【proxychains4】虚拟机内kali走主机代理

本文涉及的产品
云解析 DNS,旗舰版 1个月
全局流量管理 GTM,标准版 1个月
公共DNS(含HTTPDNS解析),每月1000万次HTTP解析
简介: 【proxychains4】虚拟机内kali走主机代理

简介

ProxyChains是Linux和其他Unix下的代理工具。 它可以使任何程序通过代理上网, 允许TCP和DNS通过代理隧道, 支持HTTP、 SOCKS4和SOCKS5类型的代理服务器, 并且可配置多个代理。 ProxyChains通过一个用户定义的代理列表强制连接指定的应用程序, 直接断开接收方和发送方的连接。ProxyChains 是一个强制应用的 TCP 连接通过代理的工具,支持 Tor、HTTP、与 Socks 代理。ProxyChains 只会将当前应用的 TCP 连接转发至代理,而非全局代理。

安装

通过 apt 包管理工具安装

sudo apt install proxychains4

配置

在windows主机中

打开系统的代理设置,开启自动检测设置

将主机网络与虚拟机网络共享

现在我使用的是WLAN模式 所以我设置的是WLAN属性,虚拟机使用VM8(NAT)

打开代理软件

本地代理 允许来自局域网连接

在kali中

找到/etc/proxychains4.conf文件进行修改

sudo vim /etc/proxychains4.conf

将proxychains4.conf文件中的dynamic_chain前面的注释符’#‘取消,在strict_chain前面加上注释符’#’

下翻到最后一行,修改代理设置即可

#socks4 127.0.0.1 9050

socks5 10.133.40.227 7890

# proxychains.conf  VER 4.x
#
#        HTTP, SOCKS4a, SOCKS5 tunneling proxifier with DNS.
# The option below identifies how the ProxyList is treated.
# only one option should be uncommented at time,
# otherwise the last appearing option will be accepted
#
dynamic_chain
#
# Dynamic - Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# at least one proxy must be online to play in chain
# (dead proxies are skipped)
# otherwise EINTR is returned to the app
#
#strict_chain
#
# Strict - Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# all proxies must be online to play in chain
# otherwise EINTR is returned to the app
#
#round_robin_chain
#
# Round Robin - Each connection will be done via chained proxies
# of chain_len length
# all proxies chained in the order as they appear in the list
# at least one proxy must be online to play in chain
# (dead proxies are skipped).
# the start of the current proxy chain is the proxy after the last
# proxy in the previously invoked proxy chain.
# if the end of the proxy chain is reached while looking for proxies
# start at the beginning again.
# otherwise EINTR is returned to the app
# These semantics are not guaranteed in a multithreaded environment.
#
#random_chain
#
# Random - Each connection will be done via random proxy
# (or proxy chain, see  chain_len) from the list.
# this option is good to test your IDS :)
# Make sense only if random_chain or round_robin_chain
#chain_len = 2
# Quiet mode (no output from library)
#quiet_mode
## Proxy DNS requests - no leak for DNS data
# (disable all of the 3 items below to not proxy your DNS requests)
# method 1. this uses the proxychains4 style method to do remote dns:
# a thread is spawned that serves DNS requests and hands down an ip
# assigned from an internal list (via remote_dns_subnet).
# this is the easiest (setup-wise) and fastest method, however on
# systems with buggy libcs and very complex software like webbrowsers
# this might not work and/or cause crashes.
proxy_dns
# method 2. use the old proxyresolv script to proxy DNS requests
# in proxychains 3.1 style. requires `proxyresolv` in $PATH
# plus a dynamically linked `dig` binary.
# this is a lot slower than `proxy_dns`, doesn't support .onion URLs,
# but might be more compatible with complex software like webbrowsers.
#proxy_dns_old
# method 3. use proxychains4-daemon process to serve remote DNS requests.
# this is similar to the threaded `proxy_dns` method, however it requires
# that proxychains4-daemon is already running on the specified address.
# on the plus side it doesn't do malloc/threads so it should be quite
# compatible with complex, async-unsafe software.
# note that if you don't start proxychains4-daemon before using this,
# the process will simply hang.
#proxy_dns_daemon 127.0.0.1:1053
# set the class A subnet number to use for the internal remote DNS mapping
# we use the reserved 224.x.x.x range by default,
# if the proxified app does a DNS request, we will return an IP from that range.
# on further accesses to this ip we will send the saved DNS name to the proxy.
# in case some control-freak app checks the returned ip, and denies to 
# connect, you can use another subnet, e.g. 10.x.x.x or 127.x.x.x.
# of course you should make sure that the proxified app does not need
# *real* access to this subnet. 
# i.e. dont use the same subnet then in the localnet section
#remote_dns_subnet 127 
#remote_dns_subnet 10
remote_dns_subnet 224
# Some timeouts in milliseconds
tcp_read_time_out 15000
tcp_connect_time_out 8000
### Examples for localnet exclusion
## localnet ranges will *not* use a proxy to connect.
## note that localnet works only when plain IP addresses are passed to the app,
## the hostname resolves via /etc/hosts, or proxy_dns is disabled or proxy_dns_old used.
## Exclude connections to 192.168.1.0/24 with port 80
# localnet 192.168.1.0:80/255.255.255.0
## Exclude connections to 192.168.100.0/24
# localnet 192.168.100.0/255.255.255.0
## Exclude connections to ANYwhere with port 80
# localnet 0.0.0.0:80/0.0.0.0
# localnet [::]:80/0
## RFC6890 Loopback address range
## if you enable this, you have to make sure remote_dns_subnet is not 127
## you'll need to enable it if you want to use an application that 
## connects to localhost.
# localnet 127.0.0.0/255.0.0.0
# localnet ::1/128
## RFC1918 Private Address Ranges
# localnet 10.0.0.0/255.0.0.0
# localnet 172.16.0.0/255.240.0.0
# localnet 192.168.0.0/255.255.0.0
### Examples for dnat
## Trying to proxy connections to destinations which are dnatted,
## will result in proxying connections to the new given destinations.
## Whenever I connect to 1.1.1.1 on port 1234 actually connect to 1.1.1.2 on port 443
# dnat 1.1.1.1:1234  1.1.1.2:443
## Whenever I connect to 1.1.1.1 on port 443 actually connect to 1.1.1.2 on port 443
## (no need to write :443 again)
# dnat 1.1.1.2:443  1.1.1.2
## No matter what port I connect to on 1.1.1.1 port actually connect to 1.1.1.2 on port 443
# dnat 1.1.1.1  1.1.1.2:443
## Always, instead of connecting to 1.1.1.1, connect to 1.1.1.2
# dnat 1.1.1.1  1.1.1.2
# ProxyList format
#       type  ip  port [user pass]
#       (values separated by 'tab' or 'blank')
#
#       only numeric ipv4 addresses are valid
#
#
#        Examples:
#
#             socks5  192.168.67.78 1080  lamer secret
#   http  192.168.89.3  8080  justu hidden
#   socks4  192.168.1.49  1080
#         http  192.168.39.93 8080  
#   
#
#       proxy types: http, socks4, socks5, raw
#         * raw: The traffic is simply forwarded to the proxy without modification.
#        ( auth types supported: "basic"-http  "user/pass"-socks )
#
[ProxyList]
# add proxy here ...
# meanwile
# defaults set to "tor"
#socks4   127.0.0.1 9050
socks5 10.133.40.227 7890

