Security Basics mailing list archives
Re: testing webapp - socks and http proxy question
From: jack.a.mannino () gmail com
Date: Thu, 15 Jan 2009 20:02:33 +0000
Burp itself only supports proxying upstream to an http proxy. If you want SOCKS, then you need to chain Burp to go through an http proxy capable of forwarding to a SOCKS proxy. That is why Iike using Privoxy. I forward my Burp traffic to it, and then chain Privoxy through Tor. You can substitute the proxies of your choice, but that is the basic idea. -Jack Sent from my Verizon Wireless BlackBerry -----Original Message----- From: learn lids <learnlids () yahoo com> Date: Wed, 14 Jan 2009 18:47:16 To: <pen-test () securityfocus com>; <security-basics () securityfocus com>; <webappsec () securityfocus com>; Amardeep Singh<Amardeep_Singh () symantec com> Subject: Re: testing webapp - socks and http proxy question amardeep : http is an application layer (7) protocol; while socks is a session layer (5) protocol. afaik paros supports only a layer-7 outgoing proxy. -learner --- On Fri, 1/9/09, Amardeep Singh <Amardeep_Singh () symantec com> wrote:
From: Amardeep Singh <Amardeep_Singh () symantec com> Subject: testing webapp - socks and http proxy question To: pen-test () securityfocus com, security-basics () securityfocus com, webappsec () securityfocus com Cc: learnlids () yahoo com Date: Friday, January 9, 2009, 4:54 AM Hello, I am not sure for Burp Configuration, But on same lines If you use Paros Proxy (On same lines to Burp) then you can configure your requirements by going to Tolls-->Options--->Connection Amardeep Singh -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of learn lids Sent: Friday, January 09, 2009 10:05 AM To: pen-test () securityfocus com; webappsec () securityfocus com; security-basics () securityfocus com Subject: testing webapp - socks and http proxy question hello everybody, moderators : sorry about the cross-post, but i thoght this question is relevant to all these 3 lists. i am trying to test a web app which is accessible by only a socks proxy. so i want to redirect the http traffic through the socks proxy to access th webapp. the setup is: browser {OUT 127.0.0.1:8080} ---> burp proxy --> socks proxy to webapp i am not sure how to make burp talk to the socks proxy. i used proxychains but i am not able to make it work. any suggestions are much appreciated. any other alternate methods would be nice. thank you, learner
------------------------------------------------------------------------- Sponsored by: Watchfire Methodologies & Tools for Web Application Security Assessment With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today! https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F -------------------------------------------------------------------------
Current thread:
- Re: testing webapp - socks and http proxy question learn lids (Jan 15)
- <Possible follow-ups>
- Re: testing webapp - socks and http proxy question K (Jan 15)
- Re: testing webapp - socks and http proxy question learn lids (Jan 15)
- Re: testing webapp - socks and http proxy question learn lids (Jan 15)
- Re: testing webapp - socks and http proxy question jack . a . mannino (Jan 15)
- Re: testing webapp - socks and http proxy question K (Jan 15)