HTTP Open Proxy Detection
Checks if an HTTP proxy is open. False positive are avoided verifing the HTTP return code and matching a pattern.
Rank
- Normal
Authors
- Matteo Cantoni < goony [at] nothink.org >
Vulnerability References
Development
Similar Modules
- auxiliary/scanner/http/adobe_xml_inject
- auxiliary/scanner/http/apache_userdir_enum
- auxiliary/scanner/http/axis_local_file_include
- auxiliary/scanner/http/axis_login
- auxiliary/scanner/http/backup_file
- auxiliary/scanner/http/barracuda_directory_traversal
- auxiliary/scanner/http/blind_sql_query
- auxiliary/scanner/http/brute_dirs
- auxiliary/scanner/http/cert
- auxiliary/scanner/http/cisco_device_manager
Usage Information
$ msfconsole
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use auxiliary/scanner/http/open_proxy
msf auxiliary(open_proxy) > set RHOSTS [TARGET HOST RANGE]
msf auxiliary(open_proxy) > run
## ### ## ##
## ## #### ###### #### ##### ##### ## #### ######
####### ## ## ## ## ## ## ## ## ## ## ### ##
####### ###### ## ##### #### ## ## ## ## ## ## ##
## # ## ## ## ## ## ## ##### ## ## ## ## ##
## ## #### ### ##### ##### ## #### #### #### ###
##
msf > use auxiliary/scanner/http/open_proxy
msf auxiliary(open_proxy) > set RHOSTS [TARGET HOST RANGE]
msf auxiliary(open_proxy) > run
Module Options
| DEBUG | Enable requests debugging output |
| LOOKUP_PUBLIC_ADDRESS | Enable test for retrieve public IP address via RIPE.net |
| MULTIPORTS | Multiple ports will be used : 80, 1080, 3128, 8080, 8123 |
| RANDOMIZE_PORTS | Randomize the order the ports are probed |
| RHOSTS | The target address range or CIDR identifier |
| RPORT | The target port (default: 8080) |
| SITE | The web site to test via alleged web proxy (default is www.google.com) (default: 209.85.148.147) |
| THREADS | The number of concurrent threads (default: 1) |
| UserAgent | The HTTP User-Agent sent in the request (default: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)) |
| VERIFY_CONNECT | Enable test for CONNECT method |
| VERIFY_HEAD | Enable test for HEAD method |
| ValidCode | Valid HTTP code for a successfully request (default: 200,302) |
| ValidPattern | Valid HTTP server header for a successfully request (default: server: gws) |
| CHOST | The local client address |
| CPORT | The local client port |
| ConnectTimeout | Maximum number of seconds to establish a TCP connection |
| Proxies | Use a proxy chain |
| RIPE_ADDRESS | www.ripe.net IP address |
| SSL | Negotiate SSL for outgoing connections |
| SSLVersion | Specify the version of SSL that should be used (accepted: SSL2, SSL3, TLS1) |
| ShowProgress | Display progress messages during a scan |
| ShowProgressPercent | The interval in percent that progress should be shown |
| VERBOSE | Enable detailed status messages |
| WORKSPACE | Specify the workspace for this module |
| TCP::max_send_size | Maxiumum tcp segment size. (0 = disable) |
| TCP::send_delay | Delays inserted before every send. (0 = disable) |