Script http-open-proxy

Script types: portrule
Categories: default, discovery, external, safe
Download: https://svn.nmap.org/nmap/scripts/http-open-proxy.nse

Script Summary

Checks if an HTTP proxy is open.

The script attempts to connect to www.google.com through the proxy and checks for a valid HTTP response code. Valid HTTP response codes are 200, 301, and 302. If the target is an open proxy, this script causes the target to retrieve a web page from www.google.com.

Script Arguments

proxy.pattern, proxy.url

See the documentation for the proxy library.

Example Usage

nmap --script http-open-proxy.nse \
     --script-args proxy.url=<url>,proxy.pattern=<pattern>

Script Output

Interesting ports on scanme.nmap.org (64.13.134.52):
PORT     STATE SERVICE
8080/tcp open  http-proxy
|  proxy-open-http: Potentially OPEN proxy.
|_ Methods successfully tested: GET HEAD CONNECT

Requires

• proxy
• shortport
• stdnse
• string
• table
• url

---

Author:

• Arturo 'Buanzo' Busleiman

License: Same as Nmap--See https://nmap.org/book/man-legal.html