, right click on it, then press properties or if you have a browser window already opened if you are online then you can go to Tools (or sometimes its View) and press Internet Options. Now that you have the Internet Options window up you can now go to the Connections tab, then go to the first Settings button (not LAN Settings, the one above it) and click it. Now you should be in the Settings box. Put a check in the box where it says to Use a proxy server. Now if you wanted to surf using one proxy you would merely put the proxy in the Address: space and put the proxy’ s port number in the Port: space. To use a chain here you would put in a proxy along with a “:” colon then the port number followed by a space separting the next proxy then a “:” colon then the port number then a space and so on. The last proxy you add should have its port number placed inside the Port: space. If you did it, then it should look like this exactly…
Address: 213.234.124.23:80 121.172.148.23:80 143.134.54.67 Port: 80
***Notice that each proxy:port is separated by a space and that the last proxy has its port number placed in the Port: space. Do not check the box marked “Bypass proxy server for local addresses”. Press OK when you see that everything is in working order***
Wingates
A wingate is a proxy server that someone installs onto his/her computer which allows for a single or multiple online connection to take place through port 23, the default telnet port. Depending on their security, some wingates will allow anyone online to connect to them and usually stay “alive” or “working” anywhere from a few days to even months. There are people out there that scan for these Wingates and post the computer’s IP number or domain on their website to give anyone online a free list of them to use. You can also scan them yourself by using programs like WinScan.
Chaining Wingates Using Telnet I’m going to assume you already know what telnet is so I will just get right down to it. To chain using telnet, you would first bring up the DOS prompt and type in “telnet” then your wingate. (Since telnet’s default port is 23 and all wingates run on port 23 , the port number is not necessary but I will add it just to show you how you should type any port number out on screen) Example…
C:\WINDOWS>telnet 61.133.119.130 23
So now you have “telnet”, a space, the wingate IP, a space, then the port number 23. Once you are connected to the wingate it should look like this…
Wingate>
Now you would type your next wingate and port number in, then press enter like so…
Wingate> 203.207.173.166 23
You can continue to do this until you connected to as many Wingates as you need. Once you are finished with your wingates you would connect to your destination. Example…
WinGate>arbornet.org
So now the entire picture would look something like this…
C:\Windows> telnet 61.133.119.130 23
Wingate>203.207.173.166 23
Wingate>135.245.18.167 23
Wingate>m-net.arbornet.org
Connecting to host arbornet.org...Connected
Welcome to the Once and Future M-Net
FreeBSD 4.3 (m-net.arbornet.org) (ttypv)
Written by Resolution
Just note that HTTP Chaining (described above) does not works on IE from version 5.5 and above and there is not fix for it!!! *
*so get the older version of MSIE here
http://www.oldversion.com/program.php?n=msie
===========
http://www.proxyblind.org/
http://www.proxyblind.org/free.shtml
NOTE: Only HTTPs and SOCKS proxies support chaining.
--------------------------------------------------------------------------------
HTTP Proxy Chaining
HTTP proxies could be organized into a chain and this will considerably improve your anonymity on the Internet. However, the construction of such chain is related to a number of difficulties. The main difficulty is that for connection into a chain you should use special software. Browsers (and majority of programs) do not allow to create and use chains of proxy-servers. To organize proxies into a chain, it is necessary to organize tunneling of requests: there is created a virtual tunnel, which passes through an HTTP proxy and, using this tunnel, the program can "make a path" through some proxy-servers to a specific web server.
Besides that, in order to carry out tunneling of requests, an HTTP proxy should support SSL (Secure Sockets Layer). This is an additional feature designed for protection of connections from interception and decoding. Except for pure protection, the SSL allows to organize "a virtual tunnel" through a chain of proxy servers. To find out whether a proxy supports a SSL server is quite simple: access using this proxy any site, where set the HTTPS protocol (for example mail server HotMail.com). Make sure that in an address line before a server name there is the https:// prefix and if you could see this page through a proxy server, it means your proxy supports the SSL.
An example of a program, which is capable to create such virtual tunnel, is SocksChain. This program allows to work with any Internet service through a chain of SOCKS or HTTP proxies.
