Penetration Testing mailing list archives
Re: check the presence of a reverse proxy
From: H D Moore <hdm () digitaloffense net>
Date: Wed, 1 Dec 2004 20:23:06 -0600
A request like the one below usually works for me (with squid and apache reverse proxy servers): echo -ne "GET /%00 HTTP/1.0\r\n\r\n" | nc host port The response from the proxy server is a 404 for the "/" URL. This may have been "fixed" in newer versions of apache and often works when an invalid HTTP method does not. -HD On Tuesday 30 November 2004 15:15, Maria Da Re wrote:
Can i check the presence of a reverse proxy between me and some webservers? The pen-test scenario (target network) is: - 2 level of firewall (pix and iptables) - one dmz with a squid configured as reverse proxy (and other things) - one internal network with 4 webserver with apache and public ip address (and other things) So i would to check if my request to one of webserver is natted (by external firewall) to the proxy and redirected by the proxy to the webserver. I can work from Internet, from a subnet connected to external firewall, from a subnet connected to internal firewall. Some suggestions? Many thanks m. ___________________________________ Nuovo Yahoo! Messenger: E' molto più divertente: Audibles, Avatar, Webcam, Giochi, Rubrica Scaricalo ora! http://it.messenger.yahoo.it
Current thread:
- RE: check the presence of a reverse proxy Marchand, Tom (Dec 01)
- RE: check the presence of a reverse proxy Maria Da Re (Dec 02)
- <Possible follow-ups>
- Re: check the presence of a reverse proxy hvjuan (Dec 01)
- Re: check the presence of a reverse proxy rlpentest (Dec 01)
- Re: check the presence of a reverse proxy Cedric Foll (Dec 01)
- Re: check the presence of a reverse proxy H D Moore (Dec 02)
- Re: check the presence of a reverse proxy joe star (Dec 07)