January 21, 2020

Using Websploit to Resolve Http Proxy Protected Websites

baphomet1488
Share
proxy-signs

Http proxy protection is a commonly used protection method that will mask a hosts location through the use of intermediary servers. The application Websploit has a very powerful tool that will help a penetration tester resolve an Http proxy protected website into host locations. This is the Cloudflare resolver. While this tool is seemingly specific to Cloudflare protection, I have successfully used it on other types of proxy protection as well, including HAProxy and others.To install Websploit: either use sudo apt-get install websploit if you're a Kali user OR sudo git clone https://github.com/websploit/websploit.gitTo load Websploit MITM Framework:Kali users can simply type in websploit at the command line to load the framework. Users of other distros will likely have to cd into the Websploit directory and type ./websploit to load the framework.Performing a Resolution:wsf>use web/cloudflare_resolverwsf>set target <target>wsf>runExpected output: (run on google.com)[-------------------------][+] Default IP Address : 172.217.6.110[-------------------------][+] mail.google.com : 172.217.6.101[-] webmail.google.com : N/A[+] email.google.com : 172.217.6.110[-] direct-connect-mail.google.com : N/A[-] direct.google.com : N/A[-] direct-connect.google.com : N/A[-] cpanel.google.com : N/A[-] ftp.google.com : N/A[-] forum.google.com : N/A[+] blog.google.com : 172.217.6.105[+] m.google.com : 172.217.6.107[-] dev.google.com : N/A[-] record.google.com : N/A[-] ssl.google.com : N/A[+] dns.google.com : 172.217.6.110[+] help.google.com : 172.217.6.110[+] ns.google.com : 216.239.32.10[+] ns1.google.com : 216.239.32.10[+] ns2.google.com : 216.239.34.10[+] ns3.google.com : 216.239.36.10[+] ns4.google.com : 216.239.38.10[-] irc.google.com : N/A[-] server.google.com : N/A[-] status.google.com : N/A[-] status.google.com : N/A[-] portal.google.com : N/A[-] beta.google.com : N/A[+] admin.google.com : 172.217.6.110[-] imap.google.com : N/A[-] smtp.google.com : N/AAs you can see this potent tool provides a plethora of information, including basic DNS and mail server enumeration and more!

Start learning with Cybrary

Create a free account

Related Posts

All Blogs
Building a Security Team
June 27, 2023

Digital Forensics and Incident Response: What It Is, When You Need It, and How to Implement It

A quick guide to digital forensics and incident response (DFIR): what it is, when it’s needed, how to implement a cutting-edge program, and how to develop DFIR skills on your team.

Read More
Building a Security Team
June 28, 2023

How to Build a Red Team

An overview of what a red team is (and isn’t), and practical tips on how to build a Red Team and develop offensive security skills in your team.

Read More
Tools & Applications
June 7, 2023

How to Make the Most of Blending Learning with Cybrary Live

Learn how to get the most from your cybersecurity training platform by blending on-demand learning with virtual, live courses led by industry experts.

Read More
News & Events
June 7, 2023

Introducing the New Cybrary Learner Experience

Cybrary is launching a key update to the Cybrary Learner experience to elevate hands-on learning and measurement as guiding tenets of Cybrary’s mission.

Read More