|
Hi!
thank you for the helpful code you published.
i wanted to ask you a couple of questions:
when i examine the communication between the client and the server
(using ethereal) i dont understand the structure of some packets.
1) when the server replies to the connect command of the client it has
0.0.0.0 as remote address. shouldnt it be the address to which the
client should send the preceding packets?
2) to this the client replies with a packet with the version = 208.
3) then the server replies with a packet with a missing ATYP field.
4) afterwards, when the client sends the server the data, the packets
version field are 0.
is this how socksv5 works? if so - where is the appropriate documentation?
(i looked for it in rfc's 1928,1929)
thanks allot!
avi (avital.steinitz@gmail.com).
|
|
|
|
|
Sir,
- I am doing a project on HTTP Tunnel For a TCP Connection.
- i am able to connect to Server using the Connect method.
But Sir I have not Been able to bypass the Server and connect to another Client.
How Do i create an HTTP Tunnel.
I wawit your reply Sir
Yours Sincerely.
Priyanka
|
|
|
|
|
Hello Priyanka,
Probably your HTTP proxy is configured to allow connections to ports 80 and 443 only.
This is usual practice for security reasons - to not allow using the HTTP tunneling for non-web-browsing purposes.
|
|
|
|
|
I used to successfully browse using this software by setting the configuration as below, and configuring the browser properly, but from past few days I'm unable to do so... here is the error message I'm getting...
----------------------------------------------<br />
S S H P R O X Y<br />
SOCKS Proxy Server -> HTTP SSL tunnel Master<br />
----------------------------------------------<br />
Copyright (c) 1999 D-Bross www.d-bross.com<br />
<br />
Free for non-commercial use.<br />
----------------------------------------------<br />
Params : None<br />
Config File : "config.txt"<br />
"config.txt": EnableLog=<yes/no><br />
"config.txt": SOCKSPort=<PortNumber><br />
"config.txt": UseSHttpProxy=<yes/no><br />
"config.txt": SHttpProxyHost=<hostname/IP><br />
"config.txt": SHttpProxyPort=<PortNumber><br />
----------------------------------------------<br />
USE of SHTTP Proxy Enabled.<br />
SHTTP Proxy Host : proxy.abc.com<br />
SHTTP Proxy Port : 8080<br />
---------------------------------------<br />
Logging : On<br />
---------------------------------------<br />
SOCKS Proxy Port : 1088<br />
---------------------------------------<br />
SOCKS Server Created.<br />
SOCKS Server Started.<br />
SOCKS Server Listen at Port : 1088<br />
Connection from : <localhost/127.0.0.1:3342><br />
Proxy Created.<br />
Proxy Started.<br />
Accepted SOCKS 5 Request.<br />
SOCKS 5 - Accepts Auth. method 'NO_AUTH'<br />
SOCKS 5 - Accepted SOCKS5 Command: "CONNECT"<br />
Connecting...<br />
Connected to <proxy.abc.com/52.139.112.33:8080><br />
Connected to <proxy.abc.com/52.139.112.33:8080><br />
SOCKS 5 - Reply to Client "SUCCESS"<br />
Initiating SSL Tunneling...<br />
SHTTP Proxy Reply : [HTTP/1.1 403 Forbidden<br />
Cache-Control: no-cache<br />
Pragma: no-cache<br />
Content-Type: text/html<br />
Proxy-Connection: close<br />
Connection: close<br />
Content-Length: 725<br />
<br />
<HTML><HEAD><br />
<TITLE>Access Denied</TITLE><br />
</HEAD><br />
<BODY><br />
<FONT face="Helvetica"><br />
<big></big><BR><br />
</FONT><br />
<blockquote><br />
<TABLE border=0 cellPadding=1 width="80%"><br />
<TR><TD><br />
<FONT face="Helvetica"><br />
<big>Access Denied (connect_method_denied)</big><br />
<BR><br />
<BR><br />
</FONT><br />
</TD></TR><br />
<TR><TD><br />
<FONT face="Helvetica"><br />
Your request attempted a CONNECT to a port "80" that is not permitted by default.<br />
</FONT><br />
</TD></TR><br />
<TR><TD><br />
<FONT face="Helvetica"><br />
This is typically caused by an HTTPS URL that uses a port other then the default of 443.<br />
</FONT><br />
</TD></TR><br />
<TR><TD><br />
<FONT face="Helvetica" SIZE=2><br />
<BR><br />
For assistance, contact your network support team.<br />
</FONT><br />
</TD></TR><br />
</TABLE><br />
</blockquote><br />
</FONT><br />
</BODY></HTML>]<br />
ERROR : java.lang.Exception: Error Response from SHTTP Proxy !<br />
java.lang.Exception: Error Response from SHTTP Proxy !<br />
at socksshttp.CProxy.CreateSSLTunnel(CProxy.java)<br />
at socksshttp.CProxy.ProcessRelay(CProxy.java)<br />
at socksshttp.CProxy.run(CProxy.java)<br />
at java.lang.Thread.run(Unknown Source)<br />
Proxy Closed.
