Post Reply 
Proxomitron Reborn
Jan. 03, 2019, 02:03 PM
Post: #151
RE: Proxomitron Reborn
Have a question about Post 97 by zoltan (Dec. 11, 2018).

He posts what's in his main Proxomitron folder:

"Just to be certain, my main Proxomitron folder contains:
certs.pem, libeay32.dll, msvcr70.dll, openssl.exe, proxcert.pem, proxcert_certonly.pem, ssleay32.dll & zlib.dll.

Any problem with those?"

--------------------

amy posts in Post 98:

Your file list looks fine (apart from the surprising lack of a default.cfg, or maybe you source your config from elsewhere.) The msvcr70.dll is not needed with the DLLs in my post.


OK, my question ... I did not have 'msvcr70.dll' in the main folder, so that's OK. However, I also do not have 'proxcert_certonly.pem' in my main Proxomitron folder.

What is that and where do I get it? ... I assume it is needed or should be in the folder.

I have everything else mentioned by zoltan.
...
Add Thank You Quote this message in a reply
Jan. 03, 2019, 03:29 PM
Post: #152
RE: Proxomitron Reborn
(Jan. 03, 2019 02:03 PM)Callahan Wrote:  However, I also do not have 'proxcert_certonly.pem' in my main Proxomitron folder.

What is that and where do I get it? ... I assume it is needed or should be in the folder.

You click "Certificate Generation and Installation" (Config>>HTTPS). Shown in post 88.

"Add root certificate generation" in Post 89 for use.

(Dec. 10, 2018 05:39 AM)amy Wrote:  If you click Generate, it will create/overwrite the proxcert.pem and proxcert_certonly.pem files, and then after restarting Proxomitron and installing the certificate as a trusted root in the browser(s) you use, you can start experiencing real SSL filtering!

The generated "proxcert.pem" starts with a private key. "proxcert_certonly.pem" is just the certificate.
Add Thank You Quote this message in a reply
[-] The following 2 users say Thank You to JJoe for this post:
Callahan, amy
Jan. 03, 2019, 06:19 PM
Post: #153
RE: Proxomitron Reborn
Thanks JJoe for the reply and detailed information. I will work on this later today or evening.
...
Add Thank You Quote this message in a reply
Jan. 05, 2019, 04:00 AM
Post: #154
RE: Proxomitron Reborn
(Jan. 03, 2019 05:40 AM)amy Wrote:  I will consider changing the request parsing such that local.ptron is a "special" host and automatically becomes a local request regardless of port number.

That fix will help to fix another issue I'm going to talk about. I'm on a Mac so my writing may be inaccurate.

If you turn on debug in the log window, then visit a https site say https://twitter.com, you will see the stylesheet for the dbug view is not applied. If you right click to view the source of that page, you will see the viewsrc.css is inserted via href="http://....." and that's why it's not loaded on a https site. That http:// thing is hardcoded in the program so it needs to be adjusted to automatically adapt to the protocol of the page. Besides viewsrc.css, this needs to be changed for all other local.ptron resources.

I agree with you that local.ptron should be treated specially regardless of port number. It's https if you see CONNECT, otherwise it is http, the port number is not important, and is not even needed in the config - https tab.
Add Thank You Quote this message in a reply
[-] The following 1 user says Thank You to whenever for this post:
mizzmona
Jan. 06, 2019, 06:55 PM
Post: #155
RE: Proxomitron Reborn
Aloha,

I just registered to say THANK YOU ALL!

I'm a Proxomitron lover, and now, without the certificate warnings, I even love more!

A happy new year to everybody out there, may this message be reached through via http or https... Smile!
Add Thank You Quote this message in a reply
Jan. 07, 2019, 05:54 AM
Post: #156
RE: Proxomitron Reborn
Current Browsers will not open the file URLs on http://local.ptron/.pinfo/lists/ because they have the form "file//C|". The form needs to be "file//C:".
Please correct the form.



In the past, I have 'fixed' this (and more) by filtering "127.0.0.1:8080/.pinfo/" pages.
While "local.ptron/.pinfo" pages can not be filtered, "127.0.0.1:8080/.pinfo" pages could.

Code:
[Patterns]
Name = "/.pinfo/lists/ fix file url : for |"
Active = TRUE
URL = "127.0.0.1:8080/.pinfo/lists/"
Limit = 1
Match = "\|"
Replace = ":"

Starting with "4.6.0.0", "127.0.0.1:8080.pinfo" pages can not be filtered.
Could we have the old behavior back?



