I am successfully connecting to the internet using an application called tether for a jailbroken iphone. (I know there's better options now).
My iphone is connected to my laptop's wifi "device network".
I have in my OS X network settings a location called iphone and the proxy is configured to use the correct IP and port for the phone.
I can browse the internet using Chrome over http and https perfectly.
iTerm cannot ping google. Git cannot pull. I've googled for days and don't see anything "easy" or that I understand. Any advice is appreciated.
Command-line tools usually only support HTTP proxy. For providing a HTTP proxy out of a SOCKS one you have Privoxy. After you've set up Privoxy you have an HTTP proxy. In terminal usually saying export http_proxy=ip:port is enough for most applications. For Git specifically consult here.
But if that's too much for you, you can use sshuttle. It transparently transfers all your connections through a SOCKS proxy. That is, all the connections in your computer, and after that you don't have to change proxy settings for your GUI apps.
I use Homebrew as my package manager in Mac, and both Privoxy and sshuttle are available in it.
Related
I am updating libraries to include proxy headers such as host, port, username and password because some users of the library are running behind corporate proxy / firewall. Anyone have a good way of testing this on a Mac? I am not behind any proxy.
I tried setting the web proxy in Network in System Preferences on the Mac but that only seems to affect browser requests. I'm finding that curl requests and anything run in terminal does not go through that proxy.
I'm trying to use Fiddler version 5.0.20202.18177 (latest as of writing) to determine the URLs used by various online / web installers.
This works fine in most cases. For example, with SpotifySetup.exe:
However, this does not work in some cases. For example, with DropboxInstaller.exe and bitdefender_online.exe:
I have ensured that:
HTTPS decryption is set up for all processes:
All types of connections are being captured:
Windows' proxies are set as expected.
All Windows 10 AppContainer Loopback exemptions are in place:
Running Fiddler as administrator doesn't make a difference.
I would have guessed that the executables simply aren't utilising the proxy but, as far as I'm aware, if the proxy is set at the Windows level then they can't override that?
A program can use of the proxy defined in the Windows Internet settings but it also can ignore those settings and directly connect to the Internet.
The proxy settings are only used automatically for programs that use an HTTP client provided by Microsoft (e.g. WinHTTP for C/C++ or a Dot.net Http client implementation).
All other programs that use their own HTTP client can query the Windows proxy settings and apply them but this is optionally. From a Windows perspective those programs just open TCP connections, what protocol is used on the connection is unknown to Windows hence Windows could not enforce that a proxy is used even if it would try to do so.
By default even programs that come with Windows like the command-line too curl ignore the Windows proxy settings.
Dropbox for example has their own proxy settings within the Dropbox client. There you have to configure Fiddler as proxy.
Bitdefender also seem to have it's own proxy settings where you have to configure Fiddler.
After my discussion with Robert, I ended up abandoning Fiddler, setting up a VirtualBox VM running pfSense Community Edition (free) + Squid3 with HTTPS Interception and Access Logging, installing the pfSense's root CA certificate in my test Windows VM, and changing my test Windows VM's default gateway to the LAN IP address of the pfSense which worked.
In the case of the Dropbox example, it was initially logging TCP_TUNNEL_ABORTED/200 client.dropbox.com:443 so I added client.dropbox.com to the whitelist in the ACLs then it worked and I could see the full EXE URL:
As the title says, I couldn't get mitm proxy to log ssl traffic of windows apps.
I tested an app working with ssl on both Android and Windows + Windows mobile.
Even in fiddler, I exempted the app but it couldn't track the requests either.
as I was searching I saw someone using a program (I couldn't find) to track the requests from a process called WinUAPEntry.exe that's used by universal apps for requests.
Any solutions?
I have installed the mitm proxy's ssl cerifitcaion
I have set the wifi proxy to the ip of the device where mitmproxy is running
I have forwarded the 80, 443 in iptables as mentioned in mitmproxy tutorials
You should be able to get this running with https://loopback.codeplex.com/. This is the same as Fiddler's EnableLoopback Utility though, so if that didn't work YMMV.
Searching a month I found out Windows Apps bypass proxy settings, tested on both Desktop and Mobile. I came up with solutions like MAC IP binding and setting NIC Ip of the host as a gateway but none worked.
I want an app I am testing to use Win (10) OS system proxy settings. I'm watching packets on the proxy and see HTTPS browsing traffic on Chrome (I've installed a self signed cert on Win).
I can also see a few other OS requests coming through the proxy server. For some reason though, some apps don't pay attention to the system proxy settings.
Is there any way to force all connections through the proxy server? The app I'm testing uses Qt - QWebView. I found a reference here that you need to change the source to use a proxy. This won't work for me as I only have access to the production binary for this test.
How can I force an OS proxy connection, or otherwise route that traffic through my proxy?
Note my OS is in a virtual machine.
Edit: I'm wondering if editing the hosts file could route the traffic for a particular URL to my Proxy? I'm trying Acrylic but I'm not having any luck.
We're having a weird problem at work and I'm hoping someone here can give me some ideas on how to troubleshoot it.
The problem is that I cannot make websocket connections from my Kubuntu 13.10 workstation. I've tried from both Chrome and Firefox. I'm behind a proxy and first I thought that must be the reason. However, I got some coworkers to try to connect to the same websocket echo demo and all of them were able to, except one. He was the only one running Ubuntu (same as me), the others were on Mac, Windows and even one on RedHat! Theirs all worked fine.
Ok, so now for the really weird part. I created and ran a virtual machine on my workstation (the one that couldn't connect). The VM is a Lubuntu 13.10 and what do you know, the darn thing establishes a websocket connection just fine!
So any ideas on how to troubleshoot this or even some suggestions for solutions would be very much appreciated.
Ugh... well that one was dumb.
So it turns out that in Linux you can check a checkbox in your Network Proxy settings (the system settings) that will use the same proxy for all protocols.
Yeah... don't do that!
Unless, that is, your proxy server supports SOCKS as well as HTTP/HTTPS/FTP (highly unlikely).
It turns out that if you check that checkbox, your proxy server will be registered as a SOCKS proxy and for some reason, websocket connections in both Chrome and Firefox will want to use that. So your HTTP proxy will end up getting a bunch of weird SOCKS handshakes that it doesn't understand and any websocket connection will fail.
This was tested on both Ubuntu and Kubuntu and the "problem" exists on both.
TL;DR; Don't check the "Use this proxy server for all protocols" checkbox unless your proxy server supports the SOCKS protocol. Instead, manually fill in the same server for the different protocols (http, https and ftp) but leave the socks protocol empty (or point to an actual socks proxy server).