Bypassing Proxies

If the chance is that there is a webserver that is a proxy and nothing else, we should use spose.py to properly scan the services behind the proxy.

python3 spose.py --proxy http://192.168.143.189:3128 --target 127.0.0.1
Using proxy address http://192.168.143.189:3128
127.0.0.1 3306 seems OPEN 
127.0.0.1 8080 seems OPEN

Afterwards the only thing that is left for us to do is.

Once that is done we can visit their website in this case by visiting 127.0.0.1:8080 with our proxy enabled.

Previousphpmyadmin NextNode.Js Command Injection

Last updated 2 years ago