x

Squid Proxy

https://medium.com/@Dpsypher/proving-grounds-practice-squid-1bc1e2dbb8d4
https://www.hackingarticles.in/penetration-testing-lab-setup-squid-proxy/

Squid is a caching and forwarding HTTP web proxy. It has a wide variety of uses, including speeding up a web server by caching repeated requests, caching web, DNS and other computer network lookups for a group of people sharing network resources, and aiding security by filtering traffic. Although primarily used for HTTP and FTP, Squid includes limited support for several other protocols including Internet Gopher, SSL, TLS and HTTPS. Squid does not support the SOCKS protocol, unlike Privoxy, with which Squid can be used in order to provide SOCKS support. (From here).

Its basically guesswork trying to figure out what ports are open on the target that could provide us with access. Should be more commonly-known ones in a test environment. 

#To scan itself on port 80  
curl -i --proxy http://$IP:3128 http://$IP  

#To scan itself on port 443  
curl -i --proxy http://$IP:3128 http://$IP:443  

#To scan itself on port 8000  
curl -i --proxy http://$IP:3128 http://$IP:8000

Can use this tool but personally I found curl was fine
https://github.com/aancw/spose/blob/master/spose.py

Tags

Left-click: follow link, Right-click: select node, Scroll: zoom
x