Jump to content

cmalex

Member
 View Profile  See their activity

  • Posts

    41

  • Joined

  • Last visited

  • Days Won

    2

  • Donations

    0.00 USD 

  • Country

    Ukraine

 Content Type 

Everything posted by cmalex

  1. cmalex
    Greetings. Minimal batch testcase. Tested in WinXP, Win Vista (long time ago) and Win8.1(just now). When child cmd closed with 'x' button in top right corner (or by taskkill /FI "WINDOWTITLE eq testX" ), parent cmd will ask "Terminate job batch" and return errorlevel -1073741510. start /w "testX" cmd /k "echo Close me with 'x' button" echo Errorlevel is %errorlevel% pause Workaround (unfotrunatly, with any errorlevel's loss from child app) cmd /c "start "testX" /w cmd /k "echo Close me with x"" echo Errorlevel is %errorlevel% pause Best regards.
  2. cmalex
    Greetings. No. They do the same and don't depend on each other. ProxHTTPSProxy.exe is a dummy exe from PIP ("Lib\site-packages\pip\_vendor\distlib\t32.exe") + something name "shebang" ("#!./python.exe") + zip-archive of __main__.py with just one string - "import ProxHTTPSProxy". I find something. It must call "on_exit" function then window closed. I'll try to integrate it. import win32api import time def on_exit(signal_type): print('caught signal:', str(signal_type)) time.sleep(1) for i in range(1,5): print (6-i) time.sleep(1) win32api.SetConsoleCtrlHandler(on_exit, True) time.sleep(30) Privoxy? I'd something like it... But why did I abandon it and not use it? I don't remember... Do You know how to test it and get it to work? https://mega.nz/file/Hk1mQL6L#hag3q96mhhvlHqPd7gxwNQY2pjcCqq-Ce3aRJSYLi34 - package (minimal set of files to launch) https://mega.nz/file/fwMDCJoJ#3JPVB33oAiBQ5fTLqVhuk1XfkfXXWndlDVA6iv8Yh50 - full copy of dev folder. Best regards.
  3. cmalex
    Greetings. Please say to me, if i do something wrong... https://mega.nz/folder/68dj2YTY#As2w31IO4Smr7gy6p1ciSg OpenSSL*.7z - development files and binaries of OpenSSL (for testing purpose) 3proxy*.7z - package of 3Proxy + SSLPlugin. After launch bin\3proxy.exe it open port MITM 3128 (due to configuration stored in 3proxy.cfg). Additional options - "toggle_certstore" - to not save certificates in certs folder and "ssl_ciphers" - list of allowed ciphers in OpenSSL notation. Default "ALL" (~140ciphers), full set - "ALL:COMPLEMENTOFALL"(~190 ciphers) ProxyMII*.7z - package of ProxyMII + Python3.7.1. After launch ProxHTTPSProxy.exe or ProxHTTPSProxy.bat it open MITM port 8079 (due to config.ini) I'd tried to add to OpenSSL very weak cipher (DES-CBC-SHA) as 'last hope' to connect - but it doesn't work as expected. IE8 can connect with OpenSSL s_server via this cipher, but both 3proxy and ProxyMII throw an error. Yes, it must work without PosReady. At least i'd checked it on fresh virtual WinXP SP3 without additional updates (made sure there was no 256bits ciphers and TLS1.1/TLS1.2). Python 3.7.1 required Microsoft Visual C++ 2015 Redistributable. In 3proxy next config open 3128 as MITM and 3126 as standard proxy for all domains except *.google.com and msfn.org (they will be redirected to 3128 port and, therefore, MITM). Domains must be listed in one line, without spaces, with comma as delimiter. ssl_mitm proxy -p3128 ssl_nomitm allow * * *.google.com,msfn.org parent 1000 connect+ 127.0.0.1 3128 allow * proxy -p3126 Best regards.
  4. cmalex
