Chaînes de proxy Feuilles de chaleur
Aperçu général
Proxychains est un outil qui force toute connexion TCP faite par une application donnée à suivre à travers des serveurs proxy tels que TOR, SOCKS4, SOCKS5 ou HTTP(CONNECT). Il s'agit d'un outil essentiel pour les testeurs de pénétration et les professionnels de la sécurité qui doivent acheminer le trafic à travers plusieurs serveurs proxy, maintenir l'anonymat, ou contourner les restrictions du réseau. Proxychains prend en charge les configurations de chaîne dynamique, de chaîne stricte et de chaîne aléatoire.
C'est pas vrai. Attention: N'utilisez que les Proxychains dans les environnements que vous possédez ou avez la permission explicite de tester. Une utilisation non autorisée peut violer les conditions de service ou les lois locales.
Installation
Installation du paquet système
# Ubuntu/Debian
sudo apt update
sudo apt install proxychains4
# Alternative package name on some systems
sudo apt install proxychains
# CentOS/RHEL/Fedora
sudo yum install proxychains-ng
# or
sudo dnf install proxychains-ng
# Arch Linux
sudo pacman -S proxychains-ng
# macOS with Homebrew
brew install proxychains-ng
Installation manuelle
# Clone the repository
git clone https://github.com/rofl0r/proxychains-ng.git
cd proxychains-ng
# Configure and compile
./configure --prefix=/usr --sysconfdir=/etc
make
# Install
sudo make install
# Verify installation
proxychains4 --version
```_
### Installation Docker
```bash
# Pull Docker image
docker pull alpine/proxychains
# Run with Docker
docker run --rm -it alpine/proxychains proxychains4 --help
# Create alias for easier usage
echo 'alias proxychains4="docker run --rm -it --network host alpine/proxychains proxychains4"' >> ~/.bashrc
source ~/.bashrc
```_
## Configuration
### Fichier de configuration principal
```bash
# Edit main configuration file
sudo nano /etc/proxychains4.conf
# Or create user-specific configuration
mkdir -p ~/.proxychains
cp /etc/proxychains4.conf ~/.proxychains/proxychains.conf
nano ~/.proxychains/proxychains.conf
Options de configuration de base
# /etc/proxychains4.conf or ~/.proxychains/proxychains.conf
# Proxy DNS requests - no leak for DNS data
proxy_dns
# Some timeouts in milliseconds
tcp_read_time_out 15000
tcp_connect_time_out 8000
# ProxyList format
# type host port [user pass]
# (values separated by 'tab' or 'blank')
#
# Examples:
#
# socks5 192.168.67.78 1080 lamer secret
# http 192.168.89.3 8080 justu hidden
# socks4 192.168.1.49 1080
# http 192.168.39.93 8080
[ProxyList]
# add proxy here ...
# meanwile
# defaults set to "tor"
socks4 127.0.0.1 9050
Types de chaînes
# Dynamic chain (default)
# Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# at least one proxy must be online to play in chain
# (dead proxies are skipped)
dynamic_chain
# Strict chain
# Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# all proxies must be online to play in chain
# otherwise EINTR is returned to the app
#strict_chain
# Random chain
# Each connection will be done via random proxy
# (or proxy chain, see chain_len) from the list
#random_chain
# Make sense only if random_chain is selected
# chain_len = 2
Utilisation de base
Utilisation simple du mandataire
# Basic usage with default configuration
proxychains4 curl http://httpbin.org/ip
# Use specific configuration file
proxychains4 -f /path/to/config.conf curl http://httpbin.org/ip
# Quiet mode (suppress proxychains output)
proxychains4 -q curl http://httpbin.org/ip
# Force DNS resolution through proxy
proxychains4 nslookup google.com
Outils réseau par proxy
# SSH through proxy
proxychains4 ssh user@target.com
# Telnet through proxy
proxychains4 telnet target.com 80
# FTP through proxy
proxychains4 ftp target.com
# Netcat through proxy
proxychains4 nc target.com 80
# Wget through proxy
proxychains4 wget http://target.com/file.txt
# Curl through proxy
proxychains4 curl -v http://target.com
Outils de sécurité par proxy
# Nmap through proxy (TCP connect scan only)
proxychains4 nmap -sT -Pn target.com
# Nikto through proxy
proxychains4 nikto -h http://target.com
# Dirb through proxy
proxychains4 dirb http://target.com
# SQLmap through proxy
proxychains4 sqlmap -u "http://target.com/page.php?id=1"
# Metasploit through proxy
proxychains4 msfconsole
# Hydra through proxy
proxychains4 hydra -l admin -P passwords.txt target.com ssh
Configuration avancée
Chaînes de proxy multiples
# Create configuration for TOR chain
cat > ~/.proxychains/tor.conf << 'EOF'
strict_chain
proxy_dns
tcp_read_time_out 15000
tcp_connect_time_out 8000
[ProxyList]
socks4 127.0.0.1 9050
EOF
# Create configuration for HTTP proxy chain
cat > ~/.proxychains/http.conf << 'EOF'
dynamic_chain
proxy_dns
tcp_read_time_out 15000
tcp_connect_time_out 8000
[ProxyList]
http proxy1.example.com 8080
http proxy2.example.com 3128
EOF
# Create configuration for SOCKS5 chain
cat > ~/.proxychains/socks5.conf ``<< 'EOF'
strict_chain
proxy_dns
tcp_read_time_out 15000
tcp_connect_time_out 8000
[ProxyList]
socks5 proxy.example.com 1080 username password
EOF
# Use specific configurations
proxychains4 -f ~/.proxychains/tor.conf curl http://httpbin.org/ip
proxychains4 -f ~/.proxychains/http.conf wget http://target.com
proxychains4 -f ~/.proxychains/socks5.conf ssh user@target.com
Chaînes de proxy complexes
# Multi-hop proxy configuration
cat >`` ~/.proxychains/multihop.conf << 'EOF'
strict_chain
proxy_dns
tcp_read_time_out 15000
tcp_connect_time_out 8000
[ProxyList]
# First hop - SOCKS4 proxy
socks4 192.168.1.100 1080
# Second hop - HTTP proxy
http 10.0.0.50 8080
# Third hop - SOCKS5 proxy with authentication
socks5 proxy.example.com 1080 user pass
# Final hop - TOR
socks4 127.0.0.1 9050
EOF
# Random chain configuration
cat > ~/.proxychains/random.conf << 'EOF'
random_chain
chain_len = 3
proxy_dns
tcp_read_time_out 15000
tcp_connect_time_out 8000
[ProxyList]
socks4 proxy1.example.com 1080
socks4 proxy2.example.com 1080
socks5 proxy3.example.com 1080
http proxy4.example.com 8080
http proxy5.example.com 3128
socks5 proxy6.example.com 1080 user pass
EOF
Configuration d'authentification
# SOCKS5 with username/password
cat > ~/.proxychains/auth.conf << 'EOF'
strict_chain
proxy_dns
[ProxyList]
socks5 proxy.example.com 1080 myuser mypass
EOF
# HTTP proxy with authentication
cat > ~/.proxychains/http_auth.conf << 'EOF'
dynamic_chain
proxy_dns
[ProxyList]
http proxy.company.com 8080 domain\\username password
EOF
# Mixed authentication types
cat > ~/.proxychains/mixed_auth.conf ``<< 'EOF'
dynamic_chain
proxy_dns
[ProxyList]
socks4 192.168.1.100 1080
socks5 secure.proxy.com 1080 user1 pass1
http web.proxy.com 8080 user2 pass2
EOF
Scénarios d'essais de pénétration
Mise en réseau
# Scenario: Access internal network through compromised host
# 1. Set up SOCKS proxy on compromised host
# On compromised host (192.168.1.100):
ssh -D 1080 -N -f user@localhost
# 2. Configure proxychains to use the SOCKS proxy
cat >`` ~/.proxychains/pivot.conf ``<< 'EOF'
strict_chain
proxy_dns
[ProxyList]
socks4 192.168.1.100 1080
EOF
# 3. Scan internal network through proxy
proxychains4 -f ~/.proxychains/pivot.conf nmap -sT -Pn 10.0.0.0/24
# 4. Access internal services
proxychains4 -f ~/.proxychains/pivot.conf ssh admin@10.0.0.50
proxychains4 -f ~/.proxychains/pivot.conf curl http://10.0.0.100/admin
TOR Utilisation du réseau
# Install and configure TOR
sudo apt install tor
# Start TOR service
sudo systemctl start tor
sudo systemctl enable tor
# Verify TOR is running
sudo netstat -tlnp|grep 9050
# Configure proxychains for TOR
cat >`` ~/.proxychains/tor.conf ``<< 'EOF'
strict_chain
proxy_dns
tcp_read_time_out 15000
tcp_connect_time_out 8000
[ProxyList]
socks4 127.0.0.1 9050
EOF
# Test TOR connection
proxychains4 -f ~/.proxychains/tor.conf curl http://httpbin.org/ip
# Browse .onion sites
proxychains4 -f ~/.proxychains/tor.conf curl http://duckduckgogg42ts72.onion
# Use security tools through TOR
proxychains4 -f ~/.proxychains/tor.conf nmap -sT -Pn target.onion
Bypass réseau d'entreprise
# Scenario: Bypass corporate firewall restrictions
# 1. Set up external SOCKS proxy (on your VPS)
# On VPS (external.server.com):
ssh -D 0.0.0.0:1080 -N user@localhost
# 2. Configure proxychains to use external proxy
cat >`` ~/.proxychains/bypass.conf << 'EOF'
strict_chain
proxy_dns
[ProxyList]
socks4 external.server.com 1080
EOF
# 3. Access blocked sites/services
proxychains4 -f ~/.proxychains/bypass.conf curl https://blocked-site.com
proxychains4 -f ~/.proxychains/bypass.conf git clone https://github.com/user/repo.git
# 4. Tunnel specific applications
proxychains4 -f ~/.proxychains/bypass.conf firefox
proxychains4 -f ~/.proxychains/bypass.conf thunderbird
Scripts d'automatisation
Testeur de chaîne de proxy
#!/bin/bash
# Test proxy chain connectivity
CONFIG_FILE="$1"
TEST_URL="$\\\\{2:-http://httpbin.org/ip\\\\}"
if [ -z "$CONFIG_FILE" ]; then
echo "Usage: $0 <config_file> [test_url]"
exit 1
fi
if [ ! -f "$CONFIG_FILE" ]; then
echo "Error: Configuration file not found: $CONFIG_FILE"
exit 1
fi
echo "[+] Testing proxy chain with config: $CONFIG_FILE"
echo "[+] Test URL: $TEST_URL"
# Test basic connectivity
echo "[+] Testing basic connectivity..."
if proxychains4 -f "$CONFIG_FILE" -q curl -s --connect-timeout 10 "$TEST_URL" >/dev/null; then
echo "✓ Basic connectivity: PASS"
else
echo "✗ Basic connectivity: FAIL"
exit 1
fi
# Test DNS resolution
echo "[+] Testing DNS resolution..."
if proxychains4 -f "$CONFIG_FILE" -q nslookup google.com >/dev/null 2>&1; then
echo "✓ DNS resolution: PASS"
else
echo "✗ DNS resolution: FAIL"
fi
# Test IP detection
echo "[+] Testing IP detection..."
PROXY_IP=$(proxychains4 -f "$CONFIG_FILE" -q curl -s "$TEST_URL"|grep -o '"origin": "[^"]*"'|cut -d'"' -f4)
DIRECT_IP=$(curl -s "$TEST_URL"|grep -o '"origin": "[^"]*"'|cut -d'"' -f4)
echo "Direct IP: $DIRECT_IP"
echo "Proxy IP: $PROXY_IP"
if [ "$PROXY_IP" != "$DIRECT_IP" ]; then
echo "✓ IP masking: PASS"
else
echo "✗ IP masking: FAIL"
fi
# Test performance
echo "[+] Testing performance..."
