Home page logo

nmap-dev logo Nmap Development mailing list archives

Scripts for proxy detection
From: Joao Correa <joao () livewire com br>
Date: Sun, 24 May 2009 03:06:43 -0300

Hi everyone,

I've been working on some scripts to detect open proxy servers. As a
starting point I've made a few changes on the http-open-proxy script,
including different methods beyond GET. I've also included POST, HEAD
and CONNECT methods to it.

I was planning to include socks open proxy detection on the same
script, but, as both proxy servers are different and use to run on
different ports, I think it is better to set two different scripts,
with different port rules. This way, http related code would never be
sent to a socks proxy, what could happen if both tests were on the
same script. A way of having only one script would be testing the open
ports and test only those proxy servers related to such ports...
anyway I think that this solution isn't the best, since it will make
the code much more complex.

The socks detection script is also displaying a lot of connection
related information. I'm planning to soon make all these information
visible only if requested by the user with a script argument.

I've also changed both script names because with the new names both
scripts will be listed together in the script directory, what I think
is nice, since they are both related. Anyway, the new names are not

If someone is able to test the code, I would really make good use of
some feedback.

Joao Correa

Attachment: proxy-open-http.nse

Attachment: proxy-open-socks.nse

Sent through the nmap-dev mailing list
Archived at http://SecLists.Org

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]