-
-
Notifications
You must be signed in to change notification settings - Fork 154
Hack safely
mec uses proxychains4 to proxy your exploits, however it's not guaranteed to work as explained by proxychains's author:
The way it works is basically a HACK; so it is possible that it doesn't work with your program, especially when it's a script, or starts numerous processes like background daemons or uses dlopen() to load "modules" (bug in glibc dynlinker). It should work with simple compiled (C/C++) dynamically linked programs though.
For my experience, usually python interpreter is a dynamically linked c program, therefore your exploits written in python will most likely to work with proxychains.
Go programs does NOT work.
As explained in proxychains's doc:
ProxyChains is a UNIX program, that hooks network-related libc functions in DYNAMICALLY LINKED programs via a preloaded DLL (dlsym(), LD_PRELOAD) and redirects the connections through SOCKS4a/5 or HTTP proxies. It supports TCP only (no UDP/ICMP etc).
Check if your exploits uses protocols other than TCP
kalitorify can enable transparent Tor proxy for your machine, using iptables.
If your targets block Tor traffic, you can use mec's built-in proxy on top of kalitorify.
Also note that if you are not sure what your exploit does, you better run it on an anonymous VPS (and connect to it anonymously), as it might reveal your identity by leaking traffic or even hacking you.
proxy_pool provides a pool server that automatically fetches and tests free proxies from several online sources. We can simply send a HTTP request to it and get a random proxy to use:
$ curl -L http://proxy_pool:5010/get_socks
{"proxy": "socks4://1.2.3.4:1080", "fail_count": 0, "region": "", "type": "", "source": "freeProxy09", "check_count": 1503, "last_status": 1, "last_time": "2020-04-24 14:29:09"}
I have added socks proxy support in my fork of proxy_pool
mec has replaced shadowsocks proxy with proxy_pool.
If you choose to use proxychains4 with your exploit, your exploit will be invoked like:
proxychains4 -f /dev/shm/target_ip.conf ./exploit.py <args> -t target_ipEach target gets their own random proxy
Remember to set proxy-pool http://proxy_pool_addr:5010/get_socks before you use it
Type check to view Tor connectivity, Tor serves as the first hop of our proxy chain, bringing us a more secure hacking environment
- If you have any issues, please report them to https://github.com/jm33-m0/mec/issues
- Open a pull request when you have fixed any bugs or added any features
- I would appreciate you adding your own adapted exploits to this repo