Tproxied Squid Chain

Last week I examined squid webproxy code to understand how this tproxy thing works.
I realized that developers get most of tproxy code in kernel. So in user level, all you have to create a socket:

socketfd=socket(AF_UNIX, SOCK_STREAM, IPPROTO_TCP);

get its IP_TRANSPARENT(19) options set:

int val = 1;
setsockopt(socketfd, SOL_IP, IP_TRANSPARENT, (char *) &val, sizeof(int));

and bind it with required spoofing address:

bind(socketfd, (struct sockaddr *) &addr,sizeof(struct sockaddr_un));

after all of these, when you connect someones listening port, they will see your ip address as spoofed. But ofcourse you need to have your kernel compiled with TPROXY support.

Reason of why i dig this out is that, I need to run squid in tproxied chain mode on the same machine. When I made quick search the web, everyone says squid only operates in tproxied mode as long as it gets request from iptables. So how do we create a setup like [squid] --> [dansquardian] --> [squid] with tproxy? I asked this question to Amos Jeffries and he replied that they added this feature to squid 3.2 but haven't test it.

I tested this out and I can say it works like a charm.

I configured two squid named squid-1 and squid-2. Squid-1 is the initial one which gets the request from iptables redirection.

In squid-1 configuration file:

http_port 50080 tproxy
forwarded_for on
cache_peer 127.0.0.1 parent 50081 0 no-query login=*:nopassword no-netdb-exchange no-digest no-tproxy

In squid-2 configuration file:

http_port 50081 tproxy
forwarded_for on
follow_x_forwarded_for allow all
tproxy_uses_indirect_client on

I warn you to allow follow_x_forwarded_for only for necessary ones. It will cause to security leak in your setup.

You can add dansguardian process between these two squid by redirecting flow to dansguardian port with cache_peer option.

Ofcourse you also need to configure dansguardian to send requests to squid-2.

PS: You can reach how to configure other things like iptables,ebtables by this link.

Wing IDE keygen

I have quite reverse engineering background but I have never tried to disassemble python bytecode. But i found it not so hard. Anyway i disassembled some files of Wing IDE to prepare this keygen. Here it is..

#!/usr/bin/python
def keygen(os,requestHash,version):
    _os,v29,v28,v27,v26 = os,0,0,0,0

    if(os != 'windows'):
        if(os != 'macosx'):
            if(os != 'linux'):
                if(version == '2'):
                    v6,v5,v24,v25 = 123,202,97,211
                elif(version == '3'):
                    v6,v5,v24,v25 = 127,45,209,198
        else:#linux
                if(version == '2'):
                    v6,v5,v24,v25 = 48,104,234,247
                elif(version == '3'):
                    v6,v5,v24,v25 = 254,52,98,235
    else:#macosx
        if(version == '2'):
                v6,v5,v24,v25 = 41,207,104,77
        elif(version == '3'):
                v6,v5,v24,v25 = 128,178,104,95
    else:#windows
    if(version == '2'):
        v6,v5,v24,v25 = 142,43,201,38
    elif(version == '3'):
        v6,v5,v24,v25 = 23,163,2,115

    v8=0    
    if(len(requestHash)):
        while True:
            v10=v29 * v6 + ord(requestHash[v8])
            v29= v10 & 0xFFFFF
            v8+=1
            if not(v8 < len(requestHash)):break
    v12=0    
    if(len(requestHash)):
        while True:
            v14= v28*v5+ord(requestHash[v12])
            v28=v14 & 0xFFFFF
            v12+=1
            if not (v12 < len(requestHash)):break

    v16 = 0    
    if( len(requestHash) ):
        while True:
            v18=v27*v24+ord(requestHash[v16])
            v27=v18&0xFFFFF
            v16+=1
            if not (v16 < len(requestHash)):break

    v20=0 
    if(len(requestHash)):
        while True:
            v22=v26*v25+ord(requestHash[v20])
            v26=v22&0xFFFFF
            v20+=1
            if not (v20<len(requestHash)):break

    pDest= "%.5X%.5X%.5X%.5X" % (v29,v28,v27,v26)
    return pDest

def BaseConvert(number,fromdigits='0123456789ABCDEF',todigits='123456789ABCDEFGHJKLMNPQRTVWXY'):
    x=long(0)
    for digit in str(number):
        x=x*len(fromdigits) + fromdigits.index(digit)

    res=''
    while True:
        if not(x>0):break
        digit= x % len(todigits)
        res=todigits[digit]+res
        x= x / len(todigits)
    return res

if( __name__ == "__main__" ):
    """
    Generates 'unlimited non-commercial open source use only' license for WingIDE
    You can use it without any restrictions
    """

    import random    

    dict='123456789ABCDEF'

    lic='NN'
    for x in range(18):
        lic+=random.choice(dict)

    print
    print "WingIDE Key Generator by akdeniz"

    print
    print "Enter this licence id : ",lic

    hashReq= raw_input("Enter request code ['XXXXX-XXXXX-XXXXX-XXXXX']: ")
    if(len(hashReq)!=23):
        exit(0)

    version= raw_input('Enter version code [2 , 3] : ')
    if not(version in ['2','3']):
        exit(0)
        
    os= raw_input("Enter os type [windows , linux , macosx] :")
    if not(os in ['windows','linux','macosx']):
        exit(0)

    key=keygen(os,hashReq,version)
    key=BaseConvert(key)
    key='AXX'+key

    print "Activation key : ",key