Other example is the HTTPort program. It can organize a chain from not more than 2 proxies, but it has some advantages. It allows creating a port mapping through HTTP proxy.
--------------------------------------------------------------------------------
Connection of various types proxies into a chain
You can unite not only HTTP proxies into a chain. In a chain you can "mix" them with other types of proxy servers - SOCKS and CGI. By the level of its abilities (support of various protocols, transparency in usage etc.) HTTP proxy occupies an intermediate place between SOCKS and CGI proxies. In a chain they also should occupy an intermediate place: after SOCKS proxy (if those are available in a chain) and before CGI proxy (if they present). So, the chains can look like:
SOCKS proxy >>>> HTTP proxy >>>> CGI proxy
SOCKS proxy >>>> HTTP proxy
HTTP proxy >>>> CGI proxy
and cannot look like:
HTTP proxy >>>> SOCKS proxy
CGI proxy >>>> HTTP proxy
===========
Anonymity of HTTP Proxy?
The exchange of information in Internet is made by the "client - server" model. A client sends a request (what files he needs) and a server sends a reply (required files). For close cooperation (full understanding) between a client and a server the client sends additional information about itself: a version and a name of an operating system, configuration of a browser (including its name and version) etc. This information can be necessary for the server in order to know which web-page should be given (open) to the client. There are different variants of web-pages for different configurations of browsers. However, as long as web-pages do not usually depend on browsers, it makes sense to hide this information from the web-server.
What your browser transmits to a web-server:
a name and a version of an operating system;
a name and a version of a browser;
configuration of a browser (display resolution, color depth, java / javascript support, ...);
IP-address of a client;
Other information.
The most important part of such information (and absolutely needless for a web-server) is information about IP-address. Using your IP it is possible to know about you the following:
a country where you are from;
a city;
your provider's name and e-mail;
your physical address.
Information, transmitted by a client to a server is available (accessible) for a server as environment variables. Every information unit is a value of some variable. If any information unit is not transmitted, then corresponding variable will be empty (its value will be undetermined).
These are some environment variables:
REMOTE_ADDR - IP address of a client
HTTP_VIA - if it is not empty, then a proxy is used. Value is an address (or several addresses) of a proxy server, this variable is added by a proxy server itself if you use one.
HTTP_X_FORWARDED, HTTP_X_FORWARDED_FOR, HTTP_CLIENT_IP - if it is not empty, then a proxy is used. Value is a real IP address of a client (your IP), this variable is also added by a proxy server if you use one.
HTTP_ACCEPT_LANGUAGE - what language is used in browser (what language a page should be displayed in)
HTTP_USER_AGENT - so called "a user's agent". For all browsers this is Mozilla. Furthermore, browser's name and version (e.g. MSIE 5.5) and an operating system (e.g. Windows 98) is also mentioned here.
HTTP_HOST - is a web server's name�
This is a small part of environment variables. In fact there are much more of them (DOCUMENT_ROOT, HTTP_ACCEPT_ENCODING, HTTP_CACHE_CONTROL, HTTP_CONNECTION, SERVER_ADDR, SERVER_SOFTWARE, SERVER_PROTOCOL, ...). Their quantity can depend on settings of both a server and a client.
These are examples of variable values:
REMOTE_ADDR = 194.85.1.1
HTTP_ACCEPT_LANGUAGE = ru
HTTP_USER_AGENT = Mozilla/4.0 (compatible; MSIE 5.0; Windows 98)
HTTP_HOST = www.webserver.ru
HTTP_VIA = 194.85.1.1 (Squid/2.4.STABLE7)
HTTP_X_FORWARDED_FOR = 194.115.5.5
Anonymity at work in Internet is determined by what environment variables "hide" from a web-server.
If a proxy server is not used, then environment variables look in the following way:
REMOTE_ADDR = your IP
HTTP_VIA = not determined
HTTP_X_FORWARDED, HTTP_X_FORWARDED_FOR, HTTP_CLIENT_IP = not determined
According to how environment variables "hided" by proxy servers, there are several types of proxies
Transparent Proxies
They do not hide information about your IP address:
REMOTE_ADDR = proxy IP
HTTP_VIA = proxy name or IP
HTTP_X_FORWARDED or HTTP_X_FORWARDED_FOR or HTTP_CLIENT_IP = your IP
The function of such proxy servers is not the improvement of your anonymity in Internet. Their purpose is information cashing, organization of joint access to Internet of several computers, etc.
