hacktricks/network-services-pentesting/3128-pentesting-squid.md

74 lines
3.9 KiB
Markdown
Raw Normal View History

2022-04-28 16:01:33 +00:00
<details>
<summary><strong>Support HackTricks and get benefits!</strong></summary>
2022-09-09 11:28:04 +00:00
- Do you work in a **cybersecurity company**? Do you want to see your **company advertised in HackTricks**? or do you want to have access to the **latest version of the PEASS or download HackTricks in PDF**? Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
2022-04-28 16:01:33 +00:00
2022-09-09 11:28:04 +00:00
- Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family)
2022-04-28 16:01:33 +00:00
2022-09-09 11:28:04 +00:00
- Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
2022-04-28 16:01:33 +00:00
2022-09-09 11:28:04 +00:00
- **Join the** [**💬**](https://emojipedia.org/speech-balloon/) [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** me on **Twitter** [**🐦**](https://github.com/carlospolop/hacktricks/tree/7af18b62b3bdc423e11444677a6a73d4043511e9/\[https:/emojipedia.org/bird/README.md)[**@carlospolopm**](https://twitter.com/carlospolopm)**.**
2022-04-28 16:01:33 +00:00
2022-09-09 11:28:04 +00:00
- **Share your hacking tricks by submitting PRs to the** [**hacktricks github repo**](https://github.com/carlospolop/hacktricks)**.**
2022-04-28 16:01:33 +00:00
</details>
2022-05-01 12:49:36 +00:00
# Basic Information
2021-04-02 11:54:47 +00:00
2022-02-03 02:15:45 +00:00
**Squid** is a caching and forwarding HTTP web proxy. It has a wide variety of uses, including speeding up a web server by caching repeated requests, caching web, DNS and other computer network lookups for a group of people sharing network resources, and aiding security by filtering traffic. Although primarily used for HTTP and FTP, Squid includes limited support for several other protocols including Internet Gopher, SSL, TLS and HTTPS. Squid does not support the SOCKS protocol, unlike Privoxy, with which Squid can be used in order to provide SOCKS support. (From [here](https://en.wikipedia.org/wiki/Squid\_\(software\))).
2021-04-02 11:54:47 +00:00
**Default port:** 3128
2022-02-03 02:15:45 +00:00
```
2021-04-02 11:54:47 +00:00
PORT STATE SERVICE VERSION
3128/tcp open http-proxy Squid http proxy 4.11
```
2022-05-01 12:49:36 +00:00
# Enumeration
2021-04-02 11:54:47 +00:00
2022-05-01 12:49:36 +00:00
## Web Proxy
2021-04-02 11:54:47 +00:00
You can try to set this discovered service as proxy in your browser. However, if it's configured with HTTP authentication you will be prompted for usernames and password.
2022-02-03 02:15:45 +00:00
```bash
# Try yo proxify curl
curl --proxy http://10.10.11.131:3128 http://10.10.11.131
```
2022-05-01 12:49:36 +00:00
## Nmap proxified
2021-04-02 11:54:47 +00:00
2022-02-03 02:15:45 +00:00
You can also try to abuse the proxy to **scan internal ports proxifying nmap**.\
2021-04-02 11:54:47 +00:00
Configure proxychains to use the squid proxy adding he following line at the end of the proxichains.conf file: `http 10.10.10.10 3128`
Then run nmap with proxychains to **scan the host from local**: `proxychains nmap -sT -n -p- localhost`
2022-09-01 00:21:26 +00:00
## SPOSE Scanner
2022-04-28 16:01:33 +00:00
2022-09-01 01:14:37 +00:00
Alternatively, the Squid Pivoting Open Port Scanner ([spose.py](https://github.com/aancw/spose)) can be used.
2022-09-01 00:21:26 +00:00
```bash
python spose.py --proxy http://10.10.11.131:3128 --target 10.10.11.131
```
2022-04-28 16:01:33 +00:00
<details>
<summary><strong>Support HackTricks and get benefits!</strong></summary>
2022-09-09 11:28:04 +00:00
- Do you work in a **cybersecurity company**? Do you want to see your **company advertised in HackTricks**? or do you want to have access to the **latest version of the PEASS or download HackTricks in PDF**? Check the [**SUBSCRIPTION PLANS**](https://github.com/sponsors/carlospolop)!
2022-04-28 16:01:33 +00:00
2022-09-09 11:28:04 +00:00
- Discover [**The PEASS Family**](https://opensea.io/collection/the-peass-family), our collection of exclusive [**NFTs**](https://opensea.io/collection/the-peass-family)
2022-04-28 16:01:33 +00:00
2022-09-09 11:28:04 +00:00
- Get the [**official PEASS & HackTricks swag**](https://peass.creator-spring.com)
2022-04-28 16:01:33 +00:00
2022-09-09 11:28:04 +00:00
- **Join the** [**💬**](https://emojipedia.org/speech-balloon/) [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** me on **Twitter** [**🐦**](https://github.com/carlospolop/hacktricks/tree/7af18b62b3bdc423e11444677a6a73d4043511e9/\[https:/emojipedia.org/bird/README.md)[**@carlospolopm**](https://twitter.com/carlospolopm)**.**
2022-04-28 16:01:33 +00:00
2022-09-09 11:28:04 +00:00
- **Share your hacking tricks by submitting PRs to the** [**hacktricks github repo**](https://github.com/carlospolop/hacktricks)**.**
2022-04-28 16:01:33 +00:00
</details>