To block a request, I may redirect it to a local file with an expression like

Code:
$USEPROXY(false)$SET(keyword=i_proxy:0.)$RDIR(127.0.0.1:8080/killed.gif?\u)

because "127.0.0.1:8080" requests are displayed at "local.ptron/.pinfo/urls/" and "127.0.0.1:8080/.pinfo/urls/", unlike "local.ptron" requests.
Starting with "4.6.0.0", "127.0.0.1:8080" requests are not displayed at "/.pinfo/urls".
Could we have the old behavior back?
Add Thank You Quote this message in a reply
Jan. 08, 2019, 01:36 AM (This post was last modified: Jan. 08, 2019 01:36 AM by whenever.)
Post: #157
RE: Proxomitron Reborn
Another suggestion is to remove MD5, SHA1 and SHA224 from the Signature Algorithm drop down menu. They are either not secure any more or not approved for use with publicly trusted certificates. I can also foresee by removing them will also avoid new users complaining their browsers not working with the certificates and blaming it to Proxomitron.

Reference:
  • https://www.sslshopper.com/article-check-ssl-certificates-for-the-vulnerable-md5-algorithm.html
  • https://www.thesslstore.com/blog/difference-sha-1-sha-2-sha-256-hash-algorithms/


.png  hashing algorithm.png (Size: 7.12 KB / Downloads: 469)
Add Thank You Quote this message in a reply
Feb. 04, 2019, 12:34 PM
Post: #158
RE: Proxomitron Reborn
4.6.0.4 is coming soon, just need to think some things through a little more carefully because there are conflicting requirements.
Add Thank You Quote this message in a reply
[-] The following 6 users say Thank You to amy for this post:
mizzmona, referrer, usr, Styx, Callahan, defconnect
Feb. 04, 2019, 08:37 PM
Post: #159
RE: Proxomitron Reborn
(Feb. 04, 2019 12:34 PM)amy Wrote:  4.6.0.4 is coming soon...

First, many thanks again.

Don't let filtering 127.0.0.1:8080.pinfo or displaying 127.0.0.1:8080 slow you down.
Very few people have known about these undocumented 'features' and less have used them.

Don't let Proxo steal too much of your time.
Add Thank You Quote this message in a reply
[-] The following 1 user says Thank You to JJoe for this post:
Callahan
Feb. 05, 2019, 02:42 AM
Post: #160
RE: Proxomitron Reborn
Opera (Chrome) alerts 'Mixed Content' and blocks access to http://local.ptron/ViewSrc.css when using 'HTML Debug Info' on HTTPS pages.
Add Thank You Quote this message in a reply
Feb. 08, 2019, 07:42 AM
Post: #161
RE: Proxomitron Reborn
The Replacement Stack doesn't always work correctly.

To replicate:

Code:
[Patterns]
Name = "Remove: ping  test stack"
Active = TRUE
Bounds = "<a\s*>"
Limit = 1536
Match = "\# "
        "("
        "ping=$AV(*)"
        "|"
        "onmousedown=$AV(return (clk|rwt|hlprwt) \(*)"
        ")"
        " \#"
Replace = "---\r\n"
          "\@\r\n"
          "---\r\n"

Enable HTML Debug info
https://www.google.com/search?q=britepic

With Opera, I see:
.jpg  stackerror.jpg (Size: 108.23 KB / Downloads: 456)

