Detecting whether a proxy is HTTP or SOCKS

0

2

Based on the long search in net I came to know that SOCKS uses a handshake protocol to inform the proxy software about the connection that the client is trying to make, and then acts as transparently as possible, whereas an HTTP proxy may interpret and rewrite headers. And we can use both as well.

What I want to know is, how can we find if the proxy is HTTP, SOCKS4, SOCKS4a or SOCKS5? Is there any way to find out? And I can guess that we can't differ it based on port number because there are lot of port numbers available for each of the types. Please help me to differ the proxy based on HTTP or SOCKS.

yasmuru

Posted 2013-08-19T10:57:43.903

Reputation: 101

Answers

0

You could try using the tool 'nmap' to attempt to detect the version of the service on that port.

For instance: nmap -sV -p{port} {server}

In the below sample, you can see that it's a HTTP (versus SOCKS) proxy:

my-desktop ~ # nmap -sV -p8080 192.168.3.40

Starting Nmap 6.40 ( http://nmap.org ) at 2016-02-23 10:46 CST Nmap scan report for 192.168.3.40 Host is up (0.00036s latency). PORT STATE SERVICE VERSION 8080/tcp open http-proxy Squid http proxy 3.3.8

Service detection performed. Please report any incorrect results at http://nmap.org/submit/ . Nmap done: 1 IP address (1 host up) scanned in 7.45 seconds

https://nmap.org/book/man-version-detection.html

maniac

Posted 2013-08-19T10:57:43.903

Reputation: 76

0

Try this little python script:

$ cat get_version.py 
#!/usr/bin/python

import struct
import socket
import sys


try:
        server = sys.argv[1]
        port = sys.argv[2]
except:
        print "Usage: server port"

try:
        sen = struct.pack('BBB', 0x05, 0x01, 0x00)
        s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
        s.connect(( server , int( port )  ))
        s.sendall(sen)
        data = s.recv(2)
        s.close()
        version, auth = struct.unpack('BB', data)
        print 'server : port  is  ', server, ':', port, '; varsion: ', version
except Exception as e:
        print e

innocent-world

Posted 2013-08-19T10:57:43.903

Reputation: 141

Asked: 2013-08-19T10:57:43.903

Viewed: 3 418 times

Active: 2020-02-01T00:03:05.423