Lower-Level Forced-Proxy via System Call Interception? #157
Description
Description:
Hello proxychains maintainers and community,
I've benefited immensely from proxychains and truly value its capabilities. Recently, I encountered a scenario involving Go programs where traditional methods of enforcing proxy via libc didn't yield the desired results. This led me to contemplate a more refined approach using ptrace to intercept system calls directly, providing a deeper level of proxy enforcement.
Proposal:
- System Call Interception with
ptrace: The idea is to utilizeptrace()to monitor and potentially alter system calls made by a child process, especially the socket-related ones (socket(),connect(),send(),recv(), etc.). - Proxy Redirection: Once intercepted, the intention would be to reroute these calls via a designated proxy, ensuring a more comprehensive enforcement than higher-level hooks can provide.
Context:
While my initial interest stemmed from issues proxying Go programs, I believe this approach's utility can extend beyond this specific case, offering more robust proxy enforcement for a variety of applications, including statically linked binaries or others that might bypass conventional hooks.
Request:
- Feature Consideration: I'm keen to see if such a feature aligns with
proxychains' objectives and if it could be considered for future integrations. - Feasibility Assessment: If this proposal doesn't resonate with the project's direction, I'd greatly appreciate any feedback or insights on the feasibility and potential pitfalls of this approach. As I'm mulling over possibly implementing this, guidance from the seasoned
proxychainscommunity would be invaluable.
Thank you for your continued efforts on proxychains and for taking the time to review this proposal. I look forward to any feedback or insights.