Disappointing lack of response to my previous query concerning the implementation of SOCKSv4 under MASM :(

Am I to believe that not one of u guys has coded something similar, nobody has coded a monkey in the middle or anything resembling a proxy server ???

Cmon !!! I'm losing faith !!!

I neglected to mention in my previous posting that I am only using one invokation of WinSock to get my two initial Sockets (Local Server Listen, Remote Host Client) and thus only one WSA structure ... could that be the prob? I just couldn't see any good reason why the WSA struct couldn't be re-used... am I in error?
Posted on 2001-11-20 23:31:27 by Homer
At the moment i am slightly intoxicated as it was a good freinds birthday ;), and I haven't got a clear idea of what it is you want to do. You want to connect to a proxy, or create a proxy server? Or is it more on a "spoofing" level (I don't know what the legit word for that is). Hopefully Thomas or one of the other "Wise Men" (as i like to call them) is around and can help you. I would suggest mailing Thomas, Hutch, or any of the moderators of this site. They more than likely can help. Or you could just wait a day or so untill they make the rounds on the board. Please elaborate a bit more for me. It sounds interesting. I would love to help if i knew exactly what it was you are aiming for.

Reguards,
Nok.

p.s. - Holidays...ahhh...pure bliss!:tongue:
Posted on 2001-11-21 02:01:35 by Nokturnal
From your previous post:
I am coding a server which is to support Socksv4 Proxy on a default listening port. I set up two windows sockets messages whoch both point at hWnd, and I get me two socket handles, and one I set up as a Listening socket using WSAAsynchSelect then Listen, the other I dont use yet... when I get incoming connection, I accept it and when I get incoming data I parse it for being socksv4-Connect data. If it is, I extract the destination IP and Port, and I call WSAASynchSelect and then I normally would next call Connect, but in my case I keep getting an error on the second call to WSAASynchSelect, being 10014, WSAEFAULT, which in the SOckets Helpfile under WSAAsynchSelect is described as being a "bad namelen argument" ... I'm using ws2_32.dll on Windows XP - why does it work the first time and not the second? Any ideas?


I once tried something with SOCKS because I needed a way to make my webserver in httpft work behind a router.. I coded a simple console prog that connected and bind to the SOCKS server, but I found the possibilities of socks far too limited for my use. This has been a long time ago and I've never looked at socks since then. A simple portmapping in the router solved all my problems..
But to get back to your problem, first of all the error seems a bit strange.. It's real meaning is 'invalid pointer given', but as WSAAsyncSelect doesn't use any pointers as parameters, it's strange that the error occurs there. Are you sure that WSAAsyncSelect is the one that fails?
Also I'm wondering why you create two sockets.. You only need one socket to make the primary connection with the socks server, then bind it and wait for an incomming connection. If I remember correctly, the same connection is then used as communication channel with the real client. But I can't remember much about socks so I may be wrong.
Using one WSAStartup is okay, it's only used to initialize the winsock dll, that's all.
If you have some source you can post, please do, it might help.

Thomas
P.S. noktural: I'm flattered you call me a wise man, but I'm not a moderator :)

edit:
I forgot to say that I lost the source of that console app. Sorry for that :(
Posted on 2001-11-21 06:12:56 by Thomas
Hey guys, thanks for showin some interest :)
The reason I need two sockets is because I am not trying to CONNECT to a SOCKS server, I am trying to actually IMPLEMENT SOCKS , ie I am coding a server which supports this protocol. The concept is that of a "Monkey In The Middle", a server which can be used simply as a proxy, or more interestingly, as a packet capture and editing tool with full duplex. When I say PACKET here I am referring to the TCP PAYLOAD minus all the header crap, effectively the program works as a reSEQuencer, allowing u to inject data into a TCP stream without upsetting the client/server SEQ ;) It COULD be used as a tool for Evil, but that is NOT my intent, it is to be a Filter application for clients which are socks4 capable... the idea is that you connect your client to a LOCAL SOCKS SERVER and from there to the REAL server ... ya follow that? Its not the most common tool in the world, but damn useful and very flexible... this aint a pipedream, I implemented this under win98 and linux, but for some odd reason it won't work for XP hmmm @ that ... oh and yes, I am positive that its the WSAAsyncSelect (2nd invocation) which is failing on me with that error I mentioned.
If anyone has source for a monkey in the middle, even in another lang, I'd like to take a peek see if I can work out what I am doin different to the last time I coded this thing ...
Posted on 2001-11-23 21:19:38 by Homer
Sorry I misunderstood you then..:rolleyes: I've never coded a socks server or looked for sources of it so I can't help you here.. If you have a piece of source to show us, maybe we can help you further but without source I can only guess..

Thomas
Posted on 2001-11-24 05:13:47 by Thomas
Well I COULD post some source, and if anyone else requests it I shall, but how could you possibly help me if you know nothing of the socksv4 protocol, and have never coded for it? I daresay you would not have ever encountered this problem !!

