Use Tor as a proxy to access https site - https

I have a script which has https capability and also http with proxy capability. How can I use it to access a site on https through Tor as a proxy?
I tried using Delegate as described here:
https://superuser.com/questions/423563/convert-http-requests-to-socks5
But that only works for http sites not for https. Is there a way to access https sites as well?
It is a Lua script running using a Sockets library and OpenSSL library.
Thanks

Related

"webdev serve" chrome won't show dart source when using https

Trying to test dart app using chrome via https.
(using nginx to proxy https port to webdev serve http port).
When I visit the app using http, I can see main.dart.
When I visit the same app using https, I can see main.dart.js.
Is there a way to get 'webdev serve' listening to a https port ?
[why using https - because google won't allow oauth without it, and anyway, we're supposed to be using https always these days, right?]
Thanks in advance for your help...
Ian

Fiddler not logging https traffic form IIS

I've configured fiddler as proxy for my web application. My web application makes makes https requests to API using RestClient. These HTTPS requests are not showing on fiddler.
I've enabled "Decrypt Https Traffic" that install fiddler certificate. still it does not work. any suggestions..?
By default fiddler sets itself up as a proxy for WinINet which is used by browsers. IIS doesn't use WinINet.
Check out this article:
http://docs.telerik.com/fiddler/Configure-Fiddler/Tasks/ConfigureDotNETApp

How to use direct connection applications behind a kerberos proxy

I have a corporate proxy using Squid and kerberos for authentication, the proxy is configured for standard use, I.E allow http, https, a few others and block everything else. Now, there are many applications that support basic proxy authentication, but do not support Kerberos based authentication and many others that connect directly to the internet. I used Proxifier before the upgrade to kerberos to make my applications use the proxy, but I cannot do so now. I then installed an application called PX to create a proxy that connects to kerberos, but the proxy it creates is a simple HTTP Proxy and proxifier doesn't work correctly with it. Anyone has a setup for a situation like this?. I use Windows 10 and I obviously don't have access to the server where squid is configured. The application I need to connect to the internet uses standard https ports, it's not a torrent application nor anything that uses the ports blocked by squid. Thanks in advance.
Ok, for this particular case I've found the following setup to solve 99% of my problems.
First get Px here https://github.com/genotrance/px
Next get Fiddler: http://www.getfiddler.com/dl/Fiddler4BetaSetup.exe
Configure PX with your user and your domain and run it. By default it creates a running proxy on 127.0.0.1:3128
Configure your sistem proxy to use the proxy supplied by PX.
Execute fiddler, it should create ANOTHER proxy at 127.0.0.1:8888
Use this proxy in your apps. Proxifier should work as well.
Why use fiddler and not the direct 127.0.0.1:3128?, PX creates a pure http proxy and fiddler allows to tunnel https and connect request through it.
Any requests will pass through fiddler which will redirect them to the PX proxy which will redirect them to the squid proxy (So expect very slow speeds).
In the end since you're just redirecting your apps towards your proxy, if your proxy bans using regex expressions or direct IP connections some apps will NOT work, and in these cases using TOR or a VPN is the only real solution. Hope it helps someone avoid all the headaches I went through.

Ngrok setup an SSL local tunnel to an existing Vhost

I'm trying t use Ngrok to create a local tunnel to an SSL Virtual host I have on my local machine, but can't seem to get it to work.
My Vhost works perfectly. The site is https://local.mysite.com
Any of the command I try to use to predefine the pointing url on Ngrok, e.g.
./ngrok http -host-header=rewrite local.mysite.com:443
or
./ngrok http -subdomain=local.mysite.com local.mysite.com:443
always seems to return:
Bad Request
Your browser sent a request that this server could not understand.
Reason: You're speaking plain HTTP to an SSL-enabled server port.
Instead use the HTTPS scheme to access this URL, please.
I get that this is happening because I am trying to access a HTTPS connection via a HTTP call but I can't see alternatives in the ngrok docs.
https://ngrok.com/docs#expose
You need to use tls which is only available in the pro subscription.
If you use Vagrant, you can use the share function which is free and support https.

Apache forward proxy that handles https

I followed the example in the following SO question to successfully set up an Apache forwarding proxy: Setting up an Apache Proxy with Authentication
It works well, except that when accessing sites via https, it says it cannot find the site. For example, Chrome gives
Error 111 (net::ERR_TUNNEL_CONNECTION_FAILED): Unknown error.
And on the server, I do not even see something in the access logs. For my proxy settings, I have configured the same for http and https (i.e. port 80 on my proxy server).
Do you perhaps have an example of how to set up a forward proxy with Apache for https?
It seems the only thing I was missing is that I had not enabled mod_proxy_connect which was achieved with
sudo a2enmod proxy_connect
To quote the mod_proxy_connect documentation page:
This module requires the service of mod_proxy. It provides support for
the CONNECT HTTP method. This method is mainly used to tunnel SSL
requests through proxy servers.
Are you attempting to terminate the SSL or just trying to create a forward proxy without handling any SSL certs? The issue that you are having is because during HTTPS proxying, the browser attempts to create an HTTP tunnel and it seems that your server is not correctly configured to handle tunneling. You can see another example here: Implementing a Simple HTTPS Proxy Application.
Here is another helpful thread on proxying HTTPS traffic with HTTP tunneling: Tunnel over HTTPS.
If you can choose something else other than Apache, I would suggest you use a robust forward proxy such as Squid or TrafficServer that are built to handle this type of setup.

Resources