Penetration Testing mailing list archives

Re: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite?

From: Richard Miles <richard.k.miles () googlemail com>
Date: Fri, 13 Mar 2009 13:46:20 -0300

Hi Wasim

Yes, it appear to work. Thank you a lot for the point.


On Fri, Mar 13, 2009 at 2:56 AM, Wasim Halani <wasimhalani () gmail com> wrote:

Hi Richard,

I believe Burpsuite 1.2 has this feature called 'Match and Replace'
which can replace content based on regular expression. For more info,
visit the link:

http://portswigger.net/proxy/help.html#matchreplace

Regards,

---
Wasim Halani
Security Analyst
Network Intelligence (India) Pvt. Ltd.

----------
People often hate those things which they do not know or cannot
understand. -- Imam Ali (p.b.u.h.)


On Tue, Mar 10, 2009 at 9:16 PM, Richard Miles
<richard.k.miles () googlemail com> wrote:


Hi Amardeep and Rchard Thomas,

Thank you for the input. Well, I did look at the Paros for example and
BurpSuite, however I only found a way to do it manualy (request by
request), and I need a way to do it transparent - without user
interaction (in the case, I),  like a header rewrite on the fly. Ex.:
Find header "Cookie: user=XXXXXXXXccxcxscscs; tamp=23434732674272" and
replace it on the fly with "Cookie: user=YYYYYYYccxcxscscs;
tamp=111111111111111111; admin=1", and we can't forget that the proxy
have to deal and fix the size of the content-lenght - so just send the
packet to the webserver.

Not so easy, ahn?

Check for example the manual of Paros, it only explain a manual
section named: Trapping HTTP requests and responses.

Thanks for the input.

On Tue, Mar 10, 2009 at 6:50 AM, Amardeep Singh
<Amardeep_Singh () symantec com> wrote:

Paros, Burp, WebScrab are some of the really god options you can try. I
know Paros is the easiest to install and get going.

Amardeep Singh



-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Richard Miles
Sent: Tuesday, March 10, 2009 3:01 AM
To: pen-test () securityfocus com
Subject: Cisco 3015 concentrator VPN bruteforce? And proxy with easy
header rewrite?

A bit off-topic: Does anyone know a easy to install and configure web
proxy for windows which enable headers rewrite? I need to setup a fast
web proxy at my windows box to replace all headers (before they are
sent to the webserver) of the "Cookie" field and a proprietary header.

Current thread:

Re: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite?, (continued)
- - - Re: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite? aditya mukadam (Mar 15)
    - Re: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite? Richard Miles (Mar 15)
    - Re: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite? Marco Ivaldi (Mar 15)
    - RE: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite? Alex Eden (Mar 15)
    - Re: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite? Richard Miles (Mar 15)
- Re: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite? Richard Thomas (Mar 12)
- RE: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite? Amardeep Singh (Mar 12)
  - Re: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite? Richard Miles (Mar 12)
    - Message not available
    - Re: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite? Richard Miles (Mar 15)
    - Re: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite? Wasim Halani (Mar 15)
    - Re: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite? Richard Miles (Mar 15)