3128 - Pentesting Squid

Learn & practice AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE) Learn & practice GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE)

Support HackTricks

Check the subscription plans!
Join the 💬 Discord group or the telegram group or follow us on Twitter 🐦 @hacktricks_live.
Share hacking tricks by submitting PRs to the HackTricks and HackTricks Cloud github repos.

Basic Information

From Wikipedia:

Squid ni proxy ya wavuti ya HTTP inayohifadhi na kupeleka. Ina matumizi mbalimbali, ikiwa ni pamoja na kuongeza kasi ya seva ya wavuti kwa kuhifadhi maombi yanayorudiwa, kuhifadhi wavuti, DNS na utafutaji mwingine wa mtandao wa kompyuta kwa kundi la watu wanaoshiriki rasilimali za mtandao, na kusaidia usalama kwa kuchuja trafiki. Ingawa inatumika hasa kwa HTTP na FTP, Squid ina msaada mdogo kwa protokali nyingine kadhaa ikiwa ni pamoja na Internet Gopher, SSL, TLS na HTTPS. Squid haisaidii protokali ya SOCKS, tofauti na Privoxy, ambayo Squid inaweza kutumika ili kutoa msaada wa SOCKS.

Default port: 3128

PORT     STATE  SERVICE      VERSION
3128/tcp open   http-proxy   Squid http proxy 4.11

Enumeration

Web Proxy

Unaweza kujaribu kuweka huduma hii iliyogunduliwa kama proxy kwenye kivinjari chako. Hata hivyo, ikiwa imewekwa na uthibitisho wa HTTP, utaombwa kwa majina ya watumiaji na nywila.

# Try to proxify curl
curl --proxy http://10.10.11.131:3128 http://10.10.11.131

Nmap proxified

You can also try to abuse the proxy to scan internal ports proxifying nmap. Configure proxychains to use the squid proxy adding he following line at the end of the proxichains.conf file: http 10.10.10.10 3128 Kwa proxies zinazohitaji uthibitisho, ongeza taarifa za kuingia kwenye usanidi kwa kujumuisha jina la mtumiaji na nenosiri mwishoni: http 10.10.10.10 3128 username passw0rd.

Then run nmap with proxychains to scan the host from local: proxychains nmap -sT -n -p- localhost

SPOSE Scanner

Alternatively, the Squid Pivoting Open Port Scanner (spose.py) can be used.

python spose.py --proxy http://10.10.11.131:3128 --target 10.10.11.131

Support HackTricks

Angalia mpango wa usajili!
Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au tufuatilie kwenye Twitter 🐦 @hacktricks_live.
Shiriki mbinu za hacking kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud repos za github.

Previous2375, 2376 Pentesting Docker Next3260 - Pentesting ISCSI

Last updated 4 months ago

Basic Information

Squid ni proxy ya wavuti ya HTTP inayohifadhi na kupeleka. Ina matumizi mbalimbali, ikiwa ni pamoja na kuongeza kasi ya seva ya wavuti kwa kuhifadhi maombi yanayorudiwa, kuhifadhi wavuti, DNS na utafutaji mwingine wa mtandao wa kompyuta kwa kundi la watu wanaoshiriki rasilimali za mtandao, na kusaidia usalama kwa kuchuja trafiki. Ingawa inatumika hasa kwa HTTP na FTP, Squid ina msaada mdogo kwa protokali nyingine kadhaa ikiwa ni pamoja na Internet Gopher, SSL, TLS na HTTPS. Squid haisaidii protokali ya SOCKS, tofauti na Privoxy, ambayo Squid inaweza kutumika ili kutoa msaada wa SOCKS.

Default port: 3128

PORT     STATE  SERVICE      VERSION
3128/tcp open   http-proxy   Squid http proxy 4.11

Enumeration

Web Proxy

Unaweza kujaribu kuweka huduma hii iliyogunduliwa kama proxy kwenye kivinjari chako. Hata hivyo, ikiwa imewekwa na uthibitisho wa HTTP, utaombwa kwa majina ya watumiaji na nywila.

# Try to proxify curl
curl --proxy http://10.10.11.131:3128 http://10.10.11.131

Nmap proxified

Then run nmap with proxychains to scan the host from local: proxychains nmap -sT -n -p- localhost

SPOSE Scanner

Alternatively, the Squid Pivoting Open Port Scanner (spose.py) can be used.

python spose.py --proxy http://10.10.11.131:3128 --target 10.10.11.131