Zum Inhalt

Proxychains Cheat Sheet

generieren

Überblick

Proxychains ist ein Werkzeug, das jede TCP-Verbindung, die von jeder Anwendung hergestellt wird, zwingt, um durch Proxyserver wie TOR, SOCKS4, SOCKS5 oder HTTP(CONNECT)-Proxies zu folgen. Es ist ein wesentliches Werkzeug für Penetrationsprüfer und Sicherheitsexperten, die den Verkehr über mehrere Proxy-Server führen müssen, Anonymität beibehalten oder Netzbeschränkungen umgehen müssen. Proxychains unterstützt dynamische Kette, strenge Kette und zufällige Kettenkonfigurationen.

ZEIT Warning: Verwenden Sie nur Proxychains in Umgebungen, die Sie besitzen oder eine ausdrückliche Erlaubnis zum Testen haben. Unberechtigte Nutzung kann gegen Nutzungsbedingungen oder lokale Gesetze verstoßen.

Installation

Systempaket Installation

```bash

Ubuntu/Debian

sudo apt update sudo apt install proxychains4

Alternative package name on some systems

sudo apt install proxychains

CentOS/RHEL/Fedora

sudo yum install proxychains-ng

or

sudo dnf install proxychains-ng

Arch Linux

sudo pacman -S proxychains-ng

macOS with Homebrew

brew install proxychains-ng ```_

Manuelle Installation

```bash

Clone the repository

git clone https://github.com/rofl0r/proxychains-ng.git cd proxychains-ng

Configure and compile

./configure --prefix=/usr --sysconfdir=/etc make

Install

sudo make install

Verify installation

proxychains4 --version ```_

Docker Installation

```bash

Pull Docker image

docker pull alpine/proxychains

Run with Docker

docker run --rm -it alpine/proxychains proxychains4 --help

Create alias for easier usage

echo 'alias proxychains4="docker run --rm -it --network host alpine/proxychains proxychains4"' >> ~/.bashrc source ~/.bashrc ```_

Konfiguration

Hauptkonfigurationsdatei

```bash

Edit main configuration file

sudo nano /etc/proxychains4.conf

Or create user-specific configuration

mkdir -p ~/.proxychains cp /etc/proxychains4.conf ~/.proxychains/proxychains.conf nano ~/.proxychains/proxychains.conf ```_

Grundkonfigurationsoptionen

```bash

/etc/proxychains4.conf or ~/.proxychains/proxychains.conf

Proxy DNS requests - no leak for DNS data

proxy_dns

Some timeouts in milliseconds

tcp_read_time_out 15000 tcp_connect_time_out 8000

ProxyList format

type host port [user pass]

(values separated by 'tab' or 'blank')

Examples:

socks5 192.168.67.78 1080 lamer secret

http 192.168.89.3 8080 justu hidden

socks4 192.168.1.49 1080

http 192.168.39.93 8080

[ProxyList]

add proxy here ...

meanwile

defaults set to "tor"

socks4 127.0.0.1 9050 ```_

Kettentypen

```bash

Dynamic chain (default)

Each connection will be done via chained proxies

all proxies chained in the order as they appear in the list

at least one proxy must be online to play in chain

(dead proxies are skipped)

dynamic_chain

Strict chain

Each connection will be done via chained proxies

all proxies chained in the order as they appear in the list

all proxies must be online to play in chain

otherwise EINTR is returned to the app

strict_chain

Random chain

Each connection will be done via random proxy

(or proxy chain, see chain_len) from the list

random_chain

Make sense only if random_chain is selected

chain_len = 2

```_

Basisnutzung

Einfache Proxy-Nutzung

```bash

Basic usage with default configuration

proxychains4 curl http://httpbin.org/ip

Use specific configuration file

proxychains4 -f /path/to/config.conf curl http://httpbin.org/ip

Quiet mode (suppress proxychains output)

proxychains4 -q curl http://httpbin.org/ip

Force DNS resolution through proxy

proxychains4 nslookup google.com ```_

Netzwerkwerkzeuge durch Proxy

```bash

SSH through proxy

proxychains4 ssh user@target.com

Telnet through proxy

proxychains4 telnet target.com 80

FTP through proxy

proxychains4 ftp target.com

Netcat through proxy

proxychains4 nc target.com 80

Wget through proxy

proxychains4 wget http://target.com/file.txt

Curl through proxy

proxychains4 curl -v http://target.com ```_

Sicherheitswerkzeuge durch Proxy

