Security Basics mailing list archives
Re: testing webapp - socks and http proxy question
From: K <rusty_johnson2 () yahoo com>
Date: Thu, 15 Jan 2009 15:28:21 -0800 (PST)
All, I am making a video on how to do this and it will be available tomorrow. Ken On Jan 15, 2009, at 3:02 PM, jack.a.mannino () gmail com wrote: Burp itself only supports proxying upstream to an http proxy. If you want SOCKS, then you need to chain Burp to go through an http proxy capable of forwarding to a SOCKS proxy. That is why Iike using Privoxy. I forward my Burp traffic to it, and then chain Privoxy through Tor. You can substitute the proxies of your choice, but that is the basic idea. -Jack Sent from my Verizon Wireless BlackBerry -----Original Message----- From: learn lids <learnlids () yahoo com> Date: Wed, 14 Jan 2009 18:47:16 To: <pen-test () securityfocus com>; <security-basics () securityfocus com>; <webappsec () securityfocus com>; Amardeep Singh<Amardeep_Singh () symantec com> Subject: Re: testing webapp - socks and http proxy question amardeep : http is an application layer (7) protocol; while socks is a session layer (5) protocol. afaik paros supports only a layer-7 outgoing proxy. -learner --- On Fri, 1/9/09, Amardeep Singh <Amardeep_Singh () symantec com> wrote: From: Amardeep Singh <Amardeep_Singh () symantec com> Subject: testing webapp - socks and http proxy question To: pen-test () securityfocus com, security-basics () securityfocus com, webappsec () securityfocus com Cc: learnlids () yahoo com Date: Friday, January 9, 2009, 4:54 AM Hello, I am not sure for Burp Configuration, But on same lines If you use Paros Proxy (On same lines to Burp) then you can configure your requirements by going to Tolls-->Options--->Connection Amardeep Singh -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of learn lids Sent: Friday, January 09, 2009 10:05 AM To: pen-test () securityfocus com; webappsec () securityfocus com; security-basics () securityfocus com Subject: testing webapp - socks and http proxy question hello everybody, moderators : sorry about the cross-post, but i thoght this question is relevant to all these 3 lists. i am trying to test a web app which is accessible by only a socks proxy. so i want to redirect the http traffic through the socks proxy to access th webapp. the setup is: browser {OUT 127.0.0.1:8080} ---> burp proxy --> socks proxy to webapp i am not sure how to make burp talk to the socks proxy. i used proxychains but i am not able to make it work. any suggestions are much appreciated. any other alternate methods would be nice. thank you, learner ------------------------------------------------------------------------- Sponsored by: Watchfire Methodologies & Tools for Web Application Security Assessment With the rapid rise in the number and types of security threats, web application security assessments should be considered a crucial phase in the development of any web application. What methodology should be followed? What tools can accelerate the assessment process? Download this Whitepaper today! https://www.watchfire.com/securearea/whitepapers.aspx?id=70170000000940F -------------------------------------------------------------------------
Current thread:
- Re: testing webapp - socks and http proxy question learn lids (Jan 15)
- <Possible follow-ups>
- Re: testing webapp - socks and http proxy question K (Jan 15)
- Re: testing webapp - socks and http proxy question learn lids (Jan 15)
- Re: testing webapp - socks and http proxy question learn lids (Jan 15)
- Re: testing webapp - socks and http proxy question jack . a . mannino (Jan 15)
- Re: testing webapp - socks and http proxy question K (Jan 15)