How to run Charles Proxy over Tor? - proxy

Following situation:
intercepting web traffic with Charles Proxy works fine if i set the browsers http/https proxy to the port Charles is configured for (127.0.0.1:8888)
surfing over anonymously over Tor works also fine if i set the browsers socks proxy to the one which Tor is configured for (127.0.0.1:9150)
Now i want to chain both proxies in the way, that i can intercept the web traffic of my browser with Charles while being anonymously over the Tor network. So i set my browsers http/https proxy to Charles and in Charles i set up the "external Proxies" to Tor.
But somehow this doesn't work. Do i have some misconceptions? Thanks for help!

TL;DR:
Open command line (C:\Windows\System32\cmd.exe) and type this command in the console window:
"C:\TorBrowserBundle\Browser\TorBrowser\Tor\tor.exe" --HTTPTunnelPort 8118. Adjust path according to where your Tor Browser Bundle is located.
In Charles go to menu Proxy→External Proxy Settings
Select Use external proxy servers checkbox at the top
Clear Web Proxy (HTTP) and SOCKS Proxy checkboxes on the left side
Select Secure Web Proxy (HTTPS) on the left side
On the right side under Secure Web Proxy Server enter 127.0.0.1 and 8118
At the bottom select Always bypass external proxies for localhost checkbox
Click OK to save changes
Try opening https://google.com/ in the web browser configured to use Charles (better in Incognito window to make sure that your Google account settings do not interfere with Google language detection by geo-location). You should see localized Google page in some random language.
Explanations
Tor provides SOCKS proxy out of the box. By default Tor uses port 9050. You mentioned port 9150. This is default port used by Tor Browser Bundle. So I assume you use Tor Browser Bundle. But specifying SOCKS Proxy settings in External Proxy Settings in Charles won't allow you to open websites via https:// links. If you take a look at the Charles documentation, you might notice that only non-HTTPS traffic is being sent via SOCKS proxy. Quote (emphasis mine):
If you have a SOCKS proxy Charles will use it for all non-HTTP(S) traffic such as for Port Forwarding.
So in order to chain Charles via Tor, you must use non-SOCKS proxy.
By the way, I was unable to open http:// links via Charles when specified Tor as SOCKS proxy and disabled Secure Web Proxy (HTTPS). No idea why.

Related

Charles debugging proxy not connecting to localhost

Charles Web Debugging Proxy not connecting to localhost. It was working right after I installed, but all of a sudden get connection refused, when trying to connect to localhost. Other traffic is going through proxy ok. The web server and proxy ports are different. *.8888 proxy listening on all addresses.
Get the following error
Charles Error Report
Failed to connect to remote host
Charles failed to connect to the remote host. Check that your Internet
connection is ok and that the remote host is accessible. Maybe your
network uses a proxy server to access the Internet? You can configure
Charles to use an external proxy server in the External Proxy
Settings.
The actual exception reported was:
java.net.ConnectException: Connection refused Charles Proxy,
http://www.charlesproxy.com/
Did you use PHP Built-in server?
The FAQs of office document say:
Localhost traffic doesn't appear in Charles
Some systems are hard coded to not use proxies for localhost traffic, so when you connect to http://localhost/ it doesn't show up in Charles.
The workaround is to connect to http://localhost.charlesproxy.com/ instead. This points to the IP address 127.0.0.1, so it should work identically to localhost, but with the advantage that it will go through Charles. This will work whether or not Charles is running or you're using Charles. If you use a different port, such as 8080, just add that as you usually would, e.g. localhost.charlesproxy.com:8080.
You can also put anything in front of that domain, e.g. myapp.localhost.charlesproxy.com, which will also always resolve to 127.0.0.1.
Alternatively you can try adding a '.' after localhost, or replace localhost with the name of your machine, or use your local link IP address (eg. 192.168.1.2).
If Charles is running and you're using Charles as your proxy, you can also use local.charles as an alternative for localhost. Note that this only works when you're using Charles as your proxy, so the above approaches are preferred, unless you specifically want requests to fail if not using Charles.
If you use php built-in server use
php -S 127.0.0.1:8080 -t ./public
instead of
php -S localhost:8080 -t ./public

Configure fiddler to use proxy

Is there way to configure such chain MyApp->Fiddler->Web Proxy*->Target Server?
*Web Proxy is one from this list.
P.S. I know how to configure MyApp->Fiddler->Target Server but I need to test some functional associated with situations when user login from unusual location (for example from Africa)
Fiddler can chain to any upstream proxy. By default, it chains to the proxy that Internet Explorer was configured to use when Fiddler started. But you can also manually set the upstream proxy in Fiddler by clicking Tools > Fiddler Options > Gateway.

