Is it possible to have this setup:
[browser] -> [proxy_1 2.2.2.2:800x (PHP_SCRIPT)] -> [proxy_2 1.1.1.x:8080 (HTTP)] -> [remote server]
I have many proxies like this:
1.1.1.1:8080
1.1.1.2:8080
1.1.1.3:8080
I would like the PHP script to accept incoming connection, and forward it to my real proxies, so that I could simply give out my masked proxies:
2.2.2.2:8080
2.2.2.2:8081
2.2.2.2:8082
Is this possible with PHP sockets? Thanks!
Yes, it is possible. You just need to make sure that your proxy1 will forward the connections to proxy2, and only proxy2 will forward directly the connections. If you want to use PHP sockets you will need to parse HTTP headers and process the entire connection. You could use curl library for this.
Here is a project which uses the proxy concept with curl:
https://github.com/jenssegers/php-proxy
Related
I am trying to download an external file using guzzle. This is the code that I use:
$url = 'https://testurl.net/dl/test.mp4?mime=true';
$path = storage_path('app/remote-uploads/test.mp4');
$client = new Client();
$client->get($url, ['sink' => $path]);
The code works and downloads from localhost just fine but when I push it to production I receive this error:
Client error: `GET https://testurl.net/dl/test.mp4?mime=true` resulted in a `403 Forbidden` response:
{"status":403,"msg":"download ISP is different to request ISP. request: AS20115 download: AS30083"}
I am not quite sure how to go about this and would really appreciate any help!
Seems that you are using https://openload.co/api#download-getlink to get a download link and download it then.
In this this I can assume that you hosting provider uses different IP for each outgoing HTTP request, and these IPs are even from different ASs (you think about them as "namespaces", check AS20115 and AS30083). And this particular site (openload.co) treats the situation like a security problem and prevents downloading (the second request).
There is nothing you can do on the application level. You have to talk to you ISP about it's routing rules. Maybe ask about (buy) a static IP address.
You can try to play around HTTP 1.1 keep-alive connections to send all requests through the same connection, but it depends on a server, and openload.co might not support this feature.
P.S. Please, include more details in questions in the future. Others are not wizards to read context from your mind :)
if you using vpn. please disable it
I need to make a server on php that would write me raw packets (full, not some data parts) send to it... is it possible? Setting out listen port and ip would assume TCP/IP, and won't receive full raw packet... any ideas on how to do it right?
What I basically need is to display full TCP/IP packet with all headers. ALL!
Instead of opening a TCP socket, you can open a raw socket.
http://php.net/socket-create
Instead of SOCK_STREAM use SOCK_RAW.
If you are into linux and you are trying WIFI hacks, install aircrack-ng, setup airmon-ng and listen through this interface (non-blocking benefits) using something like ngrep mon0.
ngrep tho can be used to watch any interface, e.g. eth0 (see its manpage).
I am currently using PHP to open up a port 43 connection to get whois information directly from a registry using this code.
// connecting to the whois server.
$handle = fsockopen($server, 43);
if (!$handle)
return false; // connection failure
//asking the server
fwrite($handle, $domain_name."\r\n");
// getting response
$response = '';
while (!feof($handle))
$response .= fgets($handle, 1024);
fclose($handle);
It works great however I want to connect though a proxy server so I route my intertent connection through it. If this were able to use cURL I would use curl_setopt($curl_handle, CURLOPT_PROXY, $ip_address . ':4040'); but i can not find a way to do this using fsocketopen. How can I accomplish this either with cURL or fsocketopen()?
Sockets dont have proxy. Just gateways and routers are in-the-middle (if any). You were talking about cURL, that it has proxy - it only uses http/s proxy service. For example, if you have http proxy service on server example.com:8080 you first need to open connection to server example.com (socket) on port 8080 and then send your request, proxy will forward your request and return response. In your case, you just open tcp connection on port 43 on specific host and exchange data directly with target server. If you dont want to do this directly and reveal your ip (or something) you'll need some service too. If you have access to other machine you could use it to do the job. If you want to do it manually you could use ssh or something like that, if you want to make it automatized, you'll probably need to write service on your middle server because you probably wont find any public proxy servers with other protocols than popular http, ftp, ...
Hope this helps.
By the way I see no reason why you should use proxy on whois service.
You could use a SOCKS proxy to relay the TCP connection from your machine to the SOCKS server to the WHOIS server but you would have to implement the SOCKS communication protocol over fsockopen.
Another method would be to use ProxyChains on the server and execute it via PHP. I've answered a similar question here ( How to capture and feed telnet using php and shell scripting? ) which shows how to invoke proxychains from PHP to execute a WHOIS command on a remote server and read the response.
We all know that HTTP uses port 80, what if i put my server's ip and the port 80 in the browser's proxy setting, will the browser sends the HTTP requests to my index.php which will fetch the website from server side and return response headers and body?
Thanks
Assuming you have Apache or such listening on port 80, your requests will be sent to the server on that port. You should probably enable mod_rewrite and redirect every incoming request into index.php, otherwise the server will look for the requested filename and return a 404. Then you should use cURL inside index.php and echo the raw results, headers included.
The performance of the whole thing may well be less than stellar, I think.
If you're on Apache, there's no point in using a PHP script as a proxy - Apache has a perfectly good proxy (mod_proxy) module already, which would also eliminate the overhead (and problems) of running everything through PHP.
I want to use ssh, something like this:
ssh -D 9999 username#ip-address-of-ssh-server
But within php CURL, but I don't really see how this could be done?
I noticed “CURLPROXY_SOCKS5” as a type in the php site, but guess that wouldn’t work since it isn’t really socks, it’s ssh…
I’m currently using this code:
curl_setopt($ch, CURLOPT_PROXY, ‘ip:port');
But I'm using a free proxy and it’s rather slow and unreliable, I'm also sending sensitive information over this proxy. This is why I want to proxy it over a save server I trust, but I only have ssh setup on it and it’s unable to host a proper proxy.
You can use both libssh2 and curl from within a PHP script.
First you need to get the ssh2 library from the PECL site. Alternatively, the PEAR package has SSH2 support too.
After installing you can then read the ssh2 documentation on setting up a tunnel.
In your script you can then set up the tunnel.
After the tunnel is set up in the script you can specify the CURL proxy.
Perform your CURL operation.
Release the tunnel resource and close the connection in your script.
I'm not a PHP expert, but here's a rough example:
<?php
$connection = ssh2_connect(ip-address-of-ssh-server, 22);
ssh2_auth_pubkey_file($connection, 'username', 'id_dsa.pub', 'id_dsa');
$tunnel = ssh2_tunnel($connection, '127.0.0.1', 9999);
curl_setopt($ch, CURLOPT_PROXY, ‘127.0.0.1:9999');
// perform curl operations
// The connection and tunnel will die at the and of the session.
?>
The simplest option
Another option to consider is using sftp (ftp over ssh) instead of CURL... this is probably the recommended way to copy a file from one server to another securely in PHP...
Even simpler example:
<?php
$connection = ssh2_connect(ip-address-of-ssh-server, 22);
ssh2_auth_password($connection, 'username', 'password');
ssh2_scp_send($connection, '/local/filename', '/remote/filename', 0644);
?>
according to manpage the -D does create a socks proxy.
-D [bind_address:]port
Specifies a local ``dynamic'' application-level port forwarding.
This works by allocating a socket to listen to port on the local
side, optionally bound to the specified bind_address. Whenever a
connection is made to this port, the connection is forwarded over
the secure channel, and the application protocol is then used to
determine where to connect to from the remote machine. Currently
the SOCKS4 and SOCKS5 protocols are supported, and ssh will act
as a SOCKS server. Only root can forward privileged ports. Dy-
namic port forwardings can also be specified in the configuration
file.
You could use ssh2 module and ssh2_tunnel function to create ssh tunnel throu remote server.
Examples available: http://www.php.net/manual/en/function.ssh2-tunnel.php
See my comment on Qwerty's proposed solution. I think you are looking in the wrong direction to try to solve this question. Instead, you should just use cURL and create a personal certificate for yourself. You say you want to use SSH for safety, but why not a certificate instead?
This site will let you easily create one
http://www.cacert.org/
Since it's just for you, you can add an exception to your browsers so they won't complain of a bad certificate. No need for ssh!
To open the SSH tunnel only for the duration of your script, you probably would need to use PHP forks. In one process, open the SSH tunnel (-D - you need to do some work to make sure you're not colliding on ports here), and in the other process, use CURL with socks proxy config. When your transfer is done, signal the ssh fork to terminate so the connection gets torn down.
Keep in mind that while the tunnel is open, other users on the same machine can also proxy on that port if they wanted to. With that in mind, it might be a better idea to use the -L 1234:remotehost:80 flag, and just get the URL http://localhost:1234/some/uri
If things go wrong with this, you may find orphaned SSH tunnels on your server though, so I would call this somewhat fragile.