Login or Register to Ask a Question and Join Our Community


Programming

Setting X-Forwarded-For In C

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Top Forums Programming Setting X-Forwarded-For In C
# 8  
Old 08-24-2016
It seems that tinyproxy would allow for changing the X-Forwarded-For header. However, it seemed that would stop other proxies from being used. Say someone was to use proxychains to spoof the original ip of a C program running through another proxy running on port 10000, a connection would need to be made to port 10000 after hitting 8888 or whatever port tinyport is running on.

I tried finding ways for spoofing X-Forwarded-For within proxychains itself before posting here, but came up empty handed with this as well. Would you know of a good way to pass tinyproxy traffic to proxychains, another port, or proxy?

EDIT: Forgot to mention, I do have wget and know how to use X-Forwared-For with Curl already. Looking for others ways to do this with C binaries that don't use these utilities though.
# 9  
Old 08-25-2016
There's no "native" one-liners for HTTP in C. C doesn't handle files natively, let alone HTTP. This lack of dependencies is why you can write kernels in it -- and write entire languages like ruby, python, perl, and pretty much everything you run on your computer -- but it means you have to write out what you want long-form, or install a library.

There's definitely C libraries for it, in fact you've already heard of one -- curl. Here's some source code examples for it.
This User Gave Thanks to Corona688 For This Post:
Azrael
# 10  
Old 08-26-2016
I had used libcurl once, but that link is an awesome reference! I looked through some of these while searching for one to set the header. It looks like this one is the closest example:

libcurl example - httpcustomheader.c

I suppose someone could take this part:
Code:
    /* Add a header with "blank" contents to the right of the colon. Note that
       we're then using a semicolon in the string we pass to curl! */ 
    chunk = curl_slist_append(chunk, "X-silly-header;");

And change it to something like this?:
Code:
    /* Add a header with "blank" contents to the right of the colon. Note that
       we're then using a semicolon in the string we pass to curl! */ 
    chunk = curl_slist_append(chunk, "X-Forwarded-For: 1.2.3.4;");

Not sure if I'm on the right track?
# 11  
Old 08-26-2016
I do think you're on the right track, or a right track, there being more than one way to skin a cat.

Sorry, I got turned around. curl handles the outgoing request, not the incoming one. You'd still be doing printf("header: value\n"); and using libcurl to retrieve the data since wget wasn't sufficient.
Last edited by Corona688; 08-26-2016 at 12:52 PM..
This User Gave Thanks to Corona688 For This Post:
Azrael
# 12  
Old 08-29-2016
Well, I was actually looking for outgoing requests for this, not incoming. I did a little bit of experiementing with tcpdump and could see this being set:

Code:
$ tcpdump -vvvs 1024 -l -A | grep -i x-forward
tcpdump: listening on wlan0, link-type EN10MB (Ethernet), capture size 1024 bytes
X-Forwarded-For: 1.2.3.4;

So it appears to be working. I'm all ears if anyone thinks this is incorrect. Here is the code I modified from the previous link:

Code:
/***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) 1998 - 2015, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at https://curl.haxx.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 ***************************************************************************/ 
/* <DESC>
 * HTTP request with custom modified, removed and added headers
 * </DESC>
 */ 
#include <stdio.h>
#include <curl/curl.h>
 
int main(void)
{
  CURL *curl;
  CURLcode res;
 
  curl = curl_easy_init();
  if(curl) {
    struct curl_slist *chunk = NULL;
 
    /* Remove a header curl would otherwise add by itself */ 
    chunk = curl_slist_append(chunk, "Accept:");
 
    /* Add a custom header */ 
    chunk = curl_slist_append(chunk, "Another: yes");
 
    /* Modify a header curl otherwise adds differently */ 
    chunk = curl_slist_append(chunk, "Host: www.google.com");
 
    /* Add a header with "blank" contents to the right of the colon. Note that
       we're then using a semicolon in the string we pass to curl! */ 
    chunk = curl_slist_append(chunk, "X-Forwarded-For: 1.2.3.4;");
 
