-
-
redsocks + iptables 安卓代理全局切换
-
2024-2-21 13:27
-
1.前言
时常会遇到需要部分APP有严格风控如(地域IP限制、IP访问频次限制等)。本次利用redsocks + iptables 来实现安卓全局代理切换。顺便记录下,无脑使用。支持http和socks
2.redsocks 介绍
redsocks 可将任何 TCP 连接重定向到 Socks4、Socks5 或 HTTPS (HTTP/CONNECT) 代理服务器。
Socks5/HTTPS 连接支持登录/密码身份验证。Socks4仅支持用户名,密码被忽略。对于 HTTPS,目前仅支持 Basic 和 Digest 方案。
3.iptables 介绍
iptables 本质上是定义linux防火墙规则的工具,定义的规则,可以让在内核空间当中的netfilter来读取,并且实现让防火墙工作。
3.1五处控制规则
1.PREROUTING (路由前)
2.INPUT (数据包流入口)
3.FORWARD (转发管卡)
4.OUTPUT(数据包出口)
5.POSTROUTING(路由后)
3.2数据流走向
4.环境准备
1 2 3 4 5 | # 测试使用版本 redsocks 0.4、iptables v1.4.20# https://github.com/darkk/redsocks 直接拉取代码进行编译apt-get install libevent-devcd redsocksmake |
5.设置代理
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 | # 启动代理并配置项,<IP> 代理IP <PORT>端口# proxy.sh 一共7个入参,详情查看脚本/proxy.sh start http <IP> <PORT> false "" ""# 对代理ip不再代理操作,<IP> 代理IP/iptables -t nat -A OUTPUT -p tcp -d <IP> -j RETURN# 添加群控软件不走全局代理规则,<UID>应用程序,如果你想让安卓上某个进程的网络都不走带可以可以这样设置/iptables -t nat -m owner --uid-owner <UID> -A OUTPUT -p tcp -j RETURN# 对应域名不走代理<xxx1> 不需要走代理的域名/iptables -t nat -A OUTPUT -p tcp -d <xxx1> -j RETURN/iptables -t nat -A OUTPUT -p tcp -d <xxx2> -j RETURN# 添加http代理规则,可以按照自己的业务场景进行端口代理设置/iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to 8123/iptables -t nat -A OUTPUT -p tcp --dport 443 -j REDIRECT --to 8124/iptables -t nat -A OUTPUT -p tcp --dport 5228 -j REDIRECT --to 8124# 添加socks5代理规则/iptables -t nat -A OUTPUT -p tcp -j REDIRECT --to 8123 |
6.关闭代理
1 2 3 4 | # 清除所有代理配置/iptables -t nat -F OUTPUT# 清除配置并干掉进程,具体查看proxy.sh 脚本/proxy.sh stop |
7.proxy.sh 代理脚本
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 | #!/system/bin/shDIR=/data/user/0/xxx.xxx.xxx/filestype=$2host=$3port=$4auth=$5user=$6pass=$7PATH=$DIR:$PATHcase $1 in start)echo "base { log_debug = off; log_info = off; log = stderr; daemon = on; redirector = iptables;}" >$DIR/redsocks.confproxy_port=8123 case $type in http) proxy_port=8124 case $auth in true) echo "redsocks { local_ip = 127.0.0.1; local_port = 8123; ip = $host; port = $port; type = http-relay; login = \"$user\"; password = \"$pass\";}redsocks { local_ip = 0.0.0.0; local_port = 8124; ip = $host; port = $port; type = http-connect; login = \"$user\"; password = \"$pass\";}" >>$DIR/redsocks.conf ;; false) echo "redsocks { local_ip = 127.0.0.1; local_port = 8123; ip = $host; port = $port; type = http-relay;}redsocks { local_ip = 0.0.0.0; local_port = 8124; ip = $host; port = $port; type = http-connect;} " >>$DIR/redsocks.conf ;; esac ;; socks5) case $auth in true) echo "redsocks { local_ip = 0.0.0.0; local_port = 8123; ip = $host; port = $port; type = socks5; login = \"$user\"; password = \"$pass\"; } " >>$DIR/redsocks.conf ;; false) echo "redsocks { local_ip = 0.0.0.0; local_port = 8123; ip = $host; port = $port; type = socks5; } " >>$DIR/redsocks.conf ;; esac ;; socks4) case $auth in true) echo "redsocks { local_ip = 0.0.0.0; local_port = 8123; ip = $host; port = $port; type = socks4; login = \"$user\"; password = \"$pass\"; } " >>$DIR/redsocks.conf ;; false) echo "redsocks { local_ip = 0.0.0.0; local_port = 8123; ip = $host; port = $port; type = socks4; } " >>$DIR/redsocks.conf ;; esac ;; esac $DIR/redsocks -p $DIR/redsocks.pid -c $DIR/redsocks.conf ;;stop) $DIR/busybox killall -9 redsocks $DIR/busybox killall -9 cntlm $DIR/busybox killall -9 stunnel $DIR/busybox killall -9 tproxy kill -9 `cat $DIR/redsocks.pid` rm $DIR/redsocks.pid rm $DIR/redsocks.confesac |
[培训]二进制漏洞攻防(第3期);满10人开班;模糊测试与工具使用二次开发;网络协议漏洞挖掘;Linux内核漏洞挖掘与利用;AOSP漏洞挖掘与利用;代码审计。
最后于 2024-2-21 15:30
被XJ。编辑
,原因:
