Most of us know that thousands of web sites around the
internet use squid to increase their content delivery. Some web sites use squid
to provide a proxy service like squidproxies
a lot not all that sell proxies like shared proxies require a login to access
the proxy server to visit the web page.
Better known as ‘407 proxy authentication required’
Most require Proxy-Connection & Proxy-Authorization
because they are proxy servers and have this html request imbedded within the
packet meaning you won’t see the login just by visiting the ip you have to treat
it like a proxy within your browser for the login to pop up like so…
I built a scanner to find squid authentication proxies.
Rather than having to manually put in the ip into your web browser I made it so
it would work with win-sock.
The scanner is free but the cracker to crack them is not.
You won’t find a squid proxy cracker online so it will cost you $50 CAN. The
cracker works the same way as my PR Base64 Brute Force Cracker but is built to crack squid
authentication instead. You get both v1 & v2. v1 is the single host against
multiple passwords like a true brute force or v2 the list version which goes
after multiple hosts against 1 password. This would allow you to piggy back off
of someone’s user & pass and use the proxy as your own. You can contact me @ Me
You can grab the scanner here... PR Squid Proxy Authentication Scanner
Added Feb.4/15
I need to also comment on something. This is a message to all those that are against what I do.
People that run a business and make money off of it want to protect it, this is totally understandable. But try to take some advice, before you start a service make sure you understand what you're getting in to before you get in to it. Such as security and what to look for. I like to teach that's my biggest thing so if you see my programs and feel they may effect you or didn't realize stuff like this can be done. I taught you something new, that's good enough for me. I'm not a bad evil guy. I just think outside the box and exploit it, don't get mad.
I added this comment based on several emails from proxy providers.
Added Feb.4/15
I need to also comment on something. This is a message to all those that are against what I do.
People that run a business and make money off of it want to protect it, this is totally understandable. But try to take some advice, before you start a service make sure you understand what you're getting in to before you get in to it. Such as security and what to look for. I like to teach that's my biggest thing so if you see my programs and feel they may effect you or didn't realize stuff like this can be done. I taught you something new, that's good enough for me. I'm not a bad evil guy. I just think outside the box and exploit it, don't get mad.
I added this comment based on several emails from proxy providers.
No comments:
Post a Comment