108 lines
2.8 KiB
Plaintext
108 lines
2.8 KiB
Plaintext
|
|
0. Precondiciones
|
|
|
|
# Hostname foo apuntando a servidor http
|
|
|
|
time curl -s http://foo/1.iso|sha256sum
|
|
e260921ef5c7bd5ee2a7b2f2f1156af6483014c73984e4cf37f2b6690e0155e5
|
|
|
|
# En la terminal donde corramos el curl dejamos configuracion para el cliente
|
|
|
|
export O="--proxy localhost:1080 --proxy-type socks5 --proxy-auth juan:juan --proxy-dns local"
|
|
# sin resoluciones ipv4
|
|
export http_proxy=socks5://juan:juan@localhost/
|
|
# con resoluciones dns
|
|
export http_proxy=socks5h://juan:juan@localhost/
|
|
|
|
# en la terminal donde corramos el server lo dejamos configurado con usuarios
|
|
export OPTS="-u juan:juan -u prueba:prueba"
|
|
|
|
./socks5d $OPTS
|
|
|
|
1. Casos
|
|
1.1 Defaults bindings
|
|
|
|
Term A $ ./socks5d $OPTS
|
|
Term B $ netstat -nlp|grep socks5d
|
|
tcp 0 0 0.0.0.0:1080 0.0.0.0:* LISTEN 8082/./socks5d
|
|
tcp6 0 0 :::1080 :::* LISTEN 8082/./socks5d
|
|
sctp 127.0.0.1:8080 LISTEN 8082/./socks5d
|
|
|
|
1.2 Cambio de bindings
|
|
|
|
Term A $ ./socks5d -p1111 -P 9091 -l ::1 -L0.0.0.0
|
|
Term B $ netstat -nlp|grep socks5d
|
|
tcp6 0 0 ::1:1111 :::* LISTEN 8235/./socks5d
|
|
sctp 0.0.0.0:9091 LISTEN 8235/./socks5d
|
|
|
|
1.3 Proxy una conexión por vez
|
|
|
|
Medir caso base $ time curl http://foo/1.iso|md5sum
|
|
|
|
Term B $ curl http://foo/1.iso|md5sum
|
|
|
|
Verificar integridad y velocidad
|
|
|
|
1.4 Proxy 3 conexiones
|
|
|
|
Term B $ curl http://foo/1.iso|md5sum
|
|
Term C $ curl http://foo/1.iso|md5sum
|
|
Term D $ curl http://foo/1.iso|md5sum
|
|
|
|
1.5 Desconexión repentina cliente
|
|
|
|
Durante la transferencia matar curl
|
|
|
|
$ curl http://foo/1.iso|md5sum
|
|
|
|
verificar que no se queda colgado. top.
|
|
|
|
1.6 Desconexion repentina server
|
|
|
|
Durante la transferencia matar curl
|
|
|
|
$ curl http://foo/1.iso|md5sum
|
|
$ sudo /etc/init.d/nginx stop
|
|
|
|
1.7 Origin server (IPV4) no presta servicio
|
|
$ curl 'http://127.0.0.1:3333'
|
|
|
|
1.8 Origin server (IPV6) no presta servicio
|
|
$ curl 'http://[::1]:3333'
|
|
|
|
1.9 Falla resolución de nombres
|
|
$ curl 'http://xxxxxxxxxxx/'
|
|
|
|
1.10 Comportamiento origin server resuelve DNS IPV6
|
|
$ curl http://ipv6.leak.com.ar/
|
|
|
|
1.11 Origin server con múltiples direcciones IP (una falla)
|
|
$ dig +short tpe.proto.leak.com.ar
|
|
240.0.0.1
|
|
127.0.0.1
|
|
|
|
$ curl http://tpe.proto.leak.com.ar/
|
|
|
|
1.12 Agnostico del protocolo
|
|
|
|
Term B: stty -icanon && nc -l 9090
|
|
Term C: stty -icanon && nc $O localhost 9090
|
|
|
|
1.13 Probar enviarle http
|
|
|
|
http_proxy="" curl http://127.0.0.1:1080/1.iso
|
|
ó
|
|
stty -icanon && nc localhost 1080
|
|
|
|
1.14 desde el browser
|
|
|
|
no logrue que el chrome funcione con user pass
|
|
estos dos son interesante.
|
|
https://http1.golang.org/gophertiles?latency=0
|
|
https://http2.golang.org/gophertiles?latency=0
|
|
http://www.http2demo.io/
|
|
|
|
1.15 Password disector
|
|
|
|
con nc
|