Bad data on failed version 5 response

Status: Pre-Alpha

Brought to you by: y0ug

#8 Bad data on failed version 5 response

Milestone: v1.0 (example)

Status: unread

Owner: nobody

Labels: None

Priority: 5

Updated: 2019-09-21

Created: 2019-09-21

Creator: Jay Satiro

Private: No

If a socks5 request is made and fails the reply is supposed to contain the IP and port. The reply sent by ssocksd shows remote address 253.127.0.0 and port 2897 no matter the host and port.

To reproduce this monitor in wireshark and try connecting to a port that will respond connection refused using curl.

curl -v --socks5 10.0.3.1:1080 http://127.0.0.2:99
curl: (7) Can't complete SOCKS5 connection to 253.127.0.0:2897. (1)

Wireshark socks version 5 command response:
Socks Protocol
    Version: 5
    Results(V5): General SOCKS server failure (1)
    Reserved: 0
    Address Type: IPv4 (1)
    Remote Address: 253.127.0.0
    Port: 2897

Discussion

Jay Satiro - 2019-09-21

Hm we may be doing something wrong in curl, it looks like the server returns the bind address not the destination address according to RFC1928 section 6, so we shouldn't show it as the destination address and I've proposed a fix in curl. However it's still a mystery to me why ssocks is returning a garbage address.

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Bad data on failed version 5 response

Group

Searches

Help

#8 Bad data on failed version 5 response

Discussion