    Greetings. SSL3 AES128-SHA (aka TLS_RSA_WITH_AES_128_CBC_SHA) exists on Your's screenshots. So at least one shared cipher exists... But on settings You have SSL3 disabled (very strange that Your's settings and clienttest.ssllabs.com show differ things). Are You able to enable SSL3? Via settings or registry... In registry please check HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Ciphers and HKLM\SYSTEM\CurrentControlSet\Control\SecurityProviders\Schannel\Protocols My settings is in attachment. Any item enabled, if key Enabled=0 doesn't exists. For quick check You can use full build of OpenSSL with testCipher.bat in bin folder. After run it ask once for certificate data(just leave empty) and must run ssl server at port 44330 (please just ignore certificate errors). https://mega.nz/#!3tF0zazQ!GBR8-4Zqnzd2D_UWf6CRLkqWJ1Au5TYEpvnWeXTExzU Best regards. UPD: You can add -cipher "ALL:COMPLEMENTOFALL" to last command (last string, after -www) to use all possible ciphers. schannel.zip testCiphers.bat
  5. cmalex
    Greetings. Please try to replace ProxHTTPSProxy.py and ProxyTool.py with ones from py.zip in attachment. This variant must work even with IE6. If not - can You please open https://clienttest.ssllabs.com:8443/ssltest/viewMyClient.html in Your browser, save it as "Webpage, html-only" and sent to me? Data from my browser - in attachment html.zip Best regards. py.zip html.zip
  6. cmalex
    Greetings. Sorry, i don't know if full 3proxy documentation exists. There example configs in sources https://github.com/3proxy/3proxy and answers for questions in issues https://github.com/3proxy/3proxy/issues Also exist large Russian topic on RuBoard http://forum.ru-board.com/topic.cgi?forum=5&topic=20458 ... When You asked about 3proxy.cer i'd reviewed changes on site and stuck at License Agreement https://3proxy.ru/current/License.txt I'll include Copying file from 3proxy sources. But will this be enough? Also i'd used (and published) ProxyMII, Python, OpenSSL3(with my Win98 patch), cryptography, LibFFI, cffi - each with its own license agreement and publishing rules. What files should be added and what changes should be made to the structure of the archives to fulfill the terms of the license agreements for each of the components used? When I used for myself I didn't ask these questions... And it's mean that my python 3.8.13 publication also violates the terms of licence. Temporarly i'd add lint in Mega folder to https://docs.python.org/3/license.html ... Best regards.
  7. cmalex
    Greetings I'd preferred for user. Yes, i'm sure. Code signing certificate - it's about signed executable (some like "Did you want to run untrusted application on this computer") No, 3proxy can't generate certificate and keys by themself. And looks like i'd lost all licensing things from all used components (3proxy, openssl, python, ProxyMII). I'm removing all links. Can You please help get licenses in order? What more files or links You need for it? Best regards.
  8. cmalex
    Greetings. Sorry, my bad. Yes, there is must be three files in certs folder - 3proxy.key, 3proxy.pem, server.key. And You need to import 3proxy.pem. Some info from author - https://3proxy.org/plugins/SSLPlugin/?l=EN I can't find mail - how to prolong or change 3proxy.pem. Initially i got it from author release. In my first variant - config that i had used this time. At launch 3proxy.exe reads 3proxy.cfg >plugin .\plugins\SslPlugin.dll ssl_plugin - load plugin. >nserver 192.168.1.1 - preffered DNS server >nscache 16000 - DNS records live time >ssl_certcache .\certs\ - folder to store certificates >ssl_mitm - begin of ssl_plugin settings >toggle_certstore - switch to cache or not certs in folder >proxy -p3128 - listen at port 3128 as MITM proxy >ssl_nomitm - end of ssl_plugin settings >proxy -p3129 - listen at port 3129 as usual proxy Second config add options to list preffered ciphers. Now - all possible. >ssl_ciphers ALL:COMPLEMENTOFALL And (as my hope) this fragment redirect from socks port 3127 to MITM port 3128. >allow * >parent 1000 connect+ 127.0.0.1 3128 >socks -p3127 I'd never used other 3proxy abilities... Best regards.
  9. cmalex
    Greretings. Yes. In new archive - upgraded openssl (3.0.0 -> 3.0.5), cryptography (3.3.2 -> 3.4.8), created ProxHTTPSProxy.exe, small changes in directory structure. Best regards.
  10. cmalex
    Greetings. Yes, i see that. But on my screenshots same version with IE8 give me SSL3 TLS1.0 TLS1.1 enabled. And wget also can see SSL3 wget.warc.gz - result of command 'wget -e "https_proxy=127.0.0.1:8079" "https://clienttest.ssllabs.com:8443/ssltest/viewMyClient.html" --no-check-certificate --warc-file=wget' I can't find old mails with descriptions - so much easiest solution is to recompile cryptography 3.4.8 with new OpenSSL3.0.5. 3proxy can use much more ciphers. ProxHTTPSProxy.EXE - launcher based on pip scripts - it just call python37.exe and import ProxHTTPSProxy.py sslproxies2.7z - full ProxyMII and 3proxy with upgraded openssl (3.0.0 -> 3.0.5), cryptography (3.3.2 -> 3.4.8), created ProxHTTPSProxy.exe, small changes in directory structure. Best regards. UPD. And forgot to say - my main comp is verified GMOSSE2-free :-). So it all works on non-SSE2 CPU. wget.warc.gz
  11. cmalex
    Greetings. I'm not sure. Sorry, it was A LOT time ago. I'd preffered to enable weak ciphers for use with IE5 in Win98... Please try to open https://clienttest.ssllabs.com:8443/ssltest/viewMyClient.html with IE. Currently ProxyMII from same archive show all TLS+SSL3. But i remember a much larger amount of ciphers (lack of weak\insecure)... I'll to check my archives. Sorry, i can't set to work neither py2exe nor pyinstaller... Best regards.
  12. cmalex
    Greetings. More than year ago i'd compiled OpenSSL3.0.0 for WinXP and build on it base two MITM proxy for TLS1.3 - ProxHTTPSProxy+Python3.7 (port 8079) and 3proxy+SSLPlugin (port 3128). 3proxy use less memory and CPU resources. Best regards.
  13. cmalex
    Greetings. Next iteration. Restored IPv6, fixed errors. Now 11 test failed (29 subtests), 370 passed. Not sure that I can do something more. Python3.8_1a5d0099c3.7z ssl3.0.5_1a5d0099c3.7z Python3.8_TclTk_1a5d0099c3.7z at https://mega.nz/folder/KxExlAiC#L9rAQ5kTCtlHgZUwaxMpgw Best regards WinXP_Virtual_1a5d0099c3.7z
  14. cmalex
    Greetings. Time will tell. mitmproxy 7.x fails because of fully disabled IPv6 support. 3.8.13 fails 16 standart tests (passes 363) at this moment on clean virtual WinXPSP3 . But I see ways to improve this result. For comparison - 3.7.1 fails 84 tests (passes 280) on the same system. On Win8.1, the official installation passes all tests. winxp_virtual.7z
  15. cmalex
    Greetings. Completely disabled IPv6, if_nametoindex, if_indextoname. Stub for add_dll_directory. A list of failed tests is included. Tested on youtube-dl-2021-12-17, yt-dlp-2022.06.29, streamlink-4.1.0, mitmproxy 6.0.3 (patched with zstandard from WHL folder). https://mega.nz/folder/KxExlAiC#L9rAQ5kTCtlHgZUwaxMpgw PS. Sorry, I have a problems with email. So there may be a huge delay in responses... Best regards.
  16. cmalex
    Greetings. I had compiled Cryptography 2.9.4, cffi 0.14.0 and some other libs for Python 3.7.1 (thousand thanks to Dibya) for WinXP (without SSE2 support). OpenSSL 1.1.1g compiled with MSVC for Python 2.7 https://www.microsoft.com/en-us/download/details.aspx?id=44266 *.dll to *.def converted with pexports https://sourceforge.net/projects/mingw/files/MinGW/Extension/pexports/ Cryptography compiled (and *.def to *.a converted) with MinGW GCC 6.1 http://files.1f0.de/mingw/mingw-w64-gcc-6.1-stable-r20.7z Command line for compiling python setup.py build -c mingw32 But it's also need some changes in distutils and setup.py... At least streamlink, youtube-dl and mitmproxy (6.0 from git) works perfectly. Full archive from C:\Python37 https://mega.nz/#!v8MjAATQ!fYErykcN0bBSVvU2-SjqcY8UG6sJsMZYQk5B_X6WflQ
×
×
  • Create New...