Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

nmap-dev logo Nmap Development mailing list archives

RE: Portscanning through HTTP proxy?
From: "Alex R" <alex () deviousmeans net>
Date: Tue, 7 Dec 2004 21:40:17 +0200
Can you proxy anything? For example could you proxy some -O stuff or -sS and
-sV?

-----Original Message-----
From: uzy [mailto:uzy () isecurelabs com] 
Sent: Tuesday, December 07, 2004 9:25 PM
To: nmap-dev () insecure org
Subject: Re: Portscanning through HTTP proxy?

You could consider using nmap -sT with proxychains. As simple as : 

proxychains nmap -sT -p NN myIP 

Edit proxychains.conf to specify your SOCKS or HTTP proxy. 

http://proxychains.sf.net 

Cheers 

MadHat writes: 


On Dec 7, 2004, at 2:14 AM, Max wrote:

You might have better success with Nessus since it comes with its own 
language


Why not just patch nmap?  It has a language too, called C++ ;) 

Fyodor has mention in the source code that there should probably be SOCKS 
support as well.  Just if no one asks for it, he is going to work on what 
he feels is most important.  If someone really wants a feature, they can 
request it, or try and write a patch (the glory of Open Source). 



M () x 


MadHat wrote:

On Dec 6, 2004, at 3:58 PM, Mark Lachniet wrote:

Is there a decent way, similar to the FTP bounce approach, to do
portscanning through an insecure HTTP proxy using CONNECT verbs?  For
example, say I find a dual-homed host that has unrestricted proxy, and 
am
too lazy to telnet to the proxy and type: 

'CONNECT http://10.1.1.1:25 HTTP/1.1' 

and manually iterate it a hundred times.

there is not an easy way right now built into nmap that I know of, but 
it should be easy to make a patch for it.



 

---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List archive: http://seclists.org 



 


---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List archive: http://seclists.org





---------------------------------------------------------------------
For help using this (nmap-dev) mailing list, send a blank email to 
nmap-dev-help () insecure org . List archive: http://seclists.org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]