Kali设置代理
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Kali设置代理相关的知识,希望对你有一定的参考价值。
ProxyChains是Linux和其他Unices下的代理工具。它可以使任何程序通过代理上网,允许TCP和DNS通过代理隧道,支持HTTP、SOCKS4和SOCKS5类型的代理服务器,并且可配置多个代理。ProxyChains通过一个用户定义的代理列表强制连接指定的应用程序,直接断开接收方和发送方的连接。本节将介绍设置ProxyChains的方法。
设置ProxyChains的具体操作步骤如下所示。
1、打开ProxyChains配置文件。执行命令如下所示:
[email protected]:~# vi /etc/proxychains.conf
执行以上命令后,打开文件的内容如下所示:
# proxychains.conf VER 3.1
#
# HTTP, SOCKS4, SOCKS5 tunneling proxifier with DNS.
#
# The option below identifies how the ProxyList is treated.
# only one option should be uncommented at time,
# otherwise the last appearing option will be accepted
#
# dynamic_chain
#
# Dynamic - Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# at least one proxy must be online to play in chain
# (dead proxies are skipped)
# otherwise EINTR is returned to the app
#
# strict_chain
#
# Strict - Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# all proxies must be online to play in chain
# otherwise EINTR is returned to the app
#
random_chain
#
# Random - Each connection will be done via random proxy
# (or proxy chain, see chain_len) from the list.
# this option is good to test your IDS :)
# Make sense only if random_chain
chain_len = 2
# Quiet mode (no output from library)
#quiet_mode
# Proxy DNS requests - no leak for DNS data
proxy_dns
# Some timeouts in milliseconds
tcp_read_time_out 15000
tcp_connect_time_out 8000
简要说明:可以使用HTTP, SOCKS4, SOCKS5类型的代理,经尝试,HTTP代理好像不太好,我用的是SOCKS4和SOCKS5,可能是我没有找到好的HTTP代理,大家也可以多尝试。
可以使用如下选项,但只有一个生效,即最后一个没有被注释掉的选项,可以注释掉其他不用的选项。
dynamic_chain: proxy list中至少出现一个。
strict_chain:proxy list全部出现。
random_chain:从proxy list中随机选择chain_len个代理。
2、添加一些代理服务器到列表(proxychains.conf文件末尾),如下所示:
# ProxyList format
# type host port [user pass]
# (values separated by ‘tab‘ or ‘blank‘)
#
#
# Examples:
#
# socks5 192.168.67.78 1080 lamer secret
# http 192.168.89.3 8080 justu hidden
# socks4 192.168.1.49 1080
# http 192.168.39.93 8080
#
#
# proxy types: http, socks4, socks5
# ( auth types supported: "basic"-http "user/pass"-socks )
#
[ProxyList]
# add proxy here ...
# meanwile
# defaults set to "tor"
# socks4 127.0.0.1 9050
# socks5 61.129.70.109 1080
socks4 182.92.225.79 1080
socks4 61.177.248.202 1080
socks4 182.92.255.** 1080
socks4 218.241.238.*** 1080
可以照给出的例子添加代理,代理就自己上网搜吧!
3、通过用户的连接代理解析目标主机。
默认情况下,执行proxyresolv命令,可能看到该命令没找到错误信息。因为proxyresolv保存在/usr/lib/proxychains3/目录中,而不能被执行。proxyresolv会被proxychains调用,所以将这两个文件放在一个目录中,如/usr/bin。执行命令如下所示:
[email protected]:~# cp /usr/lib/proxychains3/proxyresolv /usr/bin/
执行完以上命令后,proxyresolv命令就可以执行了。
[email protected]:~# proxyresolv www.baidu.com
|R-chain|-<>-61.129.70.109:1080-<>-182.92.225.79:1080-<><>-4.2.2.2:53-<><>-OK
103.235.46.39
[email protected]:~# proxyresolv www.baidu.com
|R-chain|-<>-182.92.225.79:1080-<>-61.177.248.202:1080-<><>-4.2.2.2:53-<><>-OK
103.235.46.39
我这里启用的是random_chain选项,长度为2, 大家可以看到上面的proxy chain 是从proxy list随机选取的两个代理构成的proxy chain。
4、nmap 挂代理扫描端口
[email protected]:~# proxychains nmap -sS 119.75.217.109
ProxyChains-3.1 (http://proxychains.sf.net)
Starting Nmap 7.40 ( https://nmap.org ) at 2017-06-01 21:17 EDT
Nmap scan report for 119.75.217.109
Host is up (0.030s latency).
Not shown: 998 filtered ports
PORT STATE SERVICE
80/tcp open http
443/tcp open https
Nmap done: 1 IP address (1 host up) scanned in 5.25 seconds
5、metasploit挂代理:
[email protected]:~# proxychains msfconsole
ProxyChains-3.1 (http://proxychains.sf.net)
|DNS-response|: starnight does not exist
<><>-OK7.0.0.1:5432-[*] Starting the MEtasploit Framework console...-../nsole...|
|R-chain|-<>-218.75.41.134:1080-<>-218.201.98.196:1080-[*] Starting the MetAsploit Fram<><>-OK7.0.0.1:5432-[*] Starting the MetaSploit Framework console.../
[-] Failed to connect to the database: FATAL: no pg_hba.conf entry for host "172.18.17.8", user "msf", database "msf"
[-] WARNING! The following modules could not be loaded!
[-] : Errno::ENOENT No such file or directory
, ,
/ \\
((__---,,,---__))
(_) O O (_)_________
\\ _ / |\\
o_o \\ M S F | \\
\\ _____ | *
||| WW|||
||| |||
Save 45% of your time on large engagements with Metasploit Pro
Learn more on http://rapid7.com/metasploit
=[ metasploit v4.14.14-dev ]
+ -- --=[ 1643 exploits - 946 auxiliary - 289 post ]
+ -- --=[ 473 payloads - 40 encoders - 9 nops ]
+ -- --=[ Free Metasploit Pro trial: http://r-7.co/trymsp ]
msf >
执行以上命令后,看到msf>提示符表示msfconsole启动成功了。表示ProxyChains设置成功。
我这metasploit本身就有问题,请忽略,?? 。最后要提一下的就是,代理可能不稳定,例如出现超时timeout,可能需要经常换代理试试。
References:
How to Evade Detection Using Proxychains
How To Use Proxychains To Evade Detection in Kali Linux
以上是关于Kali设置代理的主要内容,如果未能解决你的问题,请参考以下文章