Scripts for proxy detection

[Joao Correa <joao () livewire com br>]

Hi everyone,

I've been working on some scripts to detect open proxy servers. As a
starting point I've made a few changes on the http-open-proxy script,
including different methods beyond GET. I've also included POST, HEAD
and CONNECT methods to it.

I was planning to include socks open proxy detection on the same
script, but, as both proxy servers are different and use to run on
different ports, I think it is better to set two different scripts,
with different port rules. This way, http related code would never be
sent to a socks proxy, what could happen if both tests were on the
same script. A way of having only one script would be testing the open
ports and test only those proxy servers related to such ports...
anyway I think that this solution isn't the best, since it will make
the code much more complex.

The socks detection script is also displaying a lot of connection
related information. I'm planning to soon make all these information
visible only if requested by the user with a script argument.

I've also changed both script names because with the new names both
scripts will be listed together in the script directory, what I think
is nice, since they are both related. Anyway, the new names are not
definitive.

If someone is able to test the code, I would really make good use of
some feedback.

Thanks
Joao Correa

Attachment: proxy-open-http.nse
Description:

Attachment: proxy-open-socks.nse
Description:

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org