Code:
<Match: Remove: ping  test stack >
<a href="https://venturebeat.com/2007/04/02/britepic-photography-may-never-be-the-same/" ping="/url?sa=t&amp;source=web&amp;rct=j&amp;url=https://venturebeat.com/2007/04/02/britepic-photography-may-never-be-the-same/&amp;ved=2ahUKEwjJodi3zKvgAhUHG6wKHZK8AVEQFjAAegQIAhAB">
</Match>
---
<a href="https://venturebeat.com/2007/04/02/britepic-photography-may-never-be-the-same/">
---
<h3 class="LC20lb">BritePic -- photography may never be the same | VentureBeat</h3>
<br><div class="TbwUpd"><cite class="iUh30">https://venturebeat.com/2007/04/02/britepic-photography-may-never-be-the-same/
</cite></div></a><span><div class="action-menu ab_ctl"><a class="GHDvEf ab_button" href="#" id="am-b0" aria-label="Result Options" aria-expanded="false" aria-haspopup="true" role="button" jsaction="m.tdd;keydown:m.hbke;keypress:m.mskpe" data-ved="2ahUKEwjJodi3zKvgAhUHG6wKHZK8AVEQ7B0wAHoECAIQAg">
<span class="mn-dwn-arw"></span></a><div class="action-menu-panel ab_dropdown" role="menu" tabindex="-1" jsaction="keydown:m.hdke;mouseover:m.hdhne;mouseout:m.hdhue" data-ved="2ahUKEwjJodi3zKvgAhUHG6wKHZK8AVEQqR8wAHoECAIQAw">
<ol><li class="action-menu-item ab_dropdownitem" role="menuitem">
<Match: Remove: ping  test stack >
<a class="fl" href="https://webcache.googleusercontent.com/search?q=cache:Fy1drqhTWm8J:https://venturebeat.com/2007/04/02/britepic-photography-may-never-be-the-same/+&amp;cd=1&amp;hl=en&amp;ct=clnk&amp;gl=us" ping="/url?sa=t&amp;source=web&amp;rct=j&amp;url=https://webcache.googleusercontent.com/search%3Fq%3Dcache:Fy1drqhTWm8J:https://venturebeat.com/2007/04/02/britepic-photography-may-never-be-the-same/%2B%26cd%3D1%26hl%3Den%26ct%3Dclnk%26gl%3Dus&amp;ved=2ahUKEwjJodi3zKvgAhUHG6wKHZK8AVEQIDAAegQIAhAE">
</Match>
---
<a href="https://venturebeat.com/2007/04/02/britepic-photography-may-never-be-the-same/"
<a class="fl" href="https://webcache.googleusercontent.com/search?q=cache:Fy1drqhTWm8J:https://venturebeat.com/2007/04/02/britepic-photography-may-never-be-the-same/+&amp;cd=1&amp;hl=en&amp;ct=clnk&amp;gl=us">
---

The replace for the second match begins with the first stack entry of the prior filter.
This happens on half the matches on that page.

Firefox shows the errors with different code:

Code:
<Match: Remove: ping  test stack >
<a href="https://venturebeat.com/2007/04/02/britepic-photography-may-never-be-the-same/" onmousedown="return rwt(this,'','','','1','AOvVaw1COy3lz9g2WvLg1QNtXgT-','','2ahUKEwibnurmzqvgAhUIRKwKHRMDD6sQFjAAegQIABAB','','',event)">
</Match>
---
<a href="https://venturebeat.com/2007/04/02/britepic-photography-may-never-be-the-same/">
---
<h3 class="LC20lb">BritePic -- photography may never be the same | VentureBeat</h3>
<br><div class="TbwUpd"><cite class="iUh30">https://venturebeat.com/2007/04/02/britepic-photography-may-never-be-the-same/
</cite></div></a><span><div class="action-menu ab_ctl"><a class="GHDvEf ab_button" href="#" id="am-b0" aria-label="Result Options" aria-expanded="false" aria-haspopup="true" role="button" jsaction="m.tdd;keydown:m.hbke;keypress:m.mskpe" data-ved="2ahUKEwibnurmzqvgAhUIRKwKHRMDD6sQ7B0wAHoECAAQAg">
<span class="mn-dwn-arw"></span></a><div class="action-menu-panel ab_dropdown" role="menu" tabindex="-1" jsaction="keydown:m.hdke;mouseover:m.hdhne;mouseout:m.hdhue" data-ved="2ahUKEwibnurmzqvgAhUIRKwKHRMDD6sQqR8wAHoECAAQAw">
<ol><li class="action-menu-item ab_dropdownitem" role="menuitem">
<Match: Remove: ping  test stack >
<a class="fl" href="https://webcache.googleusercontent.com/search?q=cache:Fy1drqhTWm8J:https://venturebeat.com/2007/04/02/britepic-photography-may-never-be-the-same/+&amp;cd=1&amp;hl=en&amp;ct=clnk&amp;gl=us" onmousedown="return rwt(this,'','','','1','AOvVaw26U9G5DrAC_O9wYNx_ojET','','2ahUKEwibnurmzqvgAhUIRKwKHRMDD6sQIDAAegQIABAE','','',event)">
</Match>
---
<a href="https://venturebeat.com/2007/04/02/britepic-photography-may-never-be-the-same/"
<a class="fl" href="https://webcache.googleusercontent.com/search?q=cache:Fy1drqhTWm8J:https://venturebeat.com/2007/04/02/britepic-photography-may-never-be-the-same/+&amp;cd=1&amp;hl=en&amp;ct=clnk&amp;gl=us">
---
Add Thank You Quote this message in a reply
[-] The following 1 user says Thank You to JJoe for this post:
amy
Feb. 09, 2019, 02:50 AM (This post was last modified: Feb. 09, 2019 03:25 AM by JJoe.)
Post: #162
RE: Proxomitron Reborn
(Feb. 08, 2019 07:42 AM)JJoe Wrote:  The Replacement Stack doesn't always work correctly.

