Ready to Start Your Career?
By: baphomet1488
January 10, 2017
Using Websploit to Resolve Http Proxy Protected Websites
By: baphomet1488
January 10, 2017
Http proxy protection is a commonly used protection method that will mask a hosts location through the use of intermediary servers. The application Websploit has a very powerful tool that will help a penetration tester resolve an Http proxy protected website into host locations. This is the Cloudflare resolver. While this tool is seemingly specific to Cloudflare protection, I have successfully used it on other types of proxy protection as well, including HAProxy and others.To install Websploit: either use sudo apt-get install websploit if you're a Kali user OR sudo git clone https://github.com/websploit/websploit.gitTo load Websploit MITM Framework:Kali users can simply type in websploit at the command line to load the framework. Users of other distros will likely have to cd into the Websploit directory and type ./websploit to load the framework.Performing a Resolution:wsf>use web/cloudflare_resolverwsf>set target <target>wsf>runExpected output: (run on google.com)
[-------------------------][+] Default IP Address : 172.217.6.110[-------------------------][+] mail.google.com : 172.217.6.101[-] webmail.google.com : N/A[+] email.google.com : 172.217.6.110[-] direct-connect-mail.google.com : N/A[-] direct.google.com : N/A[-] direct-connect.google.com : N/A[-] cpanel.google.com : N/A[-] ftp.google.com : N/A[-] forum.google.com : N/A[+] blog.google.com : 172.217.6.105[+] m.google.com : 172.217.6.107[-] dev.google.com : N/A[-] record.google.com : N/A[-] ssl.google.com : N/A[+] dns.google.com : 172.217.6.110[+] help.google.com : 172.217.6.110[+] ns.google.com : 216.239.32.10[+] ns1.google.com : 216.239.32.10[+] ns2.google.com : 216.239.34.10[+] ns3.google.com : 216.239.36.10[+] ns4.google.com : 216.239.38.10[-] irc.google.com : N/A[-] server.google.com : N/A[-] status.google.com : N/A[-] status.google.com : N/A[-] portal.google.com : N/A[-] beta.google.com : N/A[+] admin.google.com : 172.217.6.110[-] imap.google.com : N/A[-] smtp.google.com : N/AAs you can see this potent tool provides a plethora of information, including basic DNS and mail server enumeration and more!
