2.4 设置ProxyChains

ProxyChains是Linux和其他Unices下的代理工具。它可以使任何程序通过代理上网,允许TCP和DNS通过代理隧道,支持HTTP、SOCKS4和SOCKS5类型的代理服务器,并且可配置多个代理。ProxyChains通过一个用户定义的代理列表强制连接指定的应用程序,直接断开接收方和发送方的连接。本节将介绍设置ProxyChains的方法。

设置ProxyChains的具体操作步骤如下所示。

(1)打开ProxyChains配置文件。执行命令如下所示:

root@Kali:~# vi /etc/proxychains.conf

执行以上命令后,打开文件的内容如下所示:

# proxychains.conf VER 3.1
#
# HTTP, SOCKS4, SOCKS5 tunneling proxifier with DNS.
#
# The option below identifies how the ProxyList is treated.
# only one option should be uncommented at time,
# otherwise the last appearing option will be accepted
#
#dynamic_chain
#
# Dynamic - Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# at least one proxy must be online to play in chain
# (dead proxies are skipped)
# otherwise EINTR is returned to the app
#
strict_chain
#
# Strict - Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# all proxies must be online to play in chain
# otherwise EINTR is returned to the app
#
#random_chain
#
# Random - Each connection will be done via random proxy
# (or proxy chain, see chain_len) from the list.
# this option is good to test your IDS :)

输出的信息就是proxychains.conf文件的内容。由于篇幅的原因,这里只列出了部分内容。

(2)将proxychains.conf文件中的dynamic_chain前面的注释符取消。要修改的配置项,是上面加粗的部分,如下所示:

dynamic_chain

(3)添加一些代理服务器到列表(proxychains.conf文件末尾),如下所示:

# ProxyList format 
#       type  host  port [user pass] 
#       (values separated by 'tab' or 'blank') 
# 
# 
#        Examples: 
# 
#               socks5  192.168.67.78   1080    lamer   secret 
#               http    192.168.89.3    8080    justu   hidden 
#               socks4  192.168.1.49    1080 
#               http    192.168.39.93   8080 
# 
# 
#       proxy types: http, socks4, socks5 
#        ( auth types supported: "basic"-http  "user/pass"-socks ) 
# 
[ProxyList] 
# add proxy here ... 
# meanwile 
# defaults set to "tor" 
socks4  127.0.0.1 9050 
socks5  98.206.2.3 1893 
socks5 76.22.86.170 1658 
-- 插入 --

以上信息中加粗的部分为添加的代理服务器。

(4)通过用户的连接代理解析目标主机。执行命令如下所示:

root@kali:~# proxyresolv www.target.com

默认情况下,执行proxyresolv命令,可能看到该命令没找到错误信息。因为proxyresolv保存在/usr/lib/proxychains3/目录中,而不能被执行。proxyresolv会被proxychains调用,所以将这两个文件放在一个目录中,如/usr/bin。执行命令如下所示:

root@kali:~# cp /usr/lib/proxychains3/proxyresolv /usr/bin/

执行完以上命令后,proxyresolv命令就可以执行了。

(5)通过用户想要使用的应用程序运行ProxyChains,例如,启动msfconsole。执行命令如下所示:

root@kali:~# proxychains msfconsole 
ProxyChains-3.1 (http://proxychains.sf.net) 
|DNS-request| 0.0.0.0  
|S-chain|-<>-127.0.0.1:9050-<--timeout 
|DNS-response|: 0.0.0.0 is not exist 
     ,           , 
     /             \ 
   ((__---,,,---__)) 
     (_) O O (_)_________ 
          \ _ /             |\ 
          o_o \   M S F   | \ 
                \   _____  |  * 
                 |||    WW ||| 
                 |||        ||| 

Tired of typing 'set RHOSTS'? Click & pwn with Metasploit Pro 
-- type 'go_pro' to launch it now. 

       =[ metasploit v4.7.0-2013082802 [core:4.7 api:1.0] 
+ -- --=[ 1161 exploits - 641 auxiliary - 180 post 
+ -- --=[ 310 payloads - 30 encoders - 8 nops 

msf >

执行以上命令后,看到msf>提示符表示msfconsole启动成功了。表示ProxyChains设置成功。