-
December 11th, 2003, 06:36 PM
#1
Verify the Proxy Chains???
Hello everybody.
I recently got my proxy chaining apps running, and stuffed it with a few valid proxies. I tried it on several applications, like ftp, web, ssh, irc, nmap etc and it works fine. The target shows the last proxy server in the list of chains. My questions is:
How do i know that its acutally going through all the proxies in the list. It says its chaining through them all, but how can i be certain of that?
Better said, how can i trace it back each proxy at a time? Or would i have to view the logfies of each proxy server it goes through (time stamps)?
Any solution would be much appreciated.
Cheers everyone.
Ubuntu-: Means in African : "Im too dumb to use Slackware"
-
December 11th, 2003, 07:51 PM
#2
Pop a packet sniffer on your box and look at the traffic going outbound from your comp. If it is the first proxy in the chain then you can be pretty sure that the packets are making the rounds of all the proxies in your list because you have already determined that the last one is making the final connection.
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
December 11th, 2003, 08:10 PM
#3
/me slaps myelf for not thinking bout it.
I used ethereal to monitor the traffic, and indeed i can see the first proxy, which differs from the last one So it works, and all is well.
Thank you alot Tiger shark.
Ubuntu-: Means in African : "Im too dumb to use Slackware"
-
December 11th, 2003, 08:22 PM
#4
NP Insi..... Sometimes the answer is sat right on the end of our noses, it just takes someone else to point it out..... Kinda like boogers.....
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
-
December 12th, 2003, 12:50 AM
#5
What chaining software do you use, if one may so boldly ask?
/ \\
-
December 12th, 2003, 02:16 AM
#6
The command completed successfully.
\"They drew first blood not me.\"
-
December 12th, 2003, 04:17 AM
#7
I personally use proxychains for mine. I use yaph with the --use_nmap switchto find em. Works great for me.
hjack
"Where the tree of knowledge stands, there is always paradise": thus speak the oldest and the youngest serpents.
- Friedrich Nietzsche
-
December 12th, 2003, 05:18 AM
#8
Thanx hjack, I came across both those two pieces of 'equipmtn' after the post, haven't checked them yet cuz of stressful philosophy paper due tomorrow :\
/ \\
-
December 12th, 2003, 09:15 AM
#9
Yup, just like hjack pointed out, thats the 2 i use. I recomend reading the following too, before attempting to use this sort of software, since it does bring in a LARGE security issue.
http://www.faqs.org/rfcs/rfc2607.html
Its important that you understand what it is exactly, and how it works. Not just download and use it.
And never never use it if your gonna type anything sensitive, such as passwords, personal info etc.....
This so called proxy chaining also makes you vurnerable to a "man-in-the-middle" attack, where someone captures your packets (encrypted or not) and can resend them to gain access, as well as remote session hijacking. Also make sure if you use it that you have the correct proxies for the wanted use, such as "GET" for web, and "CONNECT" for other tcp connection type applications.
Cheers.
Ubuntu-: Means in African : "Im too dumb to use Slackware"
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|