Problem definition: I want to send a rest request to an API that blocks my real ip address. I used a VPN that can change the ip (I checked it by any browser) but the masked ip leaks when I try to send the rest request. It means although the browser shows masked ip, the rest request knows my real ip.
Here is a simple rest request using cURL that returns the ip:
curl https://api.ipify.org?format=json
Tried solution: I have tried to send a port that is used by VPN. for example in this situation, the rest request should be like this:
curl -x http://localhost:<PORT> https://api.ipify.org?format=json
but I don't know what the port is used by the vpn I use. Also, I don't know is it a true solution or not?
thanks for all the answers and help.
Related
im new in mikrotik, please help
all device connected is blocked from internet
so, i want to send http post from web page to mikrotik with data ip & macAddress
then the mikrotik make this ip+macAddress can connect to internet
is that can be happen in mikrotik?
or maybe any option for that, thank you.
This strongly depends on how do you block users from accessing outside network.
Since you mentioned client IP a MAC address my guess is Hotspot. If I'm correct then THIS would be your way
Is it possible to route dns to different servers based on the protocol of the request without using a proxy server?
For example wss://example.com goes to 1 server and https://example.com goes to a different one.
In principle no, this is not possible. Although there are exceptions.
When you an application and request a network address, e.g. example.com the application will (typically) pass on a request to the OS to open a connection to that address.
Because the OS can only make a connection to an IP Address, the first thing it does is to make a DNS request to find out the address it can connect to. There is no mechanism at all, to tell that DNS request what protocol is being requested. At the point the OS makes the DNS request it is simply, 'What is the address for example.com' there is no space in the body of the message for more information.
In that sense it is not possible.
However there are a few services that use SRV records to find the server they need to connect to.
In these cases the application will say to the OS 'get me the SRV record for _somefancyservice.example.com' When it has that record, it will then send another request to the OS to open a connection the whatever it found in the SRV record.
So you could, in theory, write an application that performed the SRV record query first, and then opened a connection to whatever was returned.
I wrote a more detailed answer specifically about wss, which you may find interesting.
I'm trying to use Fiddler to capture traffic that comes to my machine on its external ip address, and redirect it to the loopback interface without affecting the host header.
I have added the following to the OnBeforeRequest method:
if (oSession.HostnameIs("MyMachineName")){
oSession.bypassGateway = true;
oSession["x-overrideHost"] = "localhost";
}
This works fine for http traffic: I do indeed see a request to http://MyMachineName hit the loopback adaptor with its host header intact.
However, when intercepting https traffic I get the following in the response raw view:
fiddler.network.https> HTTPS handshake to auth.time-wise.net failed. System.IO.IOException The handshake failed due to an unexpected packet format.
I have Fiddler configured to capture and decrypt https traffic.
Does anyone know why this problem occurs and how it can be remedied?
Edit: in response to Eric's request for more information
Fiddler is running as a proxy (i.e. as standard), listening on port 8888.
The clients are (currently) web browsers on the same machine, and so are automatically using the Fiddler proxy, as they've picked up the change in default proxy.
You've left out some important details (e.g. what port is Fiddler running on, and how did you configure the remote client to send its traffic to Fiddler?)
Having said that, you will probably want to change your use of x-overrideHost to x-overrideHostname such that the port number of the traffic being retargeted is preserved.
I'm trying to get some protocols work through my company's firewall. Until now I have been succesfull in masking either http or https data by setting a http proxy on localhost and one on a remote server I own. The communication is done via $_POSTed and received modified .bmp files that contain a header and the encripted serialised request array.
This works fine, but there are a few drawbacks that make me think I might have taken a wrong approach.
Firstly I do not use apache's mod-proxy. instead I just created a local subdomain (proxy.localhost) and use that in browser's proxy settings. the subdomain's index.php does all the work. This creates some problems. I cannot use http and https simultaneously or the server will complain of using either "http on a https enabled port" or "incoresc ssl response length".
The second problem is, well, other protocols. I could make use of some ftp, sftp, remote deskoptop, ssh, nust name another... I need it
there are 2 solutions I can think of: First is if I run a php script in CLI so that it listens on a predefined port and handles the requests differently, or some sort of ssh tunnel. Problem is I haven't had any success with freeSSHd and putty because of my ignorance.
Thanks in advance for any advice.
I used the free version of bitvise SSH Client and server and it seems to work just fine.
HI. in node.js, if it is http request, I can get the remoteAddress at req.connection.remoteAddress,
so, how to get it if https request? I find there is req.socket.remoteAddress but I'm not sure. Please advice. thanks.
It appears something is strange/broken indeed.
As of node 0.4.7, it seems http has remoteAddress available on:
req.connection.remoteAddress
req.socket.remoteAddress
on https, both of these are undefined, but
req.connection.socket.remoteAddress
does work.
That one isn't available on http though, so you need to check carefully.
I cannot imagine this behavior is intentional.
Since googling "express js ip" directly points to here, this is somehow relevant.
Express 3.0.0 alpha now offers a new way of retrieving IP adresses for client requests.
Simply use req.ip. If you're doing some proxy jiggery-pokery you might be interested in app.set("trust proxy", true); and req.ips.
I recommend you to read the whole discussion in the Express Google Group.
var ip = req.headers['x-forwarded-for'] ||
req.connection.remoteAddress ||
req.socket.remoteAddress ||
req.connection.socket.remoteAddress;
Note that sometimes you can get more than one ip address in req.headers['x-forwarded-for'], specially when working with mobile phones accessing your server (wifi and carrier data).
As well req.headers['x-forwarded-for'] is easily manipulated so you need a properly configured proxy server.
Is better to check req.connection.remoteAddress against a list of known proxy servers before to go with req.headers['x-forwarded-for'].