From: H D Moore (hdm@digitaloffense.net)
Date: Wed Dec 01 2004 - 21:23:06 EST
A request like the one below usually works for me (with squid and apache
reverse proxy servers):
echo -ne "GET /%00 HTTP/1.0\r\n\r\n" | nc host port
The response from the proxy server is a 404 for the "/" URL. This may have
been "fixed" in newer versions of apache and often works when an invalid
HTTP method does not.
-HD
On Tuesday 30 November 2004 15:15, Maria Da Re wrote:
> Can i check the presence of a reverse proxy
> between me and some webservers?
>
> The pen-test scenario (target network) is:
>
> - 2 level of firewall (pix and iptables)
> - one dmz with a squid configured as reverse proxy
> (and other things)
> - one internal network with 4 webserver with apache
> and public ip address (and other things)
>
> So i would to check if my request to one of webserver
> is natted (by external firewall) to the proxy and
> redirected by the proxy to the webserver. I can work
> from Internet, from a subnet connected to external
> firewall, from a subnet connected to internal
> firewall.
>
> Some suggestions?
>
> Many thanks
>
> m.
>
>
>
>
> ___________________________________
> Nuovo Yahoo! Messenger: E' molto più divertente: Audibles, Avatar,
> Webcam, Giochi, Rubrica… Scaricalo ora! http://it.messenger.yahoo.it
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:09 EDT