```bash

Nmap through proxy (TCP connect scan only)

proxychains4 nmap -sT -Pn target.com

Nikto through proxy

proxychains4 nikto -h http://target.com

Dirb through proxy

proxychains4 dirb http://target.com

SQLmap through proxy

proxychains4 sqlmap -u "http://target.com/page.php?id=1"

Metasploit through proxy

proxychains4 msfconsole

Hydra through proxy

proxychains4 hydra -l admin -P passwords.txt target.com ssh ```_

Erweiterte Konfiguration

Mehrere Proxyketten

```bash

Create configuration for TOR chain

cat > ~/.proxychains/tor.conf << 'EOF' strict_chain proxy_dns tcp_read_time_out 15000 tcp_connect_time_out 8000

[ProxyList] socks4 127.0.0.1 9050 EOF

Create configuration for HTTP proxy chain

cat > ~/.proxychains/http.conf << 'EOF' dynamic_chain proxy_dns tcp_read_time_out 15000 tcp_connect_time_out 8000

[ProxyList] http proxy1.example.com 8080 http proxy2.example.com 3128 EOF

Create configuration for SOCKS5 chain

cat > ~/.proxychains/socks5.conf ``<< 'EOF' strict_chain proxy_dns tcp_read_time_out 15000 tcp_connect_time_out 8000

[ProxyList] socks5 proxy.example.com 1080 username password EOF

Use specific configurations

proxychains4 -f ~/.proxychains/tor.conf curl http://httpbin.org/ip proxychains4 -f ~/.proxychains/http.conf wget http://target.com proxychains4 -f ~/.proxychains/socks5.conf ssh user@target.com ```_

Komplexe Proxyketten

```bash

Multi-hop proxy configuration

cat >`` ~/.proxychains/multihop.conf << 'EOF' strict_chain proxy_dns tcp_read_time_out 15000 tcp_connect_time_out 8000

[ProxyList]

First hop - SOCKS4 proxy

socks4 192.168.1.100 1080

Second hop - HTTP proxy

http 10.0.0.50 8080

Third hop - SOCKS5 proxy with authentication

socks5 proxy.example.com 1080 user pass

Final hop - TOR

socks4 127.0.0.1 9050 EOF

Random chain configuration

cat > ~/.proxychains/random.conf << 'EOF' random_chain chain_len = 3 proxy_dns tcp_read_time_out 15000 tcp_connect_time_out 8000

[ProxyList] socks4 proxy1.example.com 1080 socks4 proxy2.example.com 1080 socks5 proxy3.example.com 1080 http proxy4.example.com 8080 http proxy5.example.com 3128 socks5 proxy6.example.com 1080 user pass EOF ```_

Authentication Konfiguration

```bash

SOCKS5 with username/password

cat > ~/.proxychains/auth.conf << 'EOF' strict_chain proxy_dns

[ProxyList] socks5 proxy.example.com 1080 myuser mypass EOF

HTTP proxy with authentication

cat > ~/.proxychains/http_auth.conf << 'EOF' dynamic_chain proxy_dns

[ProxyList] http proxy.company.com 8080 domain\username password EOF

Mixed authentication types

cat > ~/.proxychains/mixed_auth.conf ``<< 'EOF' dynamic_chain proxy_dns

[ProxyList] socks4 192.168.1.100 1080 socks5 secure.proxy.com 1080 user1 pass1 http web.proxy.com 8080 user2 pass2 EOF ```_

Penetration Testing Scenarios

Network Pivoting

```bash

Scenario: Access internal network through compromised host

1. Set up SOCKS proxy on compromised host

On compromised host (192.168.1.100):

ssh -D 1080 -N -f user@localhost

2. Configure proxychains to use the SOCKS proxy

cat >~/.proxychains/pivot.conf<< 'EOF' strict_chain proxy_dns

[ProxyList] socks4 192.168.1.100 1080 EOF

3. Scan internal network through proxy

proxychains4 -f ~/.proxychains/pivot.conf nmap -sT -Pn 10.0.0.0/24

4. Access internal services

proxychains4 -f ~/.proxychains/pivot.conf ssh admin@10.0.0.50 proxychains4 -f ~/.proxychains/pivot.conf curl http://10.0.0.100/admin ```_

TOR Netzwerknutzung

```bash

Install and configure TOR

sudo apt install tor

Start TOR service

sudo systemctl start tor sudo systemctl enable tor

Verify TOR is running

sudo netstat -tlnp|grep 9050

Configure proxychains for TOR

cat >~/.proxychains/tor.conf<< 'EOF' strict_chain proxy_dns tcp_read_time_out 15000 tcp_connect_time_out 8000

[ProxyList] socks4 127.0.0.1 9050 EOF

Test TOR connection

proxychains4 -f ~/.proxychains/tor.conf curl http://httpbin.org/ip

Browse .onion sites

proxychains4 -f ~/.proxychains/tor.conf curl http://duckduckgogg42ts72.onion

Use security tools through TOR

proxychains4 -f ~/.proxychains/tor.conf nmap -sT -Pn target.onion ```_

Unternehmensnetzwerk Bypass

```bash

Scenario: Bypass corporate firewall restrictions

1. Set up external SOCKS proxy (on your VPS)

On VPS (external.server.com):

ssh -D 0.0.0.0:1080 -N user@localhost

2. Configure proxychains to use external proxy

cat >`` ~/.proxychains/bypass.conf << 'EOF' strict_chain proxy_dns

[ProxyList] socks4 external.server.com 1080 EOF

3. Access blocked sites/services

proxychains4 -f ~/.proxychains/bypass.conf curl https://blocked-site.com proxychains4 -f ~/.proxychains/bypass.conf git clone https://github.com/user/repo.git

4. Tunnel specific applications

proxychains4 -f ~/.proxychains/bypass.conf firefox proxychains4 -f ~/.proxychains/bypass.conf thunderbird ```_

Automatisierungsskripte

Proxy Kettenprüfer

```bash

!/bin/bash

Test proxy chain connectivity

CONFIG_FILE="$1" TEST_URL="$\\{2:-http://httpbin.org/ip\\}"

if [ -z "$CONFIG_FILE" ]; then echo "Usage: $0 [test_url]" exit 1 fi

if [ ! -f "$CONFIG_FILE" ]; then echo "Error: Configuration file not found: $CONFIG_FILE" exit 1 fi

echo "[+] Testing proxy chain with config: $CONFIG_FILE" echo "[+] Test URL: $TEST_URL"

Test basic connectivity

echo "[+] Testing basic connectivity..." if proxychains4 -f "$CONFIG_FILE" -q curl -s --connect-timeout 10 "$TEST_URL" >/dev/null; then echo "✓ Basic connectivity: PASS" else echo "✗ Basic connectivity: FAIL" exit 1 fi

Test DNS resolution

echo "[+] Testing DNS resolution..." if proxychains4 -f "$CONFIG_FILE" -q nslookup google.com >/dev/null 2>&1; then echo "✓ DNS resolution: PASS" else echo "✗ DNS resolution: FAIL" fi

Test IP detection

echo "[+] Testing IP detection..." | PROXY_IP=$(proxychains4 -f "$CONFIG_FILE" -q curl -s "$TEST_URL" | grep -o '"origin": "[^"]"' | cut -d'"' -f4) | | DIRECT_IP=$(curl -s "$TEST_URL" | grep -o '"origin": "[^"]"' | cut -d'"' -f4) |

echo "Direct IP: $DIRECT_IP" echo "Proxy IP: $PROXY_IP"

if [ "$PROXY_IP" != "$DIRECT_IP" ]; then echo "✓ IP masking: PASS" else echo "✗ IP masking: FAIL" fi

Test performance

echo "[+] Testing performance..." START_TIME=$(date +%s.%N) proxychains4 -f "$CONFIG_FILE" -q curl -s "$TEST_URL" >/dev/null END_TIME=$(date +%s.%N) RESPONSE_TIME=$(echo "$END_TIME - $START_TIME"|bc)

echo "Response time: $\\{RESPONSE_TIME\\}s"

if (( $(echo "$RESPONSE_TIME < 30"|bc -l) )); then echo "✓ Performance: ACCEPTABLE" else echo "⚠ Performance: SLOW" fi

echo "[+] Proxy chain test completed" ```_

Multi-Proxy Scanner

```bash

!/bin/bash

Scan target through multiple proxy configurations

TARGET="$1" SCAN_TYPE="$\\{2:-basic\\}"

if [ -z "$TARGET" ]; then echo "Usage: $0 [scan_type]" echo "Scan types: basic, full, stealth" exit 1 fi

PROXY_CONFIGS=( "/etc/proxychains4.conf" "$HOME/.proxychains/tor.conf" "$HOME/.proxychains/http.conf" "$HOME/.proxychains/socks5.conf" )

OUTPUT_DIR="multi_proxy_scan_$(date +%Y%m%d_%H%M%S)" mkdir -p "$OUTPUT_DIR"

echo "[+] Starting multi-proxy scan of: $TARGET" echo "[+] Scan type: $SCAN_TYPE" echo "[+] Output directory: $OUTPUT_DIR"

for config in "$\\{PROXY_CONFIGS[@]\\}"; do if [ ! -f "$config" ]; then echo "[-] Skipping missing config: $config" continue fi

config_name=$(basename "$config" .conf)
echo "[+] Scanning through: $config_name"

case "$SCAN_TYPE" in
    "basic")
        proxychains4 -f "$config" -q nmap -sT -Pn -p 80,443,22,21,25 "$TARGET" > "$OUTPUT_DIR/$\\\\{config_name\\\\}_basic.txt" 2>&1
        ;;
    "full")
        proxychains4 -f "$config" -q nmap -sT -Pn -p 1-1000 "$TARGET" > "$OUTPUT_DIR/$\\\\{config_name\\\\}_full.txt" 2>&1
        ;;
    "stealth")
        proxychains4 -f "$config" -q nmap -sT -Pn -p 80,443 -T2 "$TARGET" > "$OUTPUT_DIR/$\\\\{config_name\\\\}_stealth.txt" 2>&1
        ;;
esac

# Add delay between scans
sleep 30

done

echo "[+] Multi-proxy scan completed" echo "[+] Results saved to: $OUTPUT_DIR"

Generate summary

echo "[+] Generating summary..." for result_file in "$OUTPUT_DIR"/*.txt; do if [ -f "$result_file" ]; then echo "=== $(basename "$result_file") ===" >> "$OUTPUT_DIR/summary.txt" | grep -E "(open | filtered)" "$result_file" >> "$OUTPUT_DIR/summary.txt" 2>/dev/null | | echo "No open ports found" >> "$OUTPUT_DIR/summary.txt" | echo "" >> "$OUTPUT_DIR/summary.txt" fi done ```_

Proxy Kettenbau

```bash

!/bin/bash

Build custom proxy chain configurations

create_config() \\{ local name="$1" local chain_type="$2" local proxies="$3"

config_file="$HOME/.proxychains/$\\\\{name\\\\}.conf"

cat > "$config_file" << EOF

Generated proxy configuration: $name

Created: $(date)

$\\{chain_type\\}_chain proxy_dns tcp_read_time_out 15000 tcp_connect_time_out 8000

[ProxyList] $proxies EOF

echo "[+] Created configuration: $config_file"

\\}

TOR configuration

create_config "tor" "strict" "socks4 127.0.0.1 9050"

Corporate proxy configuration

create_config "corporate" "dynamic" "http proxy.company.com 8080"

VPN + TOR configuration

create_config "vpn_tor" "strict" "socks5 vpn.server.com 1080 socks4 127.0.0.1 9050"

Random proxy configuration

cat > "$HOME/.proxychains/random_proxies.conf" << 'EOF' random_chain chain_len = 2 proxy_dns tcp_read_time_out 15000 tcp_connect_time_out 8000

[ProxyList] socks4 proxy1.example.com 1080 socks4 proxy2.example.com 1080 socks5 proxy3.example.com 1080 http proxy4.example.com 8080 http proxy5.example.com 3128 EOF

echo "[+] Proxy configurations created in ~/.proxychains/" ls -la "$HOME/.proxychains/" ```_

Integration von Sicherheitswerkzeugen

Metasploit Integration

```bash

Configure Metasploit to use proxychains

cat > ~/.proxychains/msf.conf << 'EOF' strict_chain proxy_dns

[ProxyList] socks4 127.0.0.1 9050 EOF

Start Metasploit through proxy

proxychains4 -f ~/.proxychains/msf.conf msfconsole

Within Metasploit, set additional proxy options

msf6 > setg Proxies socks4:127.0.0.1:9050

msf6 > use exploit/multi/handler

msf6 exploit(multi/handler) > set payload windows/meterpreter/reverse_tcp

msf6 exploit(multi/handler) > run

```_

Integration von Burp Suite

```bash

Configure Burp Suite to work with proxychains

1. Start Burp Suite through proxy

proxychains4 -f ~/.proxychains/tor.conf java -jar burpsuite.jar

2. Configure Burp to use upstream proxy

In Burp: User options > Connections > Upstream Proxy Servers

Add: 127.0.0.1:9050 (SOCKS4)

