Bugtraq mailing list archives
Non-standard usage of HTTP proxy servers
From: Alexander Yurchenko <grange () rt mipt ru>
Date: Mon, 22 Oct 2001 04:34:24 +0400
I'm sorry if the following things are well-known and not interesting for you. The HTML form protocol attack method described by Jochen Topf <jochen () remote org> in his post to BugTraq (http://www.securityfocus.com/cgi-bin/archive.pl?id=1&start=2001-10-17&end=2001-10-23&threads=0&mid=20010815092019.A938 () atlantis remote org) can be used in another way. It's possible to connect to one of the numerous public HTTP proxy servers and send a request like: POST http://some.host:25/ HTTP/1.0 giving the SMTP commands as a content. In that way we can send an e-mail anonymously and trick diffrent DNS black lists. I've attached a simple perl script showing this technique. We can also do the same things using the others ASCII based protocols. Some proxy servers configured to refuse attempts to connect to such ports as SMTP, NNTP, POP3, etc, but many of them not. So HTTP proxy servers can do more than just retrieving HTML pages. -- Alexander Yurchenko (aka grange)
Attachment:
taty.pl
Description:
Current thread:
- Non-standard usage of HTTP proxy servers Alexander Yurchenko (Oct 22)
- Re: Non-standard usage of HTTP proxy servers Keith Young (Oct 22)
- Re: Non-standard usage of HTTP proxy servers Philip Stoev (Oct 22)