[noCensorship] Re: KSA proxies - noncensoring

  • From: wayne <wayne@xxxxxxxxxxxxx>
  • To: nocensorship@xxxxxxxxxxxxx
  • Date: 8 Jun 2003 23:55:16 -0000

> From: Abdul Salam <AbdulSalamM@xxxxxxxxxxxx>
> To: nocensorship@xxxxxxxxxxxxx
> Subject: [noCensorship] Re: KSA proxies - noncensoring
> Hi wyne,
> I am connecting to the web using a local proxy server (say, 

Is the real address something like 10.*.*.*?
I'll assume it is. That's a non-routable address on the Internet.
That means that even if you managed to get out through the router 
your ISP/corp must have, you would never get to the host you were 
trying to connect to.

That router must 'proxy' (at some level) *everything* they wish to 
let through. 
For simpler protocols (telnet, ssh, news, mail, etc) they may just 
proxy/relay/'bounce' the TCP/IP connection (using NAT), but when 
they want to interfere they usually need to interpret the protocol, 
and so they must run a full protocol level proxy.
In your case, at the http level (web access), they run a normal 
http proxy, probably so they can censor your web access. 

> and
> is there a way I can still use any of the listed proxies here?! 

NATs can be configured to proxy all connections, or to proxy 
none (letting the per-protocol proxies do it). Since it looks 
like your http proxy censors(?), I'll guess that they block 
everything (though that's a bit of a stretch). If they do, then 
you cannot get to the proxies listed below. If even one port is 
NATed, though, you might find an outside, non-censoring proxy on 
that port to use.

> How can I bypass my local proxy used to connect to internet?

Ok. I think it's unlikely, but here are the options (not in any 
particular order):
 1) Find out if any ports are relayed.
 2) Find out if your proxy allows you to tunnel using CONNECT
 3) Find out if there are any other protocol proxies there, and 
    see if they can be used.
 4) Find a (or set up your own) CGI proxy outside, and use that 
    (through your existing proxy). 
    This is definitely the easiest option if you lack 
    the skills to do the others. I list some, that were posted 
    here(?) recently, below. Problems with this approach are 
    that these proxies are generally slower and unreliable.
 5) Try things like JAP etc., but you will probably find that 
    the ports needed are blocked.
 6) Get/make a shell outside. Almost anything can be done if you 
    have this, but the details are hard. See my old site at 
    http://www.angelfire.com/my/6waynes/ for the gory details.
    Sorry about the mess there, BTW.
 7) Try my localProxy. Even if your proxy censors, and 
    doesn't allow CONNECT to anything useful, localProxy will 
    try to confuse it into letting your requests through. It will 
    also try one proxy similar to those in (4). LP will be running 
    in it's least reliable modes then, but I use it and find it's 
    very convenient compared to all of the above options.
How to do these things?
Well, you could ask the admin for the information in 1,2,3. :-)
Or you can use some programs to do it.
I'll recommend my proxyTools package (at the site in my sig below), 
but there are others that will do (parts of) the job.

For (1), you would run my master.pl, at least. The defalt config 
would check a bunch of ports for you. This could be used to check 
all of them, but I think I'd recommend something like nmap if you 
needed to do that.
For (2), you definitely need my statProxy. It can be tested by 
hand using telnet, or netcat, but too many things can go wrong.
For (3), an nmap scan would tell you about services listening on 
any router you can access. Most (all?) of those would not be 
proxies in any sense. You'd need to look at them closely to see 
if anything was useful to you.
For (4), try these (all untested):
http://www.sendfakemail.com/anonbrowser/ (WITHOUT IMAGES)
http://www.pureprivacy.com/ (ADVERTISMENT)

So, for example, to use the last one, you would type (into 
the address bar in your web browser): 
followed by the url you need (in the same format as the 
www.google.de url in the example). As another (UAE blocked) example, 
http://www.insecure.org/ in that case would become 
http/www.insecure.org/, and the resulting address for your browser 
would be (one line):
This one is currently working; I don't guarantee any of the others.

For (5), trial and error is your only option unless you have info 
from 1,2,3 to help.

For (6), see the site I mentioned above. Even your home computer 
might be good enough for the shell to run on.

For (7), get the proxyTools package (my sig). Unpack. What you do 
then depends on whether you have Windows or Unix, Perl or not, Tk 
or not. Let us know.
LocalProxy is smart - if there's a way out, it can probably find it. 

In that kind of environment, *everything* you do is likely to be 
seen and logged (mostly with amusement, unless you are successful!).
Options (4) and (7) are the most likely to be logged. 
(7) (localProxy) generates so much confusion in the logs though, 
that it's hard to see what you are doing.

> Any help,
> Abdul
> And here is the *noncensoring* result 
> Sorry I didn't specify that. 
> These are also recently tested, and only currently 
> working ones listed (there will be more in the proxyTools 
> database that are just temporarily off-line, too slow to 
> respond, etc.:
> :5190 
>   :8082 
> :7007 
>    :8081 
>    :8081 
> :8081 
>   :8002 
>   :8081 
>  :3129 
>     :8081 
> :8081 
>   :8081 
>  :8081 
>  :8081 
>  :8082 
>  :8081 
>   :8002 
>   :5060 
>   :82   
>  :8002 
>     :7051 
>     :22788


===8>============== noCensorship community ===============
List's webpage: http://www.freelists.org/webpage/nocensorship
List's archive: http://www.freelists.org/archives/nocensorship
To unsubscribe: nocensorship-request@xxxxxxxxxxxxx with 'unsubscribe' in the 
SUBJECT field.
Moderator's email: nocensorship-moderators@xxxxxxxxxxxxx
===8>============== noCensorship community ===============

Other related posts: