?
Solved

Nmap how to find wich type of socks is this?

Posted on 2016-10-24
4
Medium Priority
?
165 Views
Last Modified: 2016-11-11
Npam how to find wich type of socks is this?
i use this syntax

nmap -sS -n -Pn --max-retries 1 -T 4 --script socks-open=proxy xxxxxx/xx 

Open in new window


Result:
Can't see if is socks 4 or 5
Nmap scan report for xxxxxxxx
Host is up (0.016s latency).
PORT     STATE    SERVICE
1080/tcp open socks

Open in new window

0
Comment
Question by:john lambert
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 27

Expert Comment

by:skullnobrains
ID: 41857383
nmap does not know and does not perform such detections.

the standard protocol for 1080 is socks proxy
the port being 1080 ca, also be a web server but you can't be sure.

first try and declare the host and port as a socks server and see if it works. if yes, you have your answer.

try and connect with telnet. if you get a banner, you probably have the protocol written in the banner.

nc smtp.gmail.com 25
220 smtp.gmail.com ESMTP f17sm15860558wmf.10 - gsmtp

for banner-less protocols, you'd have to fish and expect to be lucky. often, sending a dummy or empty query will produce a reasonably significant error string that will help you guess.

sending "DUMMY" as a request to a web server produces an error that is obviously HTTP

$ nc -v localhost 80
Connection to localhost 80 port [tcp/http] succeeded!
DUMMY
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>501 Not Implemented</title>
</head><body>
<h1>Not Implemented</h1>
<p>DUMMY to / not supported.<br />
</p>
<hr>
<address>Apache Server at 127.0.1.1 Port 80</address>
</body></html>

in some cases you'd be less lucky. i do not know of a working all-purpose detector ( but many which claim to be able to do so are actually dummies )
0
 

Author Comment