Squid - Port 3128
Become VeryLazyTech member! π
Follow us on:
β Twitter @VeryLazyTech.
πΎ Github @VeryLazyTech.
π Medium @VeryLazyTech.
πΊ YouTube @VeryLazyTech.
π© Telegram @VeryLazyTech.
π΅οΈββοΈ My Site @VeryLazyTech.
Visit our shop for e-books and courses. π
Basic info
Port 3128 is widely associated with Squid, a caching and forwarding HTTP web proxy. While it can improve performance and control web access, misconfigured instances can expose systems to security vulnerabilities. In this article, weβll explore how to identify, assess, and safely exploit Squid proxies during a penetration testβstrictly in authorized environments.
π What is Squid Proxy?
Squid is an open-source proxy server that supports HTTP, HTTPS, FTP, and more. It is commonly used for:
Caching frequently accessed web content.
Filtering traffic (e.g., for parental controls or company policies).
Controlling internet usage via ACLs (Access Control Lists).
Squid typically listens on port 3128, though this can be configured.
Enumeration
Use tools like nmap to detect open port 3128 and identify the service:
If Squid is detected, note its version.
Banner Grabbing
Type something like GET http://example.com HTTP/1.0 to see if it responds. A valid response indicates the proxy is open or misconfigured.
Checking for Open Proxy
Use curl to see if you can proxy through it:
If you get a successful response, the proxy is likely open.
Internal Network Access via Proxy
Try accessing internal IP ranges:
If successful, the proxy is leaking internal network dataβcritical misconfiguration.
Using ProxyChains
Configure /etc/proxychains.conf and run:
This shows if the proxy can be abused to scan internal networks.
SPOSE Scanner
Alternatively, the Squid Pivoting Open Port Scanner (spose.py) can be used.
Learn & practice For the Bug Bounty
Last updated
Was this helpful?