[nexpose-users] Nexpose over proxy
Hoyt LLC
h02332 at gmail.com
Tue Jul 6 07:59:11 PDT 2010
Hello-
Topic.. You want to configure NeXpose via Proxy for the purpose of
analysis/abuse...
Suggestion/ Solution:
Create a Router / Switch ACL to drop the SRC traffic to Port 80/443/blah and
redirect it to a proxy of choice..
ACL drops the traffic from the scanner and redirects to [Burp] Proxy... or
whatever you want..
Other examples are to do the same with the ACL and setup PERL Proxy and
write some scripts..
Depends what you want to do with the live stream of data you have.. We like
to use DBI/DBD so we remember where we were.. :-)
Then we connect via Python, Perl, RUBY etc.. to Metasploit and/or
Backtrack.. Hopefully that is enough info to point you in the right
direction... .
ROUTER/SWITCH
-----------------------------
NeXpose ---> ACL -------> (Redirect) Proxy ----> Victim
-Cheers
On Tue, Jul 6, 2010 at 00:43, Jonathan Cran <jcran at 0x0e.org> wrote:
> On Sun, Jul 4, 2010 at 11:11 AM, Mark Manning <mark.manning at gmail.com>
> wrote:
> > I'm wondering if there is a way of using a SOCKS proxy with Nexpose.
> > Specifically I'd like to do an individual scan through a proxy. I
> haven't
> > attempted a proxychains type setup in Linux but I thought I'd ping the
> list
> > to see if someone had advice.
>
> Mark, you can probably guess by the lack of response that there's few,
> if any doing this. It was debated some time ago within the Rapid7
> professional services team and proxychains was the best answer we
> could come up with. It was never implemented.
>
> I'd be interested in your efforts here.
>
> jcran
> _______________________________________________
> http://community.rapid7.com/redmine/projects/nexpose/wiki
> https://mail.metasploit.com/mailman/listinfo/nexpose-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.metasploit.com/pipermail/nexpose-users/attachments/20100706/7a2d92f3/attachment.html>
More information about the nexpose-users
mailing list