    /* set our custom set of headers */ 
    res = curl_easy_setopt(curl, CURLOPT_HTTPHEADER, chunk);
 
    curl_easy_setopt(curl, CURLOPT_URL, "http://google.com");
    curl_easy_setopt(curl, CURLOPT_FOLLOWLOCATION, 1L);
    curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
 
    res = curl_easy_perform(curl);
    /* Check for errors */ 
    if(res != CURLE_OK)
      fprintf(stderr, "curl_easy_perform() failed: %s\n",
              curl_easy_strerror(res));
 
    /* always cleanup */ 
    curl_easy_cleanup(curl);
 
    /* free the custom headers */ 
    curl_slist_free_all(chunk);
  }
  return 0;
}

Appeciated the help Corona688. Much thanks!
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Is it possible that X11 can be forwarded through a SSH tunnel

I communicate with the server via a ssh tunnel, configured via Putty. Recently, I'm trying to forward the X11 through it, but it doesn't work. Is there any one work this way? Searched with google, but didn't find anything. Thx in adv. (2 Replies)
Discussion started by: sleepy_11
2 Replies

2. Solaris

Is there a difference between setting a user as nologin and setting it as a role?

Trying to figure out the best method of security for oracle user accounts. In Solaris 10 they are set as regular users but have nologin set forcing the dev's to login as themselves and then su to the oracle users. In Solaris11 we have the option of making it a role because RBAC is enabled but... (1 Reply)
Discussion started by: os2mac
1 Replies

3. UNIX for Dummies Questions & Answers

Setting up Xlaunch

I have a Win7 laptop that I have installed Xming with Xlaunch so that I can remote a Solaris10 server. After the initial install on my Win7 machine what do I need to set and configure to be able to remote Solaris. This is my 3rd day working with Unix. (1 Reply)
Discussion started by: SIFT3R
1 Replies

4. Red Hat

Cronjob setting

Hi there There's a script I would like to run daily every 5 minutes and this job should restart every 12:03AM so it would append to a new file with the following day date format instead of running and updating continuously into one log. I am not sure of the syntaxing, what I did was to set it... (9 Replies)
Discussion started by: hedkandi
9 Replies

5. Shell Programming and Scripting

alias setting

I want to set an alias to connect to sqlplus and also run a command while it it logs in. How can I do that? (4 Replies)
Discussion started by: som.nitk
4 Replies

6. UNIX for Dummies Questions & Answers

Need some help on setting up rsync

I need to "sync" a directory from a prod server to a test server. Rsync is working but it prompts for a password and I'd like to automate the process. The directory on the prod/source server is owned by root, and some subdirectories are only readable by root. On the test/destination servers, I can... (1 Reply)
Discussion started by: LAToro
1 Replies

7. Fedora

Setting up Cronjob

Hi, I had to setup some cron jobs using crontab -e when logged in as root. I noticed that the jobs only run when the permissons on the shell script file are set to execute on root and other. Why does "other" have to have its execution permission set? (6 Replies)
Discussion started by: mojoman
6 Replies

8. AIX

Syslog - Message forwarded from

I am not a Unix / AIX admin, but am working with one that doesn't seem to know how to set up syslog to forward messages to me the way I need them. Every message they send me has "Message forwarded from <insert host name here>:" but I need it to only have the host name. In the examples below,... (2 Replies)
Discussion started by: mlbillow
2 Replies

9. AIX

Timezone Setting

Hi On several AIX 5.3 LPARs the timezone is currrently set to: TZ=NZST-12NZDT,M9.5.0/02:00,M4.1.0/03:00 Daylight savings in NZ starts on Sun 28th Sep 2008, which is the fourth Sunday. Do I need to change my TZ variable to NZST-12NZDT,M9.4.0/02:00,M4.1.0/03:00 or will AIX interpret the fifth... (2 Replies)
Discussion started by: KiwiP
2 Replies

10. UNIX for Dummies Questions & Answers

New ip setting

I want to change the IPsetting and the broadcast setting. With ipconfig I get this: hme0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500 index 2 inet xx.17x.18x.xx netmask fffffff0 broadcast xx.17x.18x.xx ether yy:0:yy:b6:yy:xx What command(squence) do I use to... (6 Replies)
Discussion started by: kuultak
6 Replies
Login or Register to Ask a Question