START_TIME=$(date +%s.%N)
proxychains4 -f "$CONFIG_FILE" -q curl -s "$TEST_URL" >/dev/null
END_TIME=$(date +%s.%N)
RESPONSE_TIME=$(echo "$END_TIME - $START_TIME"|bc)
echo "Response time: $\\\\{RESPONSE_TIME\\\\}s"
if (( $(echo "$RESPONSE_TIME < 30"|bc -l) )); then
echo "✓ Performance: ACCEPTABLE"
else
echo "⚠ Performance: SLOW"
fi
echo "[+] Proxy chain test completed"
Scanner multi-Proxy
#!/bin/bash
# Scan target through multiple proxy configurations
TARGET="$1"
SCAN_TYPE="$\\\\{2:-basic\\\\}"
if [ -z "$TARGET" ]; then
echo "Usage: $0 <target> [scan_type]"
echo "Scan types: basic, full, stealth"
exit 1
fi
PROXY_CONFIGS=(
"/etc/proxychains4.conf"
"$HOME/.proxychains/tor.conf"
"$HOME/.proxychains/http.conf"
"$HOME/.proxychains/socks5.conf"
)
OUTPUT_DIR="multi_proxy_scan_$(date +%Y%m%d_%H%M%S)"
mkdir -p "$OUTPUT_DIR"
echo "[+] Starting multi-proxy scan of: $TARGET"
echo "[+] Scan type: $SCAN_TYPE"
echo "[+] Output directory: $OUTPUT_DIR"
for config in "$\\\\{PROXY_CONFIGS[@]\\\\}"; do
if [ ! -f "$config" ]; then
echo "[-] Skipping missing config: $config"
continue
fi
config_name=$(basename "$config" .conf)
echo "[+] Scanning through: $config_name"
case "$SCAN_TYPE" in
"basic")
proxychains4 -f "$config" -q nmap -sT -Pn -p 80,443,22,21,25 "$TARGET" > "$OUTPUT_DIR/$\\\\{config_name\\\\}_basic.txt" 2>&1
;;
"full")
proxychains4 -f "$config" -q nmap -sT -Pn -p 1-1000 "$TARGET" > "$OUTPUT_DIR/$\\\\{config_name\\\\}_full.txt" 2>&1
;;
"stealth")
proxychains4 -f "$config" -q nmap -sT -Pn -p 80,443 -T2 "$TARGET" > "$OUTPUT_DIR/$\\\\{config_name\\\\}_stealth.txt" 2>&1
;;
esac
# Add delay between scans
sleep 30
done
echo "[+] Multi-proxy scan completed"
echo "[+] Results saved to: $OUTPUT_DIR"
# Generate summary
echo "[+] Generating summary..."
for result_file in "$OUTPUT_DIR"/*.txt; do
if [ -f "$result_file" ]; then
echo "=== $(basename "$result_file") ===" >> "$OUTPUT_DIR/summary.txt"
grep -E "(open|filtered)" "$result_file" >> "$OUTPUT_DIR/summary.txt" 2>/dev/null||echo "No open ports found" >> "$OUTPUT_DIR/summary.txt"
echo "" >> "$OUTPUT_DIR/summary.txt"
fi
done
Constructeur de chaînes mandataires
#!/bin/bash
# Build custom proxy chain configurations
create_config() \\\\{
local name="$1"
local chain_type="$2"
local proxies="$3"
config_file="$HOME/.proxychains/$\\\\{name\\\\}.conf"
cat > "$config_file" << EOF
# Generated proxy configuration: $name
# Created: $(date)
$\\\\{chain_type\\\\}_chain
proxy_dns
tcp_read_time_out 15000
tcp_connect_time_out 8000
[ProxyList]
$proxies
EOF
echo "[+] Created configuration: $config_file"
\\\\}
# TOR configuration
create_config "tor" "strict" "socks4 127.0.0.1 9050"
# Corporate proxy configuration
create_config "corporate" "dynamic" "http proxy.company.com 8080"
# VPN + TOR configuration
create_config "vpn_tor" "strict" "socks5 vpn.server.com 1080
socks4 127.0.0.1 9050"
# Random proxy configuration
cat > "$HOME/.proxychains/random_proxies.conf" << 'EOF'
random_chain
chain_len = 2
proxy_dns
tcp_read_time_out 15000
tcp_connect_time_out 8000
[ProxyList]
socks4 proxy1.example.com 1080
socks4 proxy2.example.com 1080
socks5 proxy3.example.com 1080
http proxy4.example.com 8080
http proxy5.example.com 3128
EOF
echo "[+] Proxy configurations created in ~/.proxychains/"
ls -la "$HOME/.proxychains/"
Intégration avec les outils de sécurité
Intégration des métadonnées
# Configure Metasploit to use proxychains
cat > ~/.proxychains/msf.conf << 'EOF'
strict_chain
proxy_dns
[ProxyList]
socks4 127.0.0.1 9050
EOF
# Start Metasploit through proxy
proxychains4 -f ~/.proxychains/msf.conf msfconsole
# Within Metasploit, set additional proxy options
# msf6 > setg Proxies socks4:127.0.0.1:9050
# msf6 > use exploit/multi/handler
# msf6 exploit(multi/handler) > set payload windows/meterpreter/reverse_tcp
# msf6 exploit(multi/handler) > run
Intégration de Burp Suite
# Configure Burp Suite to work with proxychains
# 1. Start Burp Suite through proxy
proxychains4 -f ~/.proxychains/tor.conf java -jar burpsuite.jar
# 2. Configure Burp to use upstream proxy
# In Burp: User options > Connections > Upstream Proxy Servers
# Add: 127.0.0.1:9050 (SOCKS4)
# 3. Use Burp with proxy chain
# All traffic will go: Browser -> Burp -> Proxychains -> Target
Intégration du navigateur
# Firefox through proxy
proxychains4 -f ~/.proxychains/tor.conf firefox
# Chrome through proxy
proxychains4 -f ~/.proxychains/tor.conf google-chrome
# Chromium through proxy
proxychains4 -f ~/.proxychains/tor.conf chromium-browser
# Configure browser proxy settings script
cat > setup_browser_proxy.sh << 'EOF'
#!/bin/bash
# Setup browser to use SOCKS proxy
PROXY_HOST="127.0.0.1"
PROXY_PORT="9050"
# Firefox profile setup
FIREFOX_PROFILE="$HOME/.mozilla/firefox/proxy_profile"
mkdir -p "$FIREFOX_PROFILE"
cat > "$FIREFOX_PROFILE/user.js" << EOL
user_pref("network.proxy.type", 1);
user_pref("network.proxy.socks", "$PROXY_HOST");
user_pref("network.proxy.socks_port", $PROXY_PORT);
user_pref("network.proxy.socks_version", 4);
user_pref("network.proxy.socks_remote_dns", true);
EOL
echo "Firefox proxy profile created: $FIREFOX_PROFILE"
echo "Start with: firefox -profile $FIREFOX_PROFILE"
EOF
chmod +x setup_browser_proxy.sh
Dépannage
Questions communes
Défauts de connexion
# Test proxy connectivity
proxychains4 -f /path/to/config.conf curl -v http://httpbin.org/ip
# Check proxy server status
nc -zv proxy.server.com 1080
# Test DNS resolution
proxychains4 -f /path/to/config.conf nslookup google.com
# Debug with verbose output
proxychains4 -f /path/to/config.conf -v curl http://httpbin.org/ip
Problèmes de configuration
# Validate configuration syntax
proxychains4 -f /path/to/config.conf echo "test"
# Check for common configuration errors
grep -E "^(strict|dynamic|random)_chain" /path/to/config.conf
grep -E "^\[ProxyList\]" /path/to/config.conf
# Test different chain types
sed 's/strict_chain/dynamic_chain/' config.conf > config_dynamic.conf
proxychains4 -f config_dynamic.conf curl http://httpbin.org/ip
Problèmes de performance
# Increase timeouts
sed -i 's/tcp_read_time_out 15000/tcp_read_time_out 30000/' config.conf
sed -i 's/tcp_connect_time_out 8000/tcp_connect_time_out 15000/' config.conf
# Use dynamic chain instead of strict
sed -i 's/strict_chain/dynamic_chain/' config.conf
# Reduce proxy chain length
sed -i 's/chain_len = 3/chain_len = 2/' config.conf
Questions relatives au DNS
# Disable proxy DNS if causing issues
sed -i 's/proxy_dns/#proxy_dns/' config.conf
# Test DNS resolution manually
proxychains4 -f config.conf dig google.com
proxychains4 -f config.conf host google.com
# Use alternative DNS servers
echo "nameserver 8.8.8.8" > /tmp/resolv.conf
proxychains4 -f config.conf -e /tmp/resolv.conf curl http://httpbin.org/ip
Débogue et exploitation forestière
# Enable debug output
export PROXYCHAINS_DEBUG=1
proxychains4 -f config.conf curl http://httpbin.org/ip
# Log all connections
strace -e trace=connect proxychains4 -f config.conf curl http://httpbin.org/ip
# Monitor network traffic
sudo tcpdump -i any -n host proxy.server.com
# Check system logs
journalctl -f|grep -i proxy
Ressources
- [Répôt de proxychains-ng GitHub] (LINK_7)
- [Projet original de chaînes de proxy] (LINK_7)
- [OR Documentation du projet] (LINK_7)
- Spécification du protocole SOCKS
- [HTP CONNECT Method] (LINK_7)
- [Techniques de pivotement du réseau] (LINK_7)
- [Essais de pénétration avec chaînes de proxy] (LINK_7)
*Cette feuille de triage fournit une référence complète pour l'utilisation de Proxychains pour le tunnelage réseau et la chaîne proxy. Assurez-vous toujours d'avoir une autorisation appropriée avant d'utiliser cet outil dans n'importe quel environnement. *