Proxify applications with tsocks and proxychains on ubuntu

By | August 15, 2012

Tsocks

There are many network applications that do not have the option to specify a proxy or do not support the use of proxies. In such cases tsocks is a useful tool to wrap all network communication done by a program via a socks proxy.

Project website
http://tsocks.sourceforge.net/

Install on ubuntu

$ sudo apt-get install tsocks

Now open the configuration file /etc/tsocks.conf and edit the following parameters

1. server
2. server_type
3. server_port

Sample file

# This is the configuration for libtsocks (transparent socks)
# Lines beginning with # and blank lines are ignored
#
# The basic idea is to specify:
#	- Local subnets - Networks that can be accessed directly without
#			  assistance from a socks server
#	- Paths - Paths are basically lists of networks and a socks server
#		  which can be used to reach these networks
#	- Default server - A socks server which should be used to access 
#			   networks for which no path is available
# Much more documentation than provided in these comments can be found in
# the man pages, tsocks(8) and tsocks.conf(8)

# Local networks
# For this example this machine can directly access 192.168.0.0/255.255.255.0 
# (192.168.0.*) and 10.0.0.0/255.0.0.0 (10.*)

local = 192.168.0.0/255.255.255.0
local = 10.0.0.0/255.0.0.0

# Paths
# For this example this machine needs to access 150.0.0.0/255.255.0.0 as 
# well as port 80 on the network 150.1.0.0/255.255.0.0 through
# the socks 5 server at 10.1.7.25 (if this machines hostname was 
# "socks.hello.com" we could also specify that, unless --disable-hostnames
# was specified to ./configure).

path {
	reaches = 150.0.0.0/255.255.0.0
	reaches = 150.1.0.0:80/255.255.0.0
	server = 10.1.7.25
	server_type = 5
	default_user = delius
	default_pass = hello
}

# Default server
# For connections that aren't to the local subnets or to 150.0.0.0/255.255.0.0
# the server at 192.168.0.1 should be used (again, hostnames could be used
# too, see note above)

server = 127.0.0.1
# Server type defaults to 4 so we need to specify it as 5 for this one
server_type = 5
# The port defaults to 1080 but I've stated it here for clarity 
server_port = 9050

After doing this its important to start a socks proxy on port 9050. The best solution is TOR.
Download/Install tor and start it.

Now launch any application from the terminal as following

$ tsocks epiphany

Epiphany is a browser. After launching epiphany from tsocks, open ipmango.com to verify your ip address.
So using tsocks any application that uses sockets can be made to use the socks proxy and become anonymous.

Proxychains

Tsocks is limited to socks5 proxy. It cannot use http proxy servers. Here comes the solution for http proxies - proxychain.

Project website
http://proxychains.sourceforge.net/

Install on ubuntu

$ sudo apt-get install proxychains

Now edit the configuration file /etc/proxychains.conf

# proxychains.conf  VER 3.1
#
#        HTTP, SOCKS4, SOCKS5 tunneling proxifier with DNS.
#	

# The option below identifies how the ProxyList is treated.
# only one option should be uncommented at time,
# otherwise the last appearing option will be accepted
#
#dynamic_chain
#
# Dynamic - Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# at least one proxy must be online to play in chain
# (dead proxies are skipped)
# otherwise EINTR is returned to the app
#
strict_chain
#
# Strict - Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# all proxies must be online to play in chain
# otherwise EINTR is returned to the app
#
#random_chain
#
# Random - Each connection will be done via random proxy
# (or proxy chain, see  chain_len) from the list.
# this option is good to test your IDS :)

# Make sense only if random_chain
#chain_len = 2

# Quiet mode (no output from library)
#quiet_mode

# Proxy DNS requests - no leak for DNS data
#proxy_dns 

# Some timeouts in milliseconds
tcp_read_time_out 15000
tcp_connect_time_out 8000

# ProxyList format
#       type  host  port [user pass]
#       (values separated by 'tab' or 'blank')
#
#
#        Examples:
#
#            	socks5	192.168.67.78	1080	lamer	secret
#		http	192.168.89.3	8080	justu	hidden
#	 	socks4	192.168.1.49	1080
#	        http	192.168.39.93	8080	
#		
#
#       proxy types: http, socks4, socks5
#        ( auth types supported: "basic"-http  "user/pass"-socks )
#
[ProxyList]
# add proxy here ...
# meanwile
# defaults set to "tor"
#socks5 	127.0.0.1 9050
http	127.0.0.1	8080

Comment out proxy_dns option, otherwise it will be difficult to make it work. Then towards the end of the file add the list of proxy servers. Add only 1 and comment the rest of easy use. Over here we first test the http proxy so add the following

http	127.0.0.1	8080

After adding the http proxy to the list its time to start an http proxy server on localhost (127.0.0.1). This can be done by either installing TOR+Polipo or by simply launching the burp suite program which has an integrated http proxy server. Once the http proxy server is up, launch proxychains along with the application that needs to be proxified :

$ proxychains telnet google.com 80

This will make the telnet program use the http proxy specified earlier. Simple and effective.

It should be clearly understood that tsocks or proxychains are not proxy servers, they are just proxifying tools that can make non proxy aware programs to communicate via proxies.

About Silver Moon

A Tech Enthusiast, Blogger, Linux Fan and a Software Developer. Writes about Computer hardware, Linux and Open Source software and coding in Python, Php and Javascript. He can be reached at [email protected].

4 Comments

Proxify applications with tsocks and proxychains on ubuntu
  1. Daniel

    Is it possible for any of the above (tsocks or proxychains) to set the socks ip:port as an argument when running them in the command line ? Thank you

  2. Dominic

    Hi,

    I have to allow a client to connect through a campus proxy. I am not entirely sure of your steps… would the following be correct?

    1. server proxy.name.cs.xy.ac
    2. server_type ? I don’t know what to speciy here
    3. server_port proxy_port_#

    I then use TOR to start a socks proxy on port 9050, and finally at command line I start my client with:

    tsocks ./client_name

    1. Silver Moon

      if you want to use the campus proxy, then no need to start tor.

      tsocks has to be configured with the ip address and port number of the proxy. fill the correct values for the fields “server” , “server_type” and “server_port”. if its a socks5 proxy then server_type should be 5 and if its a socks4 proxy then server_type would be 4.

      then running the program like this should work

      tsocks ./client_name

Leave a Reply

Your email address will not be published. Required fields are marked *