Comments (8)
thanks, very interesting. could you do a network packet recording (for example with wireshark or tcpdump), once with curl and once with mac settings and share the differences (or the pcap, so i can try to figure it out myself) ?
from microsocks.
I see the difference in first request
curl
Frame 20930: 71 bytes on wire (568 bits), 71 bytes captured (568 bits) on interface 0
Ethernet II, Src: Apple_26:5b:35 (40:6c:8f:26:5b:35), Dst: Routerbo_a5:51:11 (b8:69:f4:a5:51:11)
Internet Protocol Version 4, Src: 172.20.200.95, Dst: x.x.x.x
Transmission Control Protocol, Src Port: 59661, Dst Port: 1080, Seq: 1, Ack: 1, Len: 5
Socks Protocol
Version: 5
Client Authentication Methods
Authentication Method Count: 3
Method[0]: 0 (No authentication)
Method[1]: 1 (GSSAPI)
Method[2]: 2 (Username/Password)
system
Frame 24952: 69 bytes on wire (552 bits), 69 bytes captured (552 bits) on interface 0
Ethernet II, Src: Apple_26:5b:35 (40:6c:8f:26:5b:35), Dst: Routerbo_a5:51:11 (b8:69:f4:a5:51:11)
Internet Protocol Version 4, Src: 172.20.200.95, Dst: x.x.x.x
Transmission Control Protocol, Src Port: 59986, Dst Port: 1080, Seq: 1, Ack: 1, Len: 3
Socks Protocol
Version: 5
Client Authentication Methods
Authentication Method Count: 1
Method[0]: 0 (No authentication)
It's strange, because I see fields for credentials
from microsocks.
When I set the same creds in OS X 10.14.4 settings curl http://icanhazip.com shows real ip
apparently curl doesn't use the systemwide proxy settings of OSX
Method[0]: 0 (No authentication)
If you use chrome with the systemwide socks settings, are there further packets sent to the proxy after the first one you showed here ?
from microsocks.
Next package is response from from microsocks
Frame 2909: 68 bytes on wire (544 bits), 68 bytes captured (544 bits) on interface 0
Ethernet II, Src: Routerbo_a5:51:11 (b8:69:f4:a5:51:11), Dst: Apple_26:5b:35 (40:6c:8f:26:5b:35)
Internet Protocol Version 4, Src: 116.203.148.99, Dst: 172.20.200.95
Transmission Control Protocol, Src Port: 1080, Dst Port: 52393, Seq: 1, Ack: 4, Len: 2
Socks Protocol
Version: 5
Accepted Auth Method: 0xff (no acceptable method)
After that no more communication, so for each attempt I see with socks
filter just two entries
from microsocks.
thanks. i just re-read rfc1928 and the behaviour of microsocks is as specified.
however, you may want to try out the following change
n_methods--;
}
- return AM_INVALID;
+ return AM_USERNAME;
}
from microsocks.
No, authentication doesn't work, because OS X says that the only supported auth method is No authentication
and doesn't send credentials. It seems the only option for me is paid proxifier
from microsocks.
you could use a local tinyproxy running on your localhost, with a socks5 upstream directive pointing to your microsocks proxy
(i've heard that you need to use the branch threads
for mac os x working properly, which is in this PR to tinyproxy)
then configure chromium etc to use the local http proxy
or you simpy use the auth-once parameter to microsocks, and authenticate your ip once via curl on the command line.
from microsocks.
I believe this issue is related to MacOS support for Socks; I am experiencing the same issue and based on my findings, it does not support username/password authentication even though it has fields for username & password. This is the error the server shows when I choose authentication:
socks5: 2024/03/08 21:45:36 [E]: server: failed to authenticate: no supported authentication mechanism
It works well with no authentication set though...
from microsocks.
Related Issues (20)
- Use custom DNS HOT 20
- Can't connect to `0.0.0.0` on client HOT 4
- Connect to server running on the same machine HOT 17
- microsocks-1.0.2-x86_64-static may contain security issues HOT 1
- EC_TTL_EXPIRED error is sent down idle connection, and treated as application-layer traffic by client
- microsocks: not found HOT 1
- Configuration of the Proxy HOT 1
- Blocking some IPs HOT 1
- Any plans to support UDP? HOT 2
- Allow passthrough of TCP/ip headers HOT 1
- a little Suggest. Change release url to https HOT 1
- Any chance of a new release with -q flag added? HOT 2
- Disconnect logging
- Using 443 Port HOT 1
- buffer overflow detected HOT 6
- Bandwidth testing tools HOT 5
- add systemd service file HOT 3
- Trying IPv6 sockets w/ IPv6 being available but down, leads to connection failures HOT 2
- segmentation fault on alpine & docker HOT 6
- Why I keep seeing the help instructions? HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from microsocks.