3. Use Burp with proxy chain

All traffic will go: Browser -> Burp -> Proxychains -> Target

```_

Browser Integration

```bash

Firefox through proxy

proxychains4 -f ~/.proxychains/tor.conf firefox

Chrome through proxy

proxychains4 -f ~/.proxychains/tor.conf google-chrome

Chromium through proxy

proxychains4 -f ~/.proxychains/tor.conf chromium-browser

Configure browser proxy settings script

cat > setup_browser_proxy.sh << 'EOF'

!/bin/bash

Setup browser to use SOCKS proxy

PROXY_HOST="127.0.0.1" PROXY_PORT="9050"

Firefox profile setup

FIREFOX_PROFILE="$HOME/.mozilla/firefox/proxy_profile" mkdir -p "$FIREFOX_PROFILE"

cat > "$FIREFOX_PROFILE/user.js" << EOL user_pref("network.proxy.type", 1); user_pref("network.proxy.socks", "$PROXY_HOST"); user_pref("network.proxy.socks_port", $PROXY_PORT); user_pref("network.proxy.socks_version", 4); user_pref("network.proxy.socks_remote_dns", true); EOL

echo "Firefox proxy profile created: $FIREFOX_PROFILE" echo "Start with: firefox -profile $FIREFOX_PROFILE" EOF

chmod +x setup_browser_proxy.sh ```_

Fehlerbehebung

Gemeinsame Themen

Verbindungsstörungen

```bash

Test proxy connectivity

proxychains4 -f /path/to/config.conf curl -v http://httpbin.org/ip

Check proxy server status

nc -zv proxy.server.com 1080

Test DNS resolution

proxychains4 -f /path/to/config.conf nslookup google.com

Debug with verbose output

proxychains4 -f /path/to/config.conf -v curl http://httpbin.org/ip ```_

Konfigurationsprobleme

```bash

Validate configuration syntax

proxychains4 -f /path/to/config.conf echo "test"

Check for common configuration errors

| grep -E "^(strict | dynamic | random)_chain" /path/to/config.conf | grep -E "^[ProxyList]" /path/to/config.conf

Test different chain types

sed 's/strict_chain/dynamic_chain/' config.conf > config_dynamic.conf proxychains4 -f config_dynamic.conf curl http://httpbin.org/ip ```_

Leistungsfragen

```bash

Increase timeouts

sed -i 's/tcp_read_time_out 15000/tcp_read_time_out 30000/' config.conf sed -i 's/tcp_connect_time_out 8000/tcp_connect_time_out 15000/' config.conf

Use dynamic chain instead of strict

sed -i 's/strict_chain/dynamic_chain/' config.conf

Reduce proxy chain length

sed -i 's/chain_len = 3/chain_len = 2/' config.conf ```_

DNS-Ausgaben

```bash

Disable proxy DNS if causing issues

sed -i 's/proxy_dns/#proxy_dns/' config.conf

Test DNS resolution manually

proxychains4 -f config.conf dig google.com proxychains4 -f config.conf host google.com

Use alternative DNS servers

echo "nameserver 8.8.8.8" > /tmp/resolv.conf proxychains4 -f config.conf -e /tmp/resolv.conf curl http://httpbin.org/ip ```_

Debugging und Logging

```bash

Enable debug output

export PROXYCHAINS_DEBUG=1 proxychains4 -f config.conf curl http://httpbin.org/ip

Log all connections

strace -e trace=connect proxychains4 -f config.conf curl http://httpbin.org/ip

Monitor network traffic

sudo tcpdump -i any -n host proxy.server.com

Check system logs

journalctl -f|grep -i proxy ```_

Ressourcen

--

*Dieses Betrügereiblatt bietet eine umfassende Referenz für die Verwendung von Proxychains für Netzwerktunnel und Proxyketten. Stellen Sie immer sicher, dass Sie eine richtige Berechtigung haben, bevor Sie dieses Tool in jeder Umgebung verwenden. *