From: Andres Riancho (andresit@fibertel.com.ar)
Date: Sat Mar 26 2005 - 18:37:37 EST
FF 647 ,
This is kind of hard to do because you dont really know the subnet they
are using on their internal lan ( 10.* , 192.168.* or 172.16.* ) so the
worse part is to "guess" where they have the internal web servers. Some time
ago i asked myself this same question and i got to this answer :
a ) configure proxychains to use the netcache
b ) run : proxychains nmap -sT -sV -p80 -P0 192.168.1-15.1-50
Also , netcache can be configured to retrieve only external web pages if
this is the case , i dont know how to bypass that.
Hope this helps .
Cheers ,
Andres Riancho
----- Original Message -----
From: "FF 647" <ff_647@yahoo.com>
To: <pen-test@securityfocus.com>
Sent: Friday, March 25, 2005 9:40 PM
Subject: Reverse Proxy Pen Testing
> Does anyone know of a way to test a netcache to see if
> it will return content from web sites on an internal
> network -- intranet sites that would otherwise not be
> viewable by the public? Any info would be appreciated
> as we are investigating techniques to simulate
> Internet based attack vectors against our reverse proxy.
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
>
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:18 EDT