""""""" "" """""""""" """""""""""""""""" """ """""""""""" """"" """"""""" """" , crewl underground madness . : _____________________ ____ ; hc ; _ _ ____l__ _ _ __ __ _\ / / \ \/ /_ __ __ _____ __:___ ___|_ ( __ ((_ )__ (( _ __// , --<< << << _ _ >>>__)_ ___))__ (__ ___ )) _ k q \________\________\___\/___/ p : ; : ' "we do whatever tickles our dick!" . """""" """"""""" """" """""""""" """"""""""""""" """""""""" """"""""""""" """ +---------------------[CUM Proxy Toolkit v1.0 - CPT v1.0]---------------------+ 1) The proxy list scanner: -------------------------- To scan one or more lists with proxy servers, start proxyscn.class like this: java proxyscn [ ...] ---- is a unique string to identify the proxy scanning session, for example: java proxyscn aa list1 this will scan list1 for proxies, and uses "aa" as ID, this will result in all output being saved to the file "output." or in this case "output.aa" ------ a file with ip's or domainnames and port numbers, one on each line in this format: " " for example: www.possibleproxy.com 8080 12.34.56.78 80 note that you can put additional info on the same line, as long as there is at least 1 space between the port number and the info for example; www.possibleproxy.com 8080 maybe this is a proxy 12.34.56.78 80 i doubt this one is... if you have a list formatted like this: ":" just pipe it through sed like this: cat | sed 's/:/ /' >newlist you can enter multiple lists on the command line at once: java proxyscn aa list.1 list.2 list.3 this will scan list.1, list.2 and list.3, and output the result in the file "output.aa" the output file --------------- as already mentioned above, the output of the proxy scanner gets saved in the file "output.", lines in this file look like this: www.possibleproxy.com 8080 OK CPT_CUM_PROXY_CHECKER 1.2.3.4 8080 A1 R1 C1 12.34.56.78 80 ERROR in the first line, www.possibleproxy.com has a valid proxyservice running on port 8080, when using this proxy, the "other side" sees the ip 1.2.3.4, the proxy keeps the "User-Agent:" HTTP header intact ("A1" - if not, it will be "A0"), it keeps the "Referer:" header intact ("R1" - if not, it will be "R0"), and it forwards "Cookie:" headers ("C1" - if not, it will be "C0"). in the second line, 12.34.56.78 has no valid proxyservice running on port 80, or another error occured (time-out, no route, etc.) i've included 2 small scripts with which you can sort and filter your output lists: listall : this one outputs all valid proxies in this format: " " the dommain name/ip is the ip you connected to when scanning for a proxy. note that "listall" alphabetically sorts the output, and removes all dupes. listuniq: this one outputs all valid proxies in this format: " " the ip is the ip the "other side" sees. for example, 1.2.3.4 and 1.2.3.5 could both be running a proxy service on port 80, but when using those, both use 1.2.3.10 , so if you want to make a list of proxies that work, you would just use listall, but if it's necesary that they work using each a *unique* ip, you would use listuniq to determine wether the proxy forwards the "User-Agent:", "Cookie:" and "Referer:" header, and to check the ip the "other side" sees, the scanner fetches the url: http://www.blackhat.be/cgi-bin/cpt.pl and this script then sends back the info to the scanner. please note that proxyscn.class makes use of the Timed* classes also included - these are very useful since java has no method for specifying a timeout period for connect operations. More info and sources can be found here: http://developer.java.sun.com/developer/technicalArticles/Networking/timeouts/ 2) The toip tool: ----------------- toip.class is a tool that takes a list with domain names and does an ip lookup. Before scanning a list with possible proxies, it's good to run the list through toip first, this makes the proxy scanner faster (no more dns lookups - this is important when you regulary scan the same list) and it also weeds out the names that give a lookup error. you start toip like this: java toip [ ...] where "list1" is a list with an ip or domain name on each line. note that other info on that line is allowed as long as there is at least one space between the domain name and the info. example: www.testproxy.com www.123proxy.com 8080 12.34.56.78 www.couldbeproxy.com 5000 this could be a proxyserver toip automatically writes it's output to the file .ip so if you start toip like this: java toip list1 list2 list3 the output will be saved to list1.ip , list2.ip and list3.ip errors are written to stdout 3) The proxylog tool: --------------------- proxylog.class is a dirty and unfinished tool that takes one or more (log)- files as input, searches through them for specific strings (like "cach", or "prox"), filters those matches, and outputs those 7 times to a file, but each time with a different port number (80, 81, 1080, 3128, 8000, 8080 and 8081). This tool is useful to filter proxies out of web access logs (it isn't really useful anymore for Apache logs, since the 1.3.x versions standard don't do any name lookups anymore to increase speed). for example if you have this line in a logfile called "test.log": nagnagblabal.... proxylog will write the following lines in the file "test.log.prox": cache01.test.net 80 cache01.test.net 81 ... cache01.test.net 8081 this is an old tool that can still be useful sometimes, but it'll fail alot of times too :) 4) Last words / greets: ----------------------- If you find a bug in one of the CPT tools, or have an idea for a feature that would be cool in one of the CPT tools (or a new tool for CPT), please let us know via email: toxic@blackhat.be webmaster@blackhat.be Check our site http://www.blackhat.be/ for the lastest version of CPT. greets/thanks to everybody who supports us +----------------------------- cum memberlist --------------------------------+ .___ immortal intruder : .,-------, .___ _/ \..,-------, - functions : hacker, coder, phreaker, \____________/ \_ techlab maintenance \____________/ toxic ocean : ,;--------. /___/ \___\ - functions : hacker, coder, phreaker, page / \.,-------, maintenance, techlab maintenance `-------> '--- \_ /___________/ ___ / : _________ hacker : _/ ;--, _\ / \____, \/ ,---< - functions : grafix, ascii's | \________\ |_____\ ,________ liquid-x : \ / ___ ____ \ /---\ `." / - functions : grafix, page maintenance/design \ ' >- --< `-------'__.l,___\ +---------------------------------- board list -------------------------------+ - world headquarters - ___, ,______ ________ / :___ _________ : /---, / -- / / ' < - \_______;_ / / _______/ -,--;_ hc/cum `-----; \___;_____\ / -; / -- >____: \ [= = = ==== : \ ==== < . ---<< \ \_/ -----'-, ==`-----' ==== = = ] ,______\ \________\____\___/___________\ ( H A C K E R T O W N ) number - [+32]-xxxxxxxxxx ö world headquarters cum!! sysop - immortal intruder ö offline - belgian agora - ..... ... ..... : ......... ..... ... __________: .__ : : ....../ _ _ \\_\ __\ -,-----,,-----/--------;_________ : : "---/ \---'" \ ' /__________/ //__ _ : _/ \__________ __>>-- --<<_<__ __<< . ---<< : : : _ _\\________/ ___ \_/ , \ \________\\_\__ \_ : /___________/-----:"-----' : : : : : : ....... .... ..... : : : hc/cum _________; __,__ : number - +32-xxxxxxx : / , / ________:_ _/ ' \\_ _______ sysop - toxic ocean ; /____/ /---/ ___ \_/ \ \-/ -- >>__ _ : belgian agora cum! ...` / ' /___________/____;____> -----'-,......; offline `---------: : /___________\\__ ; : .... ..... ... .... ...... .... - courier zone - . . . . . ų . . . ų . . . ______ ______ ______ ______ ______ ______ ___ _ _______| _|___| _|___| _|_/ ___|___| _|_/ __ _| | _ _ ___ \_\\ \_ | \_ \_ | \____ \_ | \_____ \_ |______\_\__\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | \\___ _ |___| |\___ _ |\___ _ |\___ _ |___| |\___ _ | MtL!<<<<____¬<<<<____¬<<<<____¬<<<<____¬<<<<____¬<<<<____¬<<<<____¬tPY! .... P R O J E C T .... :...........................................................................: number ö [+32]-xxxxxxxxxx - courier zone cum! sysop ö hacker - offline +---------------------------------- other info -------------------------------+ i-net site : http://www.blackhat.be/ e-mail : webmaster@blackhat.be +------------------ we are immune to the system! -------------------+ +--- ascii by hacker for cum / last updated by toxic ocean on 29 Aug 2002 ----+