2.4 设置ProxyChains
ProxyChains是Linux和其他Unices下的代理工具。它可以使任何程序通过代理上网,允许TCP和DNS通过代理隧道,支持HTTP、SOCKS4和SOCKS5类型的代理服务器,并且可配置多个代理。ProxyChains通过一个用户定义的代理列表强制连接指定的应用程序,直接断开接收方和发送方的连接。本节将介绍设置ProxyChains的方法。
设置ProxyChains的具体操作步骤如下所示。
(1)打开ProxyChains配置文件。执行命令如下所示:
root@Kali:~# vi /etc/proxychains.conf
执行以上命令后,打开文件的内容如下所示:
# proxychains.conf VER 3.1
#
# HTTP, SOCKS4, SOCKS5 tunneling proxifier with DNS.
#
# The option below identifies how the ProxyList is treated.
# only one option should be uncommented at time,
# otherwise the last appearing option will be accepted
#
#dynamic_chain
#
# Dynamic - Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# at least one proxy must be online to play in chain
# (dead proxies are skipped)
# otherwise EINTR is returned to the app
#
strict_chain
#
# Strict - Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# all proxies must be online to play in chain
# otherwise EINTR is returned to the app
#
#random_chain
#
# Random - Each connection will be done via random proxy
# (or proxy chain, see chain_len) from the list.
# this option is good to test your IDS :)
输出的信息就是proxychains.conf文件的内容。由于篇幅的原因,这里只列出了部分内容。
(2)将proxychains.conf文件中的dynamic_chain前面的注释符取消。要修改的配置项,是上面加粗的部分,如下所示:
dynamic_chain
(3)添加一些代理服务器到列表(proxychains.conf文件末尾),如下所示:
# ProxyList format
# type host port [user pass]
# (values separated by 'tab' or 'blank')
#
#
# Examples:
#
# socks5 192.168.67.78 1080 lamer secret
# http 192.168.89.3 8080 justu hidden
# socks4 192.168.1.49 1080
# http 192.168.39.93 8080
#
#
# proxy types: http, socks4, socks5
# ( auth types supported: "basic"-http "user/pass"-socks )
#
[ProxyList]
# add proxy here ...
# meanwile
# defaults set to "tor"
socks4 127.0.0.1 9050
socks5 98.206.2.3 1893
socks5 76.22.86.170 1658
-- 插入 --
以上信息中加粗的部分为添加的代理服务器。
(4)通过用户的连接代理解析目标主机。执行命令如下所示:
root@kali:~# proxyresolv www.target.com
默认情况下,执行proxyresolv命令,可能看到该命令没找到错误信息。因为proxyresolv保存在/usr/lib/proxychains3/目录中,而不能被执行。proxyresolv会被proxychains调用,所以将这两个文件放在一个目录中,如/usr/bin。执行命令如下所示:
root@kali:~# cp /usr/lib/proxychains3/proxyresolv /usr/bin/
执行完以上命令后,proxyresolv命令就可以执行了。
(5)通过用户想要使用的应用程序运行ProxyChains,例如,启动msfconsole。执行命令如下所示:
root@kali:~# proxychains msfconsole
ProxyChains-3.1 (http://proxychains.sf.net)
|DNS-request| 0.0.0.0
|S-chain|-<>-127.0.0.1:9050-<--timeout
|DNS-response|: 0.0.0.0 is not exist
, ,
/ \
((__---,,,---__))
(_) O O (_)_________
\ _ / |\
o_o \ M S F | \
\ _____ | *
||| WW |||
||| |||
Tired of typing 'set RHOSTS'? Click & pwn with Metasploit Pro
-- type 'go_pro' to launch it now.
=[ metasploit v4.7.0-2013082802 [core:4.7 api:1.0]
+ -- --=[ 1161 exploits - 641 auxiliary - 180 post
+ -- --=[ 310 payloads - 30 encoders - 8 nops
msf >
执行以上命令后,看到msf>提示符表示msfconsole启动成功了。表示ProxyChains设置成功。
原文: https://wizardforcel.gitbooks.io/daxueba-kali-linux-tutorial/content/11.html