Skip to content

3128 - Pentesting Squid

web proxy You can try to set this discovered service as proxy in your browser. However, if it's configured with HTTP authentication you will be prompted for usernames and password.

curl --proxy http://$IP:3128 http://$IP

nmap proxified You can also try to abuse the proxy to scan internal ports proxifying nmap. Configure proxychains to use the squid proxy adding he following line at the end of the proxichains.conf file: http 10.10.10.10 3128

proxychains nmap -sT -n -p- localhost

SPOSE scanner Alternatively, the Squid Pivoting Open Port Scanner (https://github.com/aancw/spose)can be used.

git clone https://github.com/aancw/spose.git
python spose.py --proxy http://$IP:3128 --target $IP