简单介绍各配置项用法:

#dynamic_chain:

#每个连接都将通过链接代理完成

#所有代理按列表中显示的顺序链接

#至少有一个代理必须在线才能使用

#(跳过死的代理)

#strict_chain:该配置为ProxyChains的默认配置,同dynamic_chain一样,但所有代理必须正常,否则不能正常使用

#random_chain:该配置项会从ProxyList中随机选择代理IP来运行流量,如果ProxyList中有多个代理IP,在使用proxychains的时候会使用不同的代理访问目标主机,从而使主机端探测流量更加困难。

使用测试

在终端命令输入 proxychains4 软件名

注意 不要使用ping命令来测试,因为SOCKS协议并不支持ICMP包。

sudo proxychains4 git clone ...
sudo  git clone ...
对比速度即可
proxychains4 apt-get
proxychains4 docker
proxychains4 firefox

也可以在命令行输入命令查询ip是否已经属于代理IP

proxychains4 curl ip.gs
curl ip.gs


目录
相关文章
|
2月前
|
Linux 网络安全
Linux虚拟机与主机和Xshell的连接问题解决
Linux虚拟机与主机和Xshell的连接问题解决
94 1
|
3月前
|
虚拟化
虚拟机系统Win7与主机之间不能实现拖放的问题及解决方法
虚拟机系统Win7与主机之间不能实现拖放的问题及解决方法
71 0
|
4月前
|
虚拟化
vmware虚拟机使用主机代理访问谷歌
vmware虚拟机使用主机代理访问谷歌
|
6月前
|
网络安全 C++ Windows
【Windows驱动开发】(主机)VS2017+(虚拟机)win10系统------双机调试
【Windows驱动开发】(主机)VS2017+(虚拟机)win10系统------双机调试
|
5月前
|
IDE Linux 网络安全
如何使用你的虚拟机打开kali
如何使用你的虚拟机打开kali
|
7月前
|
Shell Linux 开发工具
Vmware 虚拟机挂起恢复后发现无法 Ping 通,无法连接到主机
在Linux主机上,以`root`用户停止NetworkManager服务并重启网络: ```shell systemctl stop NetworkManager systemctl restart network ``` 或修改网卡配置文件`ifcfg-ens33`,添加`NM_CONTROLLED="no"`,然后重启`network`服务: ```shell vim /etc/sysconfig/network-scripts/ifcfg-ens33 systemctl restart network ```
218 6
|
6月前
|
安全 Linux 网络安全
NAT模式下主机连接虚拟机
NAT模式下主机连接虚拟机,VMware虚拟机系统以CentOS7为例。
182 0
|
7月前
|
网络协议 Linux 网络安全
虚拟机Vmware详细安装(包含kali,win7与winxp三系统相互ping与安装)
本文是一篇关于虚拟机安装和配置的教程,包括使用VMware安装虚拟机和在虚拟机中安装Kali Linux、Windows 7和Windows XP系统。作者提供了详细的步骤和截图说明,指导读者如何下载和安装VMware,以及如何从提供的链接下载预配置的操作系统镜像文件。安装过程中,重点介绍了如何选择安装路径、接受许可协议、启动安装过程,并强调了不要勾选某些选项以保持默认设置。此外,还提到了如何在虚拟机中配置网络,确保三个系统在同一网段并能互相ping通。最后,作者布置了一些练习,如熟悉操作系统的使用、获取IP地址和互相通信,以及鼓励读者享受学习网络安全的过程。
253 9
|
7月前
|
安全 Linux 测试技术
最新版Kali虚拟机安装和汉化中文教程
本文是对渗透测试安全人员经常使用的测试系统的最新版进行的一次系统配置下载安装配置,同时包含汉化的教程,是对自己熟悉系统安装环境配置的一次总结
977 0
|
7月前
|
网络协议 Linux 程序员
【Linux】虚拟机ipv4地址消失,主机ping不通
【Linux】虚拟机ipv4地址消失,主机ping不通
234 0