Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

redsocks http-connnect basic-auth #136

Open
dok72 opened this issue Feb 11, 2019 · 3 comments
Open

redsocks http-connnect basic-auth #136

dok72 opened this issue Feb 11, 2019 · 3 comments

Comments

@dok72
Copy link

dok72 commented Feb 11, 2019

Hi,
I'm using redoscks on a 2018.4 kali linux.
I need to connect to an http-proxy that require authentication.
I set redsocks.conf in this way

base {
log_debug = on;
log_info = on;
log = "stderr";
daemon = off;
redirector = iptables;
}

redsocks {
local_ip = 127.0.0.1;
local_port = 12345;
ip = 10.12.yyy.xxx;
port = 8080;
// known types: socks4, socks5, http-connect, http-relay
type = http-connect;
login = "myUser";
password = "myPass";
disclose_src = false;
}

But it seems that redsocks does NOT consider my credential.
I sniff traffic with wireshark and compare it with a proxychains connection that works fine (with same IP,Port,user and pass parameter).

wireshark session with redsocks:
CONNECT 216.58.205.100:80 HTTP/1.0

HTTP/1.0 407 authenticationrequired
Via: 1.0 10.12.yyy.xxx (McAfee Web Gateway 7.7.2.7.0.24770)
Date: Mon, 11 Feb 2019 09:25:22 GMT
Content-Type: text/html
Cache-Control: no-cache
Content-Length: 4040
Proxy-Connection: Close
Proxy-Authenticate: Negotiate
Proxy-Authenticate: Basic realm="McAfee Web Gateway"
....

wireshark session with proxychains:
CONNECT 185.63.145.1:443 HTTP/1.0
Proxy-Authorization: Basic ZjI1MjE5Y...

HTTP/1.0 200 Connection established

What's wrong on my config setup ?
Thanks.
@snorre-k
Copy link

Hi,

I have the same problem.

When using type = http-connect; no authentication is sent to the proxy.
Wireshark shows two following CONNECT request without authentication data for each GET sent by the client.

BR
Norbert

@snorre-k
Copy link

snorre-k commented Jun 4, 2020
edited
Loading

Hi,

Just found the problem. Our proxy uses multiple authentications (NEGOTIATE, NTLM and BASIC).
According to "http-auth.c" line 288: // FIXME: multi-line headers are not supported

For me I fixed this with an ugly workaround (as I am not a C programmer), which maybe not appropriate for other users.
I set the authentication method to BASIC in "http-connect.c" line 228: if (true)

diff --git a/http-connect.c b/http-connect.c
index f7679ac..4b83785 100644
--- a/http-connect.c
+++ b/http-connect.c
@@ -225,7 +225,7 @@ static struct evbuffer *httpc_mkconnect(redsocks_client *client)
        if (auth->last_auth_query != NULL) {
                /* find previous auth challange */

-               if (strncasecmp(auth->last_auth_query, "Basic", 5) == 0) {
+               if (true) {
                        auth_string = basic_authentication_encode(client->instance->config.login, client->instance->config.password);
                        auth_scheme = "Basic";
                } else if (strncasecmp(auth->last_auth_query, "Digest", 6) == 0) {

BR
Norbert

@snorre-k
Copy link

snorre-k commented Jun 4, 2020

Created a pull request for enabling multiline auth requests
#151

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dok72 @snorre-k