How does Chrome bypass proxychains proxying?

I noticed that when I launch Chrome with proxychains :

$ proxychains google-chrome

every request is correctly proxied, except those sent to Google websites! For instance, when I stop the proxy configured in the proxychains conf, with my proxied Chrome I cannot access any website (err_connection_refused), except Google.

I tried the same test with Firefox: every request is proxied by proxychains, including those sent to Google.

I know there are other ways to proxy requests that would also work with Google, but I am more interested to know why the proxychains method does not work when you visit Google on Chrome.

Internally, proxychains uses the LD_PRELOAD environment variable to wrap the necessary system calls and proxy all requests transparently. I wasn't expecting Chrome to be able to bypass this wrapping. How is that possible?

Thanks!

anselant

Posted 2016-11-17T20:50:15.343

Reputation: 31

Answers

Proxychains Bug/Incompatibility :

There is a bug with chrome caused apparently by the sandbox feature; check Issue 45

Proxychains Limit :

Proxychains could have leaks in many situations here are some of them as example

Child process are not proxied (chrome as example could use many process other than the main one... Solution : a work around could be modifying the binary location)
Socks v4 Proxys can not tunnel DNS request (Solution : use instead Socks v5)
Incompatibility with some sandbox feature/applications, as they use kernel userspace feature to be separated from the main system, proxychains does not see/intercept their connections (Solution : combine proxychains with iptables)

Alternative :

You can try tsocks as alternative, it's often available the distro repos, apt-get install tsocks or dnf install tsocks etc.

intika

Posted 2016-11-17T20:50:15.343

Reputation: 839