The original Proxomitron shows the same behavior on Win7 and 10.

Dumping the stack to a variable at the beginning of the filter seem to 'fix' this for now.


Note: I only checked Win7 and 10



Edit: Added note
Add Thank You Quote this message in a reply
[-] The following 4 users say Thank You to JJoe for this post:
Styx, amy, mizzmona, defconnect
Feb. 10, 2019, 02:51 AM
Post: #163
RE: Proxomitron Reborn
(Feb. 09, 2019 02:50 AM)JJoe Wrote:  The original Proxomitron shows the same behavior on Win7 and 10.
Thank you for this crucial bit of information --- it will help with prioritising the work, if you mention whether the bug is present in Scott's Proxomitron too.

Life is busy, but work on 4.6.0.4 continues slowly...
Add Thank You Quote this message in a reply
[-] The following 5 users say Thank You to amy for this post:
mizzmona, usr, Callahan, Styx, defconnect
Feb. 14, 2019, 04:20 PM
Post: #164
RE: Proxomitron Reborn
(Feb. 10, 2019 02:51 AM)amy Wrote:  Life is busy, but work on 4.6.0.4 continues slowly...
Being a software developer and previous user of The Proxomitron I would be happy to help fix bugs etc.

After all your hard work re-creating the source code it would be a good idea to make it available to the community so that others like myself can participate in its resurrection.

Maybe you you can attach it here.

We don't want to lose the source code a second time.
Add Thank You Quote this message in a reply
Mar. 04, 2019, 12:48 AM (This post was last modified: Mar. 04, 2019 09:41 AM by UnknownMember.)
Post: #165
RE: Proxomitron Reborn
So, I downloaded 4.6.0.3, Also OpenSSL 1.0.1 from other link, generated certificates, installed those to browser and while I can access proxomitron internal web server using https, also it shows openssl version etc. I can't access any https web pages.

If I set https proxy of browser to 127.0.0.1:8080 I get socket error 10013 after many lines of retry, If I set browser https proxy to 127.0.0.1:8443 (which I have set to be the https port in proxomitron), there is nothing in proxomitron log, browser gives message of "secure connection failed, connection to server reset while page was loading", that comes instantly, port number like 8442 or similar non existent gives error of proxy server is refusing connections instead.

I have checked openssl checkbox in proxomitron settings and I have used sidki and default configs with same results.

Also I get blocklist XX : bypass list, line 19 messages to proxomitron log with sidki config.

I have tested with several browser and firewall off, there is no change to behavior really.

Anyone has instructions for stupid ones like me to get this to work?

EDIT: Ah, got it to work by setting port on browser to 8080 and backup https port also to 8080, then even I had firewall set to allow it was not enough, I had to make explicit rule to allow inbound and outbound for proxo.exe and then finally it started to work. Also that allowed me to keep block all general fw rules.

Code:
+++SSL:GET 10+++
SSL cipher TLSv1.2 AES128-SHA (128 bits)
GET /?q=proxomitron+reloaded+socket+error+ HTTP/1.1
Host: duckduckgo.com
User-Agent: Chrome
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip,deflate
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Retry 10...
Retry 10...
Retry 10...
Retry 10...
Retry 10...
Retry 10...
Retry 10...
Retry 10...
Retry 10...
Retry 10...
Retry 10...
Retry 10...
Retry 10...
Retry 10...
Retry 10...
Retry 10...
Retry 10...
Retry 10...
Retry 10...
** 10 Socket Error 10013 for connect() **
+++CLOSE 10+++
BlockList 11: in Bypass-List, line 19
BlockList 12: in Bypass-List, line 19
BlockList 13: in Bypass-List, line 19
BlockList 14: in Bypass-List, line 19
BlockList 15: in Bypass-List, line 19
BlockList 16: in Bypass-List, line 19
Add Thank You Quote this message in a reply
Post Reply 


Forum Jump: