I have a virtual machine (local program) that works through a proxy, but does not support entering the login and password for the proxy. My proxy has a username and password. I need connect to the proxy from login and password so my virtual machine (local programm) from the intermediate server receives ready-made authorized traffic. That is, I need an analogue of the router in the local port.
I found it, but iyt not work for me
https://github.com/sjitech/proxy-login-automator
Please tell me some solutions for me.
Related
I have an account in chatgpt but as I located in the restricted country, I tried to use AWS proxy (US server) to login chatgpt. Few weeks ago it worked but now I get an error message access denied error code 1020. I used tinyproxy in stealth mode at first but since I was unable to pass through the cloudflare, I guessed probably the proxy was not good enough to disguise itself as a proxy, so I tried squid vpn in stealth mode and algo vpn, but all did not work(Tried other AWS countries server as well other than US). Until now, I figure out chatgpt might probably just banned all connection from amazon or perhaps my proxy is just not smart enough to pass through cloudflare? What are more options? Any recommended free vpn proxy that I could installed into my AWS EC2 or perhaps I should try other less known cloud services instead? e.g. (other non-restricted country's local cloud services) Besides, I have consider using other free proxy from the internet but as I need to login my gmail, is it danger to do so but since its https so my username and password should be encrypted?
I have the same problem, simple ssh tunneling works you can use a jump server to bypass your country first and than use different server to use as proxy because some of your vps servers get banned with IP, so you may have to use another vpn with different proxy
ssh -D "port to make SOCKS 5 Connection like" <10808> -J <"user">#<"jump server IP"> <"user">#<"final server IP">
than you can use "foxyproxy" extention to build SOCKS5 proxy that uses specified port in this example 10808 to route your browser terrafic through tunnel in port 10808 to final server
or you can use something like sshuttle, but i was fine with this simple tunneling method in GFW
I have a corporate proxy using Squid and kerberos for authentication, the proxy is configured for standard use, I.E allow http, https, a few others and block everything else. Now, there are many applications that support basic proxy authentication, but do not support Kerberos based authentication and many others that connect directly to the internet. I used Proxifier before the upgrade to kerberos to make my applications use the proxy, but I cannot do so now. I then installed an application called PX to create a proxy that connects to kerberos, but the proxy it creates is a simple HTTP Proxy and proxifier doesn't work correctly with it. Anyone has a setup for a situation like this?. I use Windows 10 and I obviously don't have access to the server where squid is configured. The application I need to connect to the internet uses standard https ports, it's not a torrent application nor anything that uses the ports blocked by squid. Thanks in advance.
Ok, for this particular case I've found the following setup to solve 99% of my problems.
First get Px here https://github.com/genotrance/px
Next get Fiddler: http://www.getfiddler.com/dl/Fiddler4BetaSetup.exe
Configure PX with your user and your domain and run it. By default it creates a running proxy on 127.0.0.1:3128
Configure your sistem proxy to use the proxy supplied by PX.
Execute fiddler, it should create ANOTHER proxy at 127.0.0.1:8888
Use this proxy in your apps. Proxifier should work as well.
Why use fiddler and not the direct 127.0.0.1:3128?, PX creates a pure http proxy and fiddler allows to tunnel https and connect request through it.
Any requests will pass through fiddler which will redirect them to the PX proxy which will redirect them to the squid proxy (So expect very slow speeds).
In the end since you're just redirecting your apps towards your proxy, if your proxy bans using regex expressions or direct IP connections some apps will NOT work, and in these cases using TOR or a VPN is the only real solution. Hope it helps someone avoid all the headaches I went through.
I have a C\S program that the client use HTTP proxy server to connect server. We ask the user to input the proxy server IP address, port, the username, and password. Then use Authorization: Basic method to connect server.
But now we want to auto detect IE proxy server settings, and use the IE proxy settings to connect our server. We can get the IE proxy server IP address and port from the registry, but can't get the username and password. So how to use the IE proxy setting to connect internet? (Maybe I should use Authorization: Negotiate to connect HTTP proxy server.)
Many other software has this feature:
I have a VPN (pptpd) server configured and a client connected. In the same machine of VPN server, I have a proxy server (port 3128)(squid) running with authentication enabled. When I use the proxy in my firefox browser it works fine. However, when I conect my notebook to my VPN server I can't navigate using firefox + proxy. Just to remember Proxy server and VPN server running in same machine (a VPS). I'm using UFW firewall.
Is there some tips in configuration files (pptpd or squid) to get this problem fixed?
Best Regards!
use squid's access.log to make sure: squid doesn't receive requests from your notebook; check the routing availability between internal IP network of VPN server and proxy address, it must be accessible (pingable). you may use port address translation (PAT) as a simple fix.
Can URLs be sniffed even though a client communicates with a server over SSL? I'm asking because I'm doing remote login & redirect to a physically different server via URL, and wondered if securing the communication via SSL would prevent replay attacks and the like.
The sniffer will know the IP (and probably hostname) of the server you're requesting from, and the timing/quantity of information transferred, but nothing else.
Yes, replay (and man in the middle) attacks are prevented by SSL if you don't trust a compromised root certificate.
An attacker can observe both the hostname (by watching your DNS traffic) and the IP address you're connecting to. The username, password and path part of the URL should not be available, however.
Of course, the client themselves always has access to this information.
The network sniffer would need both the public and private key to decrypt the SSL traffic.
SSL sets up an encrypted session between the two machines and then runs "ordinary" HTTP over that encrypted connection so they can see what physical machine you are connected to but beyond that can't see anything at all in your connection.
As others have said they can look at the DNS requests most likely to determine the hostname.
Also there are products out there which bypass this protection in a business environment by installing a new root certificate on the client machine and having a proxy server make the connection on your behalf, and then generating a "fake" certificate for the site generated using their root key to make the session to the browser so you appear to have a secure SSL connection to the server but in fact it's only to the proxy. You can look at the certificate chain for the connection to determine if this is happening but few people will bother.
So to answer your question - no the full URL can't be sniffed - but with access to the client machine it is possible to do it part way.,