CODEWITHSUNDEEP
pythonpython-3.xsocketssslhttprequest
Noah
Noah

Reputation: 174

Python sockets proxy wrong version of ssl and weird byte response

I am trying to connect to an https proxy via sockets python.

First I would like to start off by saying I can do this just fine without proxies so I know my code works without them, but I need proxies. I am also sure that my CONNECT request works because I receive a “200 connection established” after.

This means that my ssl portion is off, specifically in the wrap_socket function/portion of my code. I have tried not using ssl(didn’t think it would work but I just figured I could try) and it sent me a weird hex response back which upon searching it up, I found out that it was because of a “malformed http request”. This didn’t make sense to me, so I kept trying to use different versions of ssl, including tlsv1 and then finally I tried sslv3. This apparently is messed up on my computer and others because I get a s = wrap_socket(s, ssl_version=ssl.PROTOCOL_SSLv3) AttributeError: module 'ssl' has no attribute 'PROTOCOL_SSLv3'””” error.

Before this I tried not specifying an ssl version but I got “wrong version”. So, after all of this testing, I cannot figure out which ssl version to use and why, and I also cannot confirm that sslv3 works because I get the error I said above. I am sure that my proxy-request-glow works but I can also be mistaking in that area.

My question is what can I be doing wrong here? Specifically the ssl portion.

    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    try: s.connect((proxy.split(":")[0], int(proxy.split(":")[1]))) #connect to proxy
    except:
        self.proxy_errors+=1
        return

    s.send("CONNECT site.com:443 HTTP/1.1\r\nHost: site.com\r\n\r\n".encode())

    #s = wrap_socket(s)

Upvotes: 0

Views: 174

Answers (1)

Steffen Ullrich
Steffen Ullrich

Reputation: 123501

s.send("CONNECT site.com:443 HTTP/1.1\r\nHost: site.com\r\n\r\n".encode())

#s = wrap_socket(s)

Based on this code fragment you are sending a CONNECT request and then immediately try to upgrade the socket to TLS. But you first need to read the response from the proxy (i.e. HTTP/1.1 200 .... Otherwise the plain text response to the CONNECT request will be treated as part of the TLS handshake which causes the handshake to fail with strange errors.

Upvotes: 1

Related Questions