Why google were able to detect my real ip when i used ProxyChains?

JustPfff

Hello, I'm trying to run chromium via proxy setup from the command line ,
I end up using proxychains

browserleaks.com show me proxy IP address while google showed me my real IP address when i searched for

my IP ?

how that happened?

treesmokah

does ProxyChains handle DNS and WebRTC?

JustPfff

@treesmokah said: handle DNS and WebRTC?

I used the simplest config I discovered a DNS leak, but didn't though they could get my full ip with it .

do you know what is the WebRTC setting ProxyChains to stay anonymous
BTW I disabled WebRTC with extension is that enough

treesmokah

@JustPfff said: ProxyChains to stay anonymous

bad idea to use ProxyChains for "staying anonymous".
if you are using Tor, use Whonix instead - its more foolproof and hard to fuck it up.

stoned

You have a WebRTC leak. Use a VPN. Proxies don't normally protect against that.

https://chrome.google.com/webstore/detail/webrtc-control/fjkmabmdepjfammlpliljpnbhleegehm?hl=en

Use this extension to block WebRTC leaks at the browser level. Note, sites that depend on WebRTC will cease to function with WebRTC disabled.

davide

HTTP proxies may add a header to HTTP requests called X-Real-IP that contains your unproxied IP address. Possibly proxiechains can be configured to avoid this.

hyena56

Proxies can be like this as they're prone to DNS Leaks. If u want to be full anonymous better use a VPN Solution. OpenVPN or WireGuard will be a great solution

farsighter

For me it works properly and Google shows proxy address. I used socks proxy through command line.

JustPfff

Looks like the proxy service I used only had HTTP proxy (no need to mention it name).
The problem i'm facing it DNS leak, my ISP modified the router, so you can't change the DNS server,
I tried dnscrypt-proxy before it was working, but it breaks up a lot of sites including google.

Anyway thank you all, I'll try Whonix

=update=

When I used SwitchyOmega on Opera the IP address didn't show up, only on Chromium, I don't know how but looks like Chromium bypass ProxyChains proxy setting and detect my real IP address, since there were no DNS Leaks and no WebRTC Leaks this the command I run chromium from:-

 /usr/bin/chromium --disable-webrtc --incognito \
--force-webrtc-ip-handling-policy=default_public_interface_only \
--use-fake-device-for-media-stream  $1

I tried traceroute

bash -c "proxychains -f proxychains0.conf  traceroute  archlinux.org"

Looks like DNS Query still done by My ISP servers.

xx.xx.xx.xx.static.cc.cc (xx.xx.xx.xx)  48.478 ms  20.670 ms  20.624 ms
xx.xx.xx.xx.static.cc.cc (xx.xx.xx.xx)  20.605 ms  22.067 ms  25.310 ms

Maounique

@JustPfff said: Opera

Opera is now also based on Chromium, try Firefox or download opera for xp/vista which still uses old engine.

@JustPfff said: The problem i'm facing it DNS leak, my ISP modified the router, so you can't change the DNS server,

In what way? Redirects all port 53 UDP? I doubt that can't be bypassed.

Running your own DNS setup in your LAN could bypass that, for example.

johnnyquestion

@JustPfff said:
Looks like the proxy service I used only had HTTP proxy (no need to mention it name).
The problem i'm facing it DNS leak, my ISP modified the router, so you can't change the DNS server,
I tried dnscrypt-proxy before it was working, but it breaks up a lot of sites including google.

Anyway thank you all, I'll try Whonix

=update=

When I used SwitchyOmega on Opera the IP address didn't show up, only on Chromium, I don't know how but looks like Chromium bypass ProxyChains proxy setting and detect my real IP address, since there were no DNS Leaks and no WebRTC Leaks this the command I run chromium from:-

 /usr/bin/chromium --disable-webrtc --incognito \
--force-webrtc-ip-handling-policy=default_public_interface_only \
--use-fake-device-for-media-stream  $1

I tried traceroute

bash -c "proxychains -f proxychains0.conf  traceroute  archlinux.org"

Looks like DNS Query still done by My ISP servers.

xx.xx.xx.xx.static.cc.cc (xx.xx.xx.xx)  48.478 ms  20.670 ms  20.624 ms
xx.xx.xx.xx.static.cc.cc (xx.xx.xx.xx)  20.605 ms  22.067 ms  25.310 ms

Use DNS over HTTPS (DOH) then

FatGrizzly

do you have the proxy_dns in proxychains.conf?

harrison

Don't use it and use browser's own proxy and dns settings?

JustPfff

@FatGrizzly said: do you have the proxy_dns in proxychains.conf?

I enable it, and it makes the browser crash, I change it to proxy_dns_daemon 127.0.0.1:1053 but I don't know how it works.

@Maounique said: In what way? Redirects all port 53 UDP? I doubt that can't be bypassed.
Running your own DNS setup in your LAN could bypass that, for example.

I don't know it could be, but this is a very well-known issue we had, they modify every router. if I use Google dns the DNS still sent by their server.
The only Local DNS setup I tried was dnscrypt-proxy but it made many websites not working.

@johnnyquestion said: Use DNS over HTTPS (DOH) then

It requires dnscrypt-proxy to be running on my local machine, i'll try it again .

@harrison said: Don't use it and use browser's own proxy and dns settings?

I tried from command line (I need multiple launcher btw), Chromium do not accept user/pass to be added from command line that's why I end up using ProxyChains

ValdikSS

@JustPfff said: how that happened?

Proxychains is an LD_PRELOAD dynamic library which hooks socket functions.
It wouldn't work in many cases, such as when the application:

1. Is build statically, without dynamic libraries
2. Applies countermeasures against function hooks
3. Execs another application without inheriting environment variables
4. Uses functions which are not hooked by the library, such as close_range

Modern web uses QUIC protocol, which is UDP-based. Not many proxy servers support UDP, and proxychains does not support UDP and does not block it. In other words, all non-TCP traffic is forwarded directly over your non-proxied connection.

Moreover, DNS over proxy in a form of a hook is a set of hacks which is mentioned in the proxychains configuration file. It may or may not work.

JustPfff

@ValdikSS said: It wouldn't work in many cases, such as when the application:

Thanks for mentioned that now I understand…

Any way I think the solution is to run local machine proxy server that accept connection without user/pass, and redirect that connection to the real proxy with user/pass (since chromium dos not accept user/pass in command line) I think that called upstream

I'll try to look more about this issue (I know that VPS is the best solution, but it is not available for me at the moment ) and proxies are way cheaper/easier.

johnnyquestion

https://twitter.com/Shouse34/status/1630592550372294657

JustPfff

Alright guys, I figure out what happened, and thanks to @ValdikSS for mention it.

After I disable chrome://flags/ my IP address are not shown now on Google search result
for DNS I will use cloudflared I hope it less buggy for me.