Anonymous Proxies
All proxy servers, that hide a client's IP address in any way are called anonymous proxies
Simple Anonymous Proxies
These proxy servers do not hide a fact that a proxy is used, however they replace your IP with its own:
REMOTE_ADDR = proxy IP
HTTP_VIA = proxy name or IP
HTTP_X_FORWARDED or HTTP_X_FORWARDED_FOR or HTTP_CLIENT_IP = proxy IP
These proxies are the most widespread among other anonymous proxy servers.
Distorting Proxies
As well as simple anonymous proxy servers these proxies do not hide the fact that a proxy server is used. However a client's IP address (your IP address) is replaced with another (arbitrary, random) IP:
REMOTE_ADDR = proxy IP
HTTP_VIA = proxy name or IP
HTTP_X_FORWARDED or HTTP_X_FORWARDED_FOR or HTTP_CLIENT_IP = random IP address
High Anonymity (Elite) Proxies
These proxy servers are also called "high anonymity proxy". In contrast to other types of anonymity proxy servers they hide a fact of using a proxy:
REMOTE_ADDR = proxy IP
HTTP_VIA = not determined
HTTP_X_FORWARDED and HTTP_X_FORWARDED_FOR and HTTP_CLIENT_IP = not determined
That means that values of variables are the same as if proxy is not used, with the exception of one very important thing - proxy IP is used instead of your IP address.
Summary
Depending on purposes there are transparent and anonymity proxies. However, remember, using proxy servers you hide only your IP from a web-server, but other information (about browser configuration) is accessible!
==============
When sending emails, most email clients to do not support SOCKS for the very reason that they do not want to contribute to the already existing spam epidemic. In this case, there are two options: Use a bulk-mailing tool that supports proxies, including SOCKS, or use a program like SocksChain (http://ufasoft.com) for Windows or Proxychains (www.proxychains.sf.net) for UNIX. This essentially "proxifies" any connection you set so that you can use any networked application through SOCKS. With the Proxychains programming you can also chain your proxies together to set a route and improve your odds against someone tracking you.
==============
Proxy Chaining
Proxy chaining is merely connecting to more than one proxy and then to your intended destination. You can use as many proxy servers as you can or want. The more you have, the more anonymous you will be. Remember, it doesn’t matter how many proxies you chain together, you will never be 100% anonymous. Let’s look at an example…
[User]>>>>>[Proxy1]>>>>>[Proxy2]>>>>>[Proxy3]>>>>>[Destination]
The example shows that for a proxy chain to be created, the user must first connect to Proxy1. Once the user is connected to Proxy1, from Proxy1, the user will connect to Proxy2, from Proxy2, the user will connect to Proxy3, from Proxy3, the user will connect to Proxy4, from Proxy4, the user will then connect to the intended destination (web page, Unix server, ftp server, etc.). All together we have 4 proxies in this example. Each proxy is a link in the chain. If the user would be scanned while on the proxy chain in the example, the IP address or domain of Proxy4 would appear on the scan. Now the problem with proxies is they tend to “die out” in a few weeks or less. It all depends. So if Proxy2 were to cease functioning, the chain wouldn’t work. You would need to get rid of Proxy2 and just use Proxy1, Proxy3, and Proxy4 or find another proxy to take Proxy2’s place. This is why proxy chaining can be a real pain if you are using them just to surf the net. If one dies, you have to figure out which one is the one not working, so you have to go through each one to check them or until you find the one that isn’t working.
Proxy chaining is a necessity if you plan on using proxies to execute a “hack”. If you are attempting to gain unauthorized remote access to any server, whether it is through telnet, ftp, or http, chaining is a must. As I said, you will never be 100% anonymous no matter what you do online so it is possible that you still can be tracked even if u chain proxies. Chaining just makes it a lot hard to track someone. To make it even harder, its best to use foreign proxies because if someone wanted to trace you, they would need to get logs of your use of each proxy from each proxy administrator. This could take quite a while or even never at all if one of the proxy’s, or all for that matter, belong to an admin in a country that isn’t too fond of the country you are located in. The longer it takes for the authorities to subpoena the logs of your usage of a single proxy from that proxy’s administrator, the more chance that the other proxies that you used in the chain will have their logs deleted by the time anyone gets to the server administrators of those proxies. So when attempting to do any kind of “hack”, it’s best to use at least five or six proxies in a chain.
HTTP Chaining
HTTP chaining is basically chaining a proxy server in your browser’s address bar. Example…
http://proxy.magusnet.com/-_-http://www.yahoo.com
Notice how the above proxy and destination (yahoo) are seperated by a (-_-) If you wanted to make a chain out of this you would simply add another proxy ex.
( http://proxy1.com/-_-http://proxy2.com/ ... nation.com)
Another way to use proxys in your address bar is by adding the proxy IP or domain then the port number. Example…
http://anon.free.anonymizer.com:80/http ... google.com
Notice how the above proxy and destination server are seperated this time by a (/) forward slash instead of a (-_-) dash, underscore, dash. To make a chain out of this you would again simply add another proxy ex. ( http://proxy1:80/http://proxy2:80/proxy ... .yahoo.com)
Browser Chaining
To browser chain is fairly easy. I’ll use Internet Explorer as an example since I believe it is the browser that most people have and use. First you need to find the Internet Options. You can do this by either finding the Explorer icon on the desktop, right click on it, then press properties or if you have a browser window already opened if you are online then you can go to Tools (or sometimes its View) and press Internet Options. Now that you have the Internet Options window up you can now go to the Connections tab, then go to the first Settings button (not LAN Settings, the one above it) and click it. Now you should be in the Settings box. Put a check in the box where it says to Use a proxy server. Now if you wanted to surf using one proxy you would merely put the proxy in the Address: space and put the proxy’ s port number in the Port: space. To use a chain here you would put in a proxy along with a “:” colon then the port number followed by a space separting the next proxy then a “:” colon then the port number then a space and so on. The last proxy you add should have its port number placed inside the Port: space. If you did it, then it should look like this exactly…
Address: 213.234.124.23:80 121.172.148.23:80 143.134.54.67 Port: 80
***Notice that each proxy:port is separated by a space and that the last proxy has its port number placed in the Port: space. Do not check the box marked “Bypass proxy server for local addresses”. Press OK when you see that everything is in working order***
Wingates
A wingate is a proxy server that someone installs onto his/her computer which allows for a single or multiple online connection to take place through port 23, the default telnet port. Depending on their security, some wingates will allow anyone online to connect to them and usually stay “alive” or “working” anywhere from a few days to even months. There are people out there that scan for these Wingates and post the computer’s IP number or domain on their website to give anyone online a free list of them to use. You can also scan them yourself by using programs like WinScan.
Chaining Wingates Using Telnet I’m going to assume you already know what telnet is so I will just get right down to it. To chain using telnet, you would first bring up the DOS prompt and type in “telnet” then your wingate. (Since telnet’s default port is 23 and all wingates run on port 23 , the port number is not necessary but I will add it just to show you how you should type any port number out on screen) Example…
C:\WINDOWS>telnet 61.133.119.130 23
So now you have “telnet”, a space, the wingate IP, a space, then the port number 23. Once you are connected to the wingate it should look like this…
Wingate>
Now you would type your next wingate and port number in, then press enter like so…
Wingate> 203.207.173.166 23
You can continue to do this until you connected to as many Wingates as you need. Once you are finished with your wingates you would connect to your destination. Example…
WinGate>arbornet.org
So now the entire picture would look something like this…
C:\Windows> telnet 61.133.119.130 23
Wingate>203.207.173.166 23
Wingate>135.245.18.167 23
Wingate>m-net.arbornet.org
Connecting to host arbornet.org...Connected
Welcome to the Once and Future M-Net
FreeBSD 4.3 (m-net.arbornet.org) (ttypv)
Written by Resolution
Just note that HTTP Chaining (described above) does not works on IE from version 5.5 and above and there is not fix for it!!! *
*so get the older version of MSIE here
http://www.oldversion.com/program.php?n=msie
===========
http://www.proxyblind.org/
http://www.proxyblind.org/free.shtml
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
browser leakage, anonymity part 2
The main key issue here is trying to hide your identity, the IP is not just enough. Your 'fingerprint' left on a server will be not just the IP but your browser leakage, a name and a version of your operating system;
a name and a version of your browser browser, its configuration like display resolution, color depth, java / javascript support, other loaded support. The idea is you want to spoof your browser's fingerprint too
The server needs to know certain browser specs so it can present its pages appropriately. That nfo is collected also so the webmaster can future design the pages for popular browser/OS versions used by its visitors.
An app like Sam Spade (samspade.org) can request pages from a webserver and spoof your HTTP version, your user-agent (browser), and even referrer.
Example:
Your Ip Address: 70.210.48.40 from United States [ Not in Public Proxy List or You surfing behind Anonymous Server]
HTTP_X_FORWARDED: (none) HTTP_VIA: (none) Proxy_Connection: (none) Connection: Keep-Alive Language: en-us
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Referer: (none) Server Protocol: HTTP/1.1 Encoding: gzip, deflate Character: (none) Port: 1985 Request method: GET Browser: Mozilla/5.0 (compatible; Konqueror/3.1; Linux 2.4.22-10mdk; X11; i686; en, en_US)
Now I'll request the page from the site using samspade to spoof me as this:
03/23/08 13:44:04 Browsing http://www.proxyblind.org
Fetching http://www.proxyblind.org/ ...
GET / HTTP/1.1
Host: www.proxyblind.org
Connection: close
Referer: www.whitehouse.gov
User-Agent: Mozilla/4.x (TuringOS; Turing Machine; 0.0)
any other fields were left null so it would show as 'undetermined'
I suppose one of our coders here could write an app to spoof browser leakage
DNR
a name and a version of your browser browser, its configuration like display resolution, color depth, java / javascript support, other loaded support. The idea is you want to spoof your browser's fingerprint too
The server needs to know certain browser specs so it can present its pages appropriately. That nfo is collected also so the webmaster can future design the pages for popular browser/OS versions used by its visitors.
An app like Sam Spade (samspade.org) can request pages from a webserver and spoof your HTTP version, your user-agent (browser), and even referrer.
Example:
Your Ip Address: 70.210.48.40 from United States [ Not in Public Proxy List or You surfing behind Anonymous Server]
HTTP_X_FORWARDED: (none) HTTP_VIA: (none) Proxy_Connection: (none) Connection: Keep-Alive Language: en-us
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, */* Referer: (none) Server Protocol: HTTP/1.1 Encoding: gzip, deflate Character: (none) Port: 1985 Request method: GET Browser: Mozilla/5.0 (compatible; Konqueror/3.1; Linux 2.4.22-10mdk; X11; i686; en, en_US)
Now I'll request the page from the site using samspade to spoof me as this:
03/23/08 13:44:04 Browsing http://www.proxyblind.org
Fetching http://www.proxyblind.org/ ...
GET / HTTP/1.1
Host: www.proxyblind.org
Connection: close
Referer: www.whitehouse.gov
User-Agent: Mozilla/4.x (TuringOS; Turing Machine; 0.0)
any other fields were left null so it would show as 'undetermined'
I suppose one of our coders here could write an app to spoof browser leakage
DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
I made a small page in PHP to play around with the info that the browser sends to the server....
High Anonymity Server gave this...
Anonymous Server gave this....
Transparent Server gave this...
EDIT: might be something wrong with my code ^^ I'll check it in a min and add some stuff to give me accurate results
EDIT2: Added the forwarded values and seems to work, if you have anymore tip on where the IP might be stored then please do tell ^^
This could become a pretty useful anonymity checker script ^^
High Anonymity Server gave this...