Apache forward proxy that handles https

I followed the example in the following SO question to successfully set up an Apache forwarding proxy: Setting up an Apache Proxy with Authentication
It works well, except that when accessing sites via https, it says it cannot find the site. For example, Chrome gives
Error 111 (net::ERR_TUNNEL_CONNECTION_FAILED): Unknown error.
And on the server, I do not even see something in the access logs. For my proxy settings, I have configured the same for http and https (i.e. port 80 on my proxy server).
Do you perhaps have an example of how to set up a forward proxy with Apache for https?
It seems the only thing I was missing is that I had not enabled mod_proxy_connect which was achieved with
sudo a2enmod proxy_connect
To quote the mod_proxy_connect documentation page:
This module requires the service of mod_proxy. It provides support for
the CONNECT HTTP method. This method is mainly used to tunnel SSL
requests through proxy servers.
Are you attempting to terminate the SSL or just trying to create a forward proxy without handling any SSL certs? The issue that you are having is because during HTTPS proxying, the browser attempts to create an HTTP tunnel and it seems that your server is not correctly configured to handle tunneling. You can see another example here: Implementing a Simple HTTPS Proxy Application.
Here is another helpful thread on proxying HTTPS traffic with HTTP tunneling: Tunnel over HTTPS.
If you can choose something else other than Apache, I would suggest you use a robust forward proxy such as Squid or TrafficServer that are built to handle this type of setup.

Charles web debugging proxy not detecting vpn connection

I have a VPN connection on which I'm testing some websites using Charles Web Debugging Proxy, but Charles doesn't seem to detect my VPN connection because it doesn't detect the websites that I'm running on the VPN network. Any help please?
Thank you
I had the same problem on my Mac but was able to solve it. Essentially after connecting to VPN Charles would stop recording all http traffic regardless of whether it was started before or after VPN connection was established
The problem was with Auto Proxy configuration at the system level.
I had Auto Proxy Config and Automatic Proxy Configuration turned ON in System Preferences> Network Settings>You network>Advanced
I was not able to turn them off via UI because they were disabled/greyed out by the corporate policy on the VPN machine but I was able to run 2 shell commands from the terminal though which turned both options OFF before starting Charles and before connecting to VPN (you will need admin access on your account to run these I suppose).
networksetup -setautoproxystate Wi-Fi off
networksetup -setproxyautodiscovery Wi-Fi off
Wi-Fi happens to be the name of the network interface I am running. If you are hard wired, yours could be Ethernet.
This essentially unticked both options in Network Settings leaving the URL for auto proxy intact. If you can untick these 2 checkboxes via the UI - even better.
Great so far but you aren't done yet!!
You need to figure out the true IP address of your corporate proxy and enter it under External Proxy Settings in Charles. Your VPN configuration might be pointing to an external configuration file. When you uncheck "Automatic Proxy configuration", the URL with the configuration should show in the "Proxy Configuration File" text box. Download that file, find the proxy setting, and enter those in the External Proxy Settings in Charles.
Voila - start Charles, start VPN - all HTTP traffic is flowing through Charles even when I am on VPN - precisely what I needed.
Hope this helps and you are running this on a MAC :)
For Viscosity:
Add this
dhcp-option HTTPPROXY 127.0.0.1:8888
dhcp-option HTTPSPROXY 127.0.0.1:8888
in the connection settings, under the tab "Advanced".
Charles will now work with Viscosity :)
Start Charles before connecting to your vpn.
http://www.charlesproxy.com/documentation/faqs/vpn-not-working-with-charles/
Charles proxy and Tunnel Bear
1. run Charles
2. Charles -> Proxy -> MacOS Proxy
3. Charles -> Stop Recording
4. Charles -> Stop SSL Proxying
5. run Tunnel Bear
6. Charles -> Start Recording
7. Charles -> Start SSL Proxying
Using Chrome and Viscosity as my VPN client, I'm unable to get any traffic from Chrome to go through Charles while the VPN is connected.
My solution is to use Firefox. It's probably because Firefox makes its own proxy connections (and therefore has its own proxy settings), while Chrome and Safari defer to MacOS to make the HTTP connection.
I managed to work Charles with my VPN with the next settings:
Open charles -> Help -> SSL Proxying -> "Install Charles Root
certificates on Mobile Device Or Remote Browser". This should show a
dialog with proxy IP and port
Open "System Preferences" -> Network. Select your VPN and press
"Advenced"
Go to "Proxies", and do the next for "Web Proxy", "Secure Web Proxy"
and "SOCKS Proxy":
check the checkbox
for "web proxy server" enter "127.0.0.1"
for port enter the port from Charles Help dialog
It should work till VPN and Charles is running. After relaunch VPN or Charles you may change settings again.
Not the best solution, but at least it works.

How to browse webpages through proxy server

I made a proxy server,and I'm testing it using a client name Proxifier.
I made the first part with autentication to work,but i don't know what to do next.
I called Connect() an the address received from the client,but that is from a webpage.
So i need to connect to the webpage? What next then? I can't browse the net with the proxy on.
So i hope someone could help me an what to do next.Thanks.
to test a proxy server is simple as these.
In your browser, configure the proxy settings to the ip:port of your proxy server, in these case if you are testing on local machine, your ip is 127.0.0.1 and you are listening on port 80.
browse a webpage mostly google with the browser and see if it loads properly, if it does, then you proxy server is working

Resources