|
Name |
|
Date |
Size |
#Lines |
LOC |
| .. | | 03-May-2022 | - |
| admin/ | H | 09-Feb-2003 | - | 46,465 | 36,841 |
| yaph/ | H | 03-May-2022 | - | 2,171 | 1,568 |
| AUTHORS | H A D | 09-Feb-2003 | 187 | 9 | 6 |
| COPYING | H A D | 09-Feb-2003 | 14.8 KiB | 281 | 237 |
| ChangeLog | H A D | 09-Feb-2003 | 120 | 3 | 3 |
| INSTALL | H A D | 09-Feb-2003 | 448 | 17 | 14 |
| Makefile.am | H A D | 09-Feb-2003 | 1 KiB | 31 | 15 |
| Makefile.dist | H A D | 02-Nov-2001 | 449 | 15 | 13 |
| Makefile.in | H A D | 09-Feb-2003 | 16.2 KiB | 581 | 466 |
| README | H A D | 09-Feb-2003 | 4.4 KiB | 122 | 90 |
| TODO | H A D | 09-Feb-2003 | 148 | 6 | 4 |
| acinclude.m4 | H A D | 09-Feb-2003 | 157.5 KiB | 5,786 | 5,125 |
| aclocal.m4 | H A D | 09-Feb-2003 | 160.8 KiB | 5,899 | 5,221 |
| config.h.in | H A D | 03-May-2022 | 291 | 15 | 9 |
| configure | H A D | 03-May-2022 | 105.4 KiB | 3,583 | 2,814 |
| configure.files | H A D | 09-Feb-2003 | 16 | 2 | 1 |
| configure.in | H A D | 09-Feb-2003 | 3.1 KiB | 102 | 77 |
| configure.in.in | H A D | 09-Feb-2003 | 3 KiB | 95 | 70 |
| special.m4.in | H A D | 14-Jan-2002 | 3 KiB | 137 | 111 |
| stamp-h.in | H A D | 09-Feb-2003 | 0 | | |
| subdirs | H A D | 09-Feb-2003 | 5 | 2 | 1 |
| yaph.kdevprj | H A D | 09-Feb-2003 | 2.5 KiB | 171 | 144 |
README
1=================================================================
2YAPH - Yet Another Proxy Hunter ver 0.91 README
3
4To get full power of yaph you must have the following programs:
5Nmap http://www.insecure.org/nmap
6ProxyChains http://proxychains.sourceforge.net
7
8General.
9Yaph provides ability to reveal public proxy servers.
10It can search&validate socks v4 , socks v5 and http (connect method) proxy servers.
11HTTP proxy servers are checked for CONNECT method only.
12Validated proxy server is public proxy that can be used for tcp tunneling.
13While using tcp tunneling your IP address stays private.
14The best tools (proxifiers) for tcp tunneling via proxies are :
15ProxyChains (unix) http://proxychains.sourceforge.net
16ProxyCap (win) http://www.proxylabs.com
17
18List cheking.
19Yaph knows to check list of proxy servers to reveal working proxies.
20Supported input formats are:
211. Proxy Hunter format ( the output of proxyhunter ) like:
22 192.168.1.2:8080@HTTP
23 192.168.1.3:8080@SOCKS4
24 192.168.1.4:8080@SOCKS5
252. Proxy Chains format ( as it appears in proxychains.conf) like:
26 http 192.168.1.2 8080
27 socks4 192.168.1.3 1080
28 socks5 192.168.1.4 1080
29
30Network scan.
31Yaph knows to use Nmap to find new proxy servers.
32get nmap from: http://www.insecure.org/nmap
33all nmap features are usable and supported :)
34
35Stealth mode - your IP stays unknown.
36yaph might be run with ProxyCahins to provide source IP hiding for both
37"list cheking" & "network scan"
38
39Tutorial.
40You should be root to run yaph with nmap engine!!!!!.
41To find public proxies is not a trivial task. Port scans are treated as abuse.
42Thus, scan directly from your IP address is not quite a good idea.
43However, there are "stealth" techniques to use yaph:
441. Use nmap scan with 7 or more "decoys", it will make "fake" alarms to IDS.
45 IDS will see that scan comes form many sources (IP) ,
46 while one of them is your real IP.
47 However, it is impossible to say for sure which one is originator of the scan,
48 when all "decoys" are real hosts that are "online" during the scan.
492. Use proxychains to hide your IP, while performing validation check for proxies.
50 in the logs of target host will be shown IP of proxy used, and not yours.
513. Use decoys and proxychains together, to get speed and anonymity.
52 both methods can be used together.
53
54Yet, there is "yaph.conf".
55The .conf file describes some internal configurations that may affect performance of yaph
56You may want to change there some values :)
57The .conf file is well documented also.
58Configuration file lookup is performed by yaph in the following order:
591) ./yaph.conf
602) /etc/yaph.conf
61
62
63
64Some examples for stealth scans:
65
66proxychains yaph -D10.1.1.2,10.2.5.1,10.1.3.2,10.2.5.4 10.0.0.*
67
68 in this example, nmap will scan hosts 10.0.0.1 to 10.0.0.255
69 loking for onpen ports 1080,8080,3128
70 with decoys 10.1.1.2 10.2.5.1 10.1.3.2 10.2.5.4
71 and then validation of open ports will be performed via proxy server
72 defined in proxychains.conf
73
74cat proxy_list.txt | sort | uniq | proxychains yaph --use_hunter_stdin
75
76 in this example, yaph wil validate addresses,
77 listed in proxy_list in proxyhunter syntax,
78 via proxy server defined in proxychains.conf.
79 sort & uniq is useful when your list contains not only unique targets
80 (some tagrets appear more than once) - it will check only unique targets
81
82proxychains yaph -sT -P0 10.0.0.*
83
84 in this example EVERYTHING will go via proxyserver.
85 The nmap scan will go through proxy server!!!
86 Validation of open ports as well
87 scanned hosts are 10.0.0.1 - 10.0.0.255
88 (this is slow, but your IP is never appears in the logs of scanned hosts)
89
90
91Miscelanious examples:
92
93proxychains yaph --use_chains_stdin
94
95 in this example interactive mode is used.
96 just type on your console targets in proxychains format
97 hint: "type" can be "any" to do all checks fot given port
98 like:
99 any 192.168.35.46 5041
100 will check this host:port for http, socks4 and socks5 proxy
101
102proxychains yaph --use_chains_stdin
103
104 in this example interactive mode is used.
105 just type on your console targets in proxyhunter format
106 hint: "type" can be "any" to do all checks fot given port
107 like:
108 192.168.35.46:5041@ANY
109 will check this host:port for http, socks4 and socks5 proxy
110
111Hint:
112 If you are using proxychains set it to "random chain" for more performance
113=========================================================
114
115
116
117
118
119
120
121
122