Code: Select all
This is info delivered to this site by your browser
IP: 124.217.231.206
Proxy confirm:
Your IP, told by proxy:
Your browser language: en-us,en;q=0.5
Browser version: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.12) Gecko/20080207 Ubuntu/7.10 (gutsy) Firefox/2.0.0.12
Host: www.documentcat.com
HTTP_FORWARDED:
HTTP_X_FORWARDED:
HTTP_X_FORWARDED_FOR:
Code: Select all
This is info delivered to this site by your browser
IP: 222.127.228.6
Proxy confirm:
Your IP, told by proxy:
Your browser language: en-us,en;q=0.5
Browser version: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.12) Gecko/20080207 Ubuntu/7.10 (gutsy) Firefox/2.0.0.12
Host: www.documentcat.com
HTTP_FORWARDED:
HTTP_X_FORWARDED:
HTTP_X_FORWARDED_FOR:
Code: Select all
IP: 41.211.3.243
Proxy confirm: 1.1 TeledataCache (NetCache NetApp/6.0.5)
Your IP, told by proxy:
Your browser language: en-us,en;q=0.5
Browser version: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.12) Gecko/20080207 Ubuntu/7.10 (gutsy) Firefox/2.0.0.12
Host: www.documentcat.com
HTTP_FORWARDED:
HTTP_X_FORWARDED:
HTTP_X_FORWARDED_FOR: 85.30.168.207
EDIT: might be something wrong with my code ^^ I'll check it in a min and add some stuff to give me accurate results
EDIT2: Added the forwarded values and seems to work, if you have anymore tip on where the IP might be stored then please do tell ^^
This could become a pretty useful anonymity checker script ^^
"The best place to hide a tree, is in a forest"
is that a banana or is DNR being a dick again?
Spoof the "Your browser language: en-us,en;q=0.5" to match the country of your proxy IP.
Spoof the "Browser version: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.12) Gecko/20080207 Ubuntu/7.10 (gutsy) Firefox/2.0.0.12"
Thats the actual fingerprint I was talking about, its a OS/browser fingerprint. You can still view webpages if you list a compatible OS/browser. If you actually use Ubuntu/7.1 you don't want to advertise it right? thats a lead to exploitation.. So I would spoof my box to be a MAC OS or Ubuntu, even though I use Windows... Just a stick to throw in the path of someone trying to exploit you...
Spoof the referrer, everyone knows you own documentcat
DNR
Spoof the "Browser version: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.12) Gecko/20080207 Ubuntu/7.10 (gutsy) Firefox/2.0.0.12"
Thats the actual fingerprint I was talking about, its a OS/browser fingerprint. You can still view webpages if you list a compatible OS/browser. If you actually use Ubuntu/7.1 you don't want to advertise it right? thats a lead to exploitation.. So I would spoof my box to be a MAC OS or Ubuntu, even though I use Windows... Just a stick to throw in the path of someone trying to exploit you...
Spoof the referrer, everyone knows you own documentcat
DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
After hours of searching for a good Chinese server i came to the conclusion that China doesn't like Documentcats.
So i used a Japanese proxy instead
High Anonymous Proxy gave this after spoof
Mission accomplished
So i used a Japanese proxy instead
High Anonymous Proxy gave this after spoof
Code: Select all
This is info delivered to this site by your browser
IP: 61.114.101.15
Proxy confirm:
Your IP, told by proxy:
Your browser language: ja
Browser version: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0)
Host: www.documentcat.com
HTTP_FORWARDED:
HTTP_X_FORWARDED:
HTTP_X_FORWARDED_FOR:
REFERER: http://regeringen.se/
Mission accomplished
"The best place to hide a tree, is in a forest"
welcome to the next level
Hey good job!
I feel bad that you had to search quite a while to come up with a few decent proxies, only those that have searched for good proxies know what I (we) mean. Good proxies are not transparent, and of reasonable speeds.
Now, have you found a way to write code for proxy chaining?
DNR
I feel bad that you had to search quite a while to come up with a few decent proxies, only those that have searched for good proxies know what I (we) mean. Good proxies are not transparent, and of reasonable speeds.
Now, have you found a way to write code for proxy chaining?
DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
I don't have the knowledge yet to write anything for this, but i know at least now what i want to do ^^ and i have gotten some more motivation to start reading up more on C++. Just gotta finish this damn project, then i can get to it. Only 19 pages to go! xD
"The best place to hide a tree, is in a forest"
get back to work!
oh thats right you got a 50 page website to complete what the fuck you doin here?
DNR
DNR
-
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.
He gives wisdom to the wise and knowledge to the discerning. He reveals deep and hidden things; he knows what lies in Darkness, and Light dwells with him.