NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Pen-test> 2009-03

Re: Cisco 3015 concentrator VPN bruteforce? And proxy with easy header rewrite?

From: Wasim Halani (wasimhalanigmail.com)
Date: Fri Mar 13 2009 - 00:56:33 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi Richard,

I believe Burpsuite 1.2 has this feature called 'Match and Replace'
which can replace content based on regular expression. For more info,
visit the link:

http://portswigger.net/proxy/help.html#matchreplace

Regards,

---
Wasim Halani
Security Analyst
Network Intelligence (India) Pvt. Ltd.

----------
People often hate those things which they do not know or cannot
understand. -- Imam Ali (p.b.u.h.)

On Tue, Mar 10, 2009 at 9:16 PM, Richard Miles
<richard.k.milesgooglemail.com> wrote:
>
> Hi Amardeep and Rchard Thomas,
>
> Thank you for the input. Well, I did look at the Paros for example and
> BurpSuite, however I only found a way to do it manualy (request by
> request), and I need a way to do it transparent - without user
> interaction (in the case, I), like a header rewrite on the fly. Ex.:
> Find header "Cookie: user=XXXXXXXXccxcxscscs; tamp=23434732674272" and
> replace it on the fly with "Cookie: user=YYYYYYYccxcxscscs;
> tamp=111111111111111111; admin=1", and we can't forget that the proxy
> have to deal and fix the size of the content-lenght - so just send the
> packet to the webserver.
>
> Not so easy, ahn?
>
> Check for example the manual of Paros, it only explain a manual
> section named: Trapping HTTP requests and responses.
>
> Thanks for the input.
>
> On Tue, Mar 10, 2009 at 6:50 AM, Amardeep Singh
> <Amardeep_Singhsymantec.com> wrote:
> > Paros, Burp, WebScrab are some of the really god options you can try. I
> > know Paros is the easiest to install and get going.
> >
> > Amardeep Singh
> >
> >
> >
> > -----Original Message-----
> > From: listbouncesecurityfocus.com [mailto:listbouncesecurityfocus.com]
> > On Behalf Of Richard Miles
> > Sent: Tuesday, March 10, 2009 3:01 AM
> > To: pen-testsecurityfocus.com
> > Subject: Cisco 3015 concentrator VPN bruteforce? And proxy with easy
> > header rewrite?
> >
> > A bit off-topic: Does anyone know a easy to install and configure web
> > proxy for windows which enable headers rewrite? I need to setup a fast
> > web proxy at my windows box to replace all headers (before they are
> > sent to the webserver) of the "Cookie" field and a proprietary header.
> >
> >
>
>

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]