Any clue what might be happening???
thanx.
|
|
|
|
|
It seems that the service "HTTP Tunneling" on your proxy were disabled.
|
|
|
|
|
I know this is old but your port configuration is not alligned in working algoritHm with TCP .
Its basic really... You MUST have your SSL and port knowledge down when dealing with customised connection methods such as Tcp. I understand Java script, port connection relays are important for server hosting and defending against an attack like "ddos",
This is why ports relay through another port for advanced cyber security measures while moving connections.
|
|
|
|
|
I do not understand what you are talking about.
This project is SOCKS proxy that relays the TCP requests through HTTP Proxy's SSL tunnels.
The case is if you are in a closed network and only HTTP traffic is allowed, this proxy gives you a chance to connect another software through the HTTP proxy.
In these days, I think nobody uses a HTTP proxy, but everywhere NATs (router) are used.
So, this technology is ancient and I think nobody could use this trick.
|
|
|
|
|
Dear Svetoslav Tchekanov,
I m very thank full to you that you have created this software , I have not yet tested it but assumes that it will work as per my expectation. I m S/W engineer working on some project were i had one big problem I hope that using your s/w i can solve it. Let me describe you the problem if you have any comments and suggestion please let me know i would be glad to here from you and learn many things from you.
Problem Description
I m writing a client/Server s/w client is supposed to be an applet which will make raw socket connection to server but to my best knowledge this will be prevented by proxy if installed on client intranet , I hope that after using you s/w i can solve this problem.
If you any new idea of how to do it please let me know , basically i want my applet to be connected to the server as this applet will be used for conferencing .If I'm going to use URLConnection to a servlet then it will work as simple request/response way and for that it requires new connection , so i cant always get connected to the server.
I would be glad if you would help me solving this problem
I have try to mail you on your email address but the email returned back
Regards
Parana S Joshi
Pranay S Joshi
|
|
|
|
|
Hello Joshsi,
If your applet is going to be used from the web browser, the Java should automatically use proxies to establish connections (if direct connection is not possible).
If you are going to use the applet as a standalone application, you should take care to handle the proxies.
You need to study the SOCKS protocol and HTTP protocol to be able to use the proxies.
Also yuo could learn from the source code of the SSH Proxy.
Best regards,
Svetoslav
|
|
|
|
|
Hello Svetoslav,
I m very much thank full to you for your reply, I have taken your suggestion seriously and will surly go through SOCKS protocol and also from you source code.
Can you tell me how to use ur s/w when i run it it runs on 8888 port as per ur configuration now my question is who how come my application know to connect to internet using your s/w What i mean is how my application will communicate with your s/w. I have found some thing on the net and it is as follows
Client to Sock proxy
field 1: socks version number, 1 byte, must be 0x05 for this version
field 2: command code, 1 byte:-
0x01 = establish a tcp/ip stream connection
0x02 = establish a tcp/ip port binding
0x03 = associate a udp port
field 3: reserved, must be 0x00
field 4: address type, 1 byte:-
0x01 = IP V4 address (address field is 4 bytes long)
0x03 = Domain name (address field is variable)
0x04 = IP V6 address (address field is 16 bytes long)
field 5: destination address, 4/16 bytes or 1+domain name length.
If address type is 0x03 then the address consists of a length byte followed by the domain name.
field 6: network byte order port number, 2 bytes
This means that i should first connect to SOCK Proxy pass this parameter and wait for its response
If I'm wrong please correct me , mean while i will just check it if this works fine.
And another question is can my applet make raw TCP connection to remote server using sock proxy I need to over come firewall.
I would be glad if u give me your valuable suggestions
With Best Regards
Pranay S Joshi
|
|
|
|
|
Hello Joshi,
To use the SSH Proxy from your program you have to:
1. Connect via TCP socket to the SSH Proxy
2. Prepare byte array, containing the SOCKS request (the format you found)
3. Send the request to the SOCKS proxy
4. Read the responso from the proxy
5. Analyze the response
If the response is positive, now you are connected to the destination, just like
you are directly connected (just like raw socket without proxy).
And you can use the TCP socket connection as you like.
I hope I answered the both of your questions.
Note> You can study the SOCKS commands format from the SSH proxy source code.
SOCKS 5 RFC: http://www.faqs.org/rfcs/rfc1928.html
SOCKS 4 RFC: http://socks.permeo.com/protocol/socks4.protocol
Best regards,
Svetoslav
|
|
|
|
|
Hello Svetoslav ,
Thanks for your response I m very much thankfull to you both for your code and your help , I hope i have not troubled you a lot.
with best Regards
Pranay S Joshi
|
|
|
|
|
hello sir...
m lookin 4 a java code...4 a firewall system in college...can socks4 is right one for it...or else can u help me in dis..???
|
|
|
|
|
How to identify the operating system user using java program. please let me know how to get the event viewer events to c the no of times a user has logged on, when he logged off and how many times the user had given the wrong password
Thanks, Vani
|
|
|
|
|
Dear Sir,
u wrote big functions for UDP handling but how can we use applications for UDP.. we tried every streaming application, real player but its not working.. in real player its saying invalid SOCKS version 21...
if possible plz help for UDP handling.. its really urgent.. please
Thanking You
Yours Sinecerely
Pearl
pearl
|
|
|
|
|
Dear Sir,
Thank You very much sir for your answer.I will try to make it for username and password.
These r 3 functionility of SOCKS 5 over SOCKS 4 that is
Authentication
UDP handling
AND IPV6 handling.
Sir please help me to handle UDP packets. actually i m not getting how to show UDP packets. please tell which Application should i use to show UDP handling.
and if anything about to show IPV6 please tell me that also.
Thank you
Yours Sincerely
Pearl
pearl
|
|
|
|
|
Unfortunately I have no idea what application to use to test UDP handling of SSH proxy.
At the past I used an old version of ICQ that worked with SOCKS 5 UDP.
But this ICQ version is no more available.
IPv6 is NOT supported by SSH Proxy.
|
|
|
|
|
Dear Sir.
Sir i m using ur SOCKS PROXY SERVER,its works well for the SOCKS 4 protocol but if we use it for the SOCKS 5 protocol and try to use authentication then its says only NO_AUTH. sir there is no method for the authentication of name/password.
Sir please can u help me to implement authentication feature.
I kindly request you to provide me with the neccesarry code and kindly guide me further as to how i should deal with it.
Thank you
Your Sincerely
Pearl
pearl
|
|
|
|
|
Hello Pearl,
Unfortunately SSH Proxy project is freeware and have some limitations.
It does not support username/password authentication.
But you are free to modify (improve) it yourself.
You can take a look at SOCKS protocol specification.
http://www.socks.nec.com/
|
|
|
|
|
hello Svetoslav Chekanov,
im trying to develop authentication by name/password.
when im trying to send SRE_Accept[] = { (byte)0x05, (byte)0x02 }; to the client, in this case the browser, it doesnt react anything, no popup for username and password field. how do i get that pop up, so that it could send the Cproxy username and password ?
thanks a lot mr.
|
|
|
|
|
Respected Sir,
Thank u for the answer for the previous question... i need one more help. actually i went through the code and understood also but have little doubt related to socket.. how many sockets do we need to create for this.. and what is SHTTPproxyport...? awaiting for your reply..
Thanking You
YOURS SINCERELY
PEARL
PEARL
|
|
|
|
|
SHTTPProxyHost and SHTTPProxyPort are the hostname(IP) and port of the
HTTP proxy you want to use as cascade.
To be used as cascade, the HTTP proxy have to support the command "CONNECT".
In this case the connection will go this way:
[mIRC] ----> [SSH Proxy (as SOCK5)] -----> [HTTPS proxy] -----> [IRC Server]
This way you will be able to make programs running on your PC that
do not support HTTPS proxy, to connec the Internet.
|
|
|
|
|
Respected Sir,
Thank you for your reply, Sir u have declared and used 2 port s_nPort and SHTTPPort i want to know the use of both exactly actually i m little confuse about the concept of socket and port,so please help me to understand the concept of socket.
Thanking you
Yours sincerely
PEARL
pearl
|
|
|
|
|
Respected Sir,
we found ur project very interesting,but v have a problem.That is....
everytime we open any site,it always shows.. "ACCEPTED SOCKS 4 Request"
But we wanna know as to how to use this for "SOCKS 5 " version.Awaiting ur reply sir.
thanking you,
yours sincerely,
pearl
pearl
|
|
|
|
|
Probably you are using Internet Explorer.
IE supports SOCKS 4 only.
Try to use a software that supports SOCKS 5.
For example mIRC or some FTP client.
best regards,
Svetoslav Chekanov
D-Bross
|
|
|
|