Chip 2007 January, February, March & April

home *** CD-ROM | disk | FTP | other *** search

/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / modules / nessus-2.2.8.mo / usr / lib / nessus / plugins / proxy_use.nasl < prev next >

Wrap

Text File | 2005-01-14 | 3KB | 115 lines

# # This script was written by Renaud Deraison <deraison@cvs.nessus.org> # # See the Nessus Scripts License for details # if(description) { script_id(10195); script_version ("$Revision: 1.21 $"); name["english"] = "Usable remote proxy"; name["francais"] = "Proxy distant utilisable"; script_name(english:name["english"], francais:name["francais"]); desc["english"] = string("The misconfigured proxy accepts requests coming from anywhere. This allows attackers to gain some anonymity when browsing some sensitive sites using your proxy, making the remote sites think that the requests come from your network. Solution: Reconfigure the remote proxy so that it only accepts requests coming from inside your network. Risk factor : Low / Medium"); desc["francais"] = string("Le proxy mal configurΘ accepte des requΩtes provenant de n'importe o∙, ce qui peut permettre α des intrus de browser le web avec un certain anonymat, lorsqu'ils utilisent ce proxy, en faisant croire aux sites distants que les requΩtes proviennent de votre rΘseau. Ce problΦme leur permet aussi de gacher votre bande passante. Solution : reconfigurez votre proxy afin qu'il n'accepte que les requΩtes provenant de votre rΘseau interne. Facteur de risque : Faible/Moyen"); script_description(english:desc["english"], francais:desc["francais"]); summary["english"] = "Determines if we can use the remote web proxy"; summary["francais"] = "Determine si nous pouvons utiliser le proxy web distant"; script_summary(english:summary["english"], francais:summary["francais"]); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 1999 Renaud Deraison", francais:"Ce script est Copyright (C) 1999 Renaud Deraison"); family["english"] = "Firewalls"; family["francais"] = "Firewalls"; script_family(english:family["english"], francais:family["francais"]); script_dependencie("find_service.nes"); script_require_ports("Services/http_proxy", 3128, 8080); exit(0); } # # The script code starts here # include("http_func.inc"); include("misc_func.inc"); ports = add_port_in_list(list:get_kb_list("Services/http_proxy"), port:3128); ports = add_port_in_list(list:ports, port:8080); foreach port (ports) { soc = open_sock_tcp(port); if(soc) { domain = get_kb_item("Settings/third_party_domain"); if(domain) name = string("www.", domain); else name = "www"; req = string("GET / HTTP/1.0\r\nProxy-Connection: Keep-Alive\r\n\r\n"); send(socket:soc, data:req); r = http_recv_headers(soc); page = recv(socket:soc, length:50); close(soc); soc = open_sock_tcp(port); if (soc) { command = string("GET http://", name, "/ HTTP/1.0\r\nProxy-Connection: Keep-Alive\r\n\r\n"); send(socket:soc, data:command); buffer = http_recv_headers(soc); if(egrep(pattern:"^HTTP/1\.[01] 200 .*", string:buffer)) { page2 = recv(socket:soc, length:50); if(!(page == page2)) { security_warning(port); set_kb_item(name:"Proxy/usage", value:TRUE); } } if(egrep(pattern:"^HTTP/1\.[01] 50[23] .*", string:buffer)) { security_warning(port); set_kb_item(name:"Proxy/usage", value:TRUE); } close(soc); } } }