If you have coded something that uses ingoing AND outgoing socket connections, then say so :|
Posted on 2001-11-27 10:02:40 by Homer
evilhomer,

take a look in http://www.coderz.net/asm_infamy/infamy.htm in a tool i coded called schadenfreude.zip. its a proxy-like tool ;)

ancev
Posted on 2001-11-27 11:55:55 by ancev
Well I COULD post some source, and if anyone else requests it I shall, but how could you possibly help me if you know nothing of the socksv4 protocol, and have never coded for it?


I do know things about socksv4, I know how it works, read my post again:

My own quote:
I once tried something with SOCKS because I needed a way to make my webserver in httpft work behind a router.. I coded a simple console prog that connected and bind to the SOCKS server, but I found the possibilities of socks far too limited for my use.
.
I said I did code for the socks protocol, however I never wrote a socks *server*.


I daresay you would not have ever encountered this problem !!

If you have coded something that uses ingoing AND outgoing socket connections, then say so :|


I don't have much experience with socks, but I have a lot of experience with winsock, and it's likely that your problem has nothing to do with the socks protocol, but with some bug in your code. That's why I asked for code. Without code, I really can't help you further, but with code, there's still a chance :)
To answer your question I have coded with incomming sockets and outgoing sockets, okay never using them at the same time but that's no big deal.

Thomas
Posted on 2001-11-27 13:09:33 by Thomas
Thank you guys for your valuable input, especially Ancev and his rather generic proxy source, most useful !! Although I must say I was a tad concerned at the NASM version of it in there, it looks insidious !! PE-Header, registry writes, etc, looking like some sorta trojan binder??? ANyway, the MASM version is straightforward, and it is how I originally approached this code myself some 2 years ago ....

This time around, I didn't want to use a manual connect method for connecting to the remote host (you used a button there) instead I wanted my app to connect to the remote host only AFTER it had accepted a client... make sense? Anyway what I have been doing differently in my source is this : when a client connects, I Accept the connection, and immediately attempt to Connect to the remote server from within the same code, ie, the FD_CONNECT handler for the Client Side will try to Connect using the as-yet unused Server Socket.
Do you think that could be the problem, trying to call an asynch socket function from within an asynch socket handler? Maybe I should be using a flag and calling Connect from outside the handler ie in the window procedure? Well I will try that anyway and if that don't work then I am gonna start tearing my hair out !!!
Posted on 2001-11-30 09:50:43 by Homer
Well, in the end, I figured it out for myself (sigh)
I was correct, for anyone who is remotely interested in coding a proxyserver under winsock, be aware that you CANNOT call asynchronous socket functions from within the handler for another asynch socket function...
In English, once you have accepted a client connection, you must set a flag (I used a global variable in this case), and so, monitoring this flag from the main window procedure, we can proceed to connect to the remote server AFTER the client has been Accepted, and now it won't bug out on us.
Since my server is currently only being coded to accept a single client at once, it's quite acceptable for me to use a StateFlag variable which denotes the application's STATE, like we would for coding a game etc.

StateFlag Value Meaning
=========== ======
0 No Connection (idle and listening)
1 Client accepted, ready to connect remotely
2 Busy connecting to Remote Host
3 Connected Remotely, Ready To Rock :alright:

I had to include the State=2 because if I am monitoring the flag from the main windowproc, I found it would call the Connect code more than once (gasp!) even when the first thing it did was to alter the State value, I would get more than one connection to the remote host (possibly due to Windows multithreading on an NT-based OS?) Anyhow,now it works, and it works well :grin:

As soon as I have cleaned up the source and got the data moving around, I will post the entire Source for all to see :tongue:

Thanks again for all who took an interest, even if I didn't get the answer I wanted, it helped to bounce ideas off a brick wall LOL it got me thinking and helped me see a way around the problem I was having, and dammit I don't care if the solution was ugly, the point is that it WORKS :grin:
Posted on 2001-12-03 02:05:29 by Homer

...especially Ancev and his rather generic proxy source, most useful !! Although I must say I was a tad concerned at the NASM version of it in there,
it looks insidious !! PE-Header, registry writes, etc, looking like some sorta trojan binder???

much peoples dont like proxies running in their machines. so, it must have stealth, and auto-run...
i thought you was evil, goodhomer2k ;)


Anyway, the MASM version is straightforward, and it is how I originally approached this code myself some 2 years ago ....

isnt a MASM version. Is the client tool to operate the server.

stealth&code control->NASM
nice gui and like->MASM

anyway, i coded a SOCKS4 server, that time in TASM :alright:

it dont have neither stealth, neither auto-run, else it will be a trojan, what's forbidden here. ;)

ancev

ps: to add stealth and autorun, check my page for gold_teeth.zip and autostart.zip. they modify pe exes to add these abilities.

pps: the BIND command is commented out. i didnt find a single application that use this request to the proxy, so, i was unable to test that code.
Posted on 2002-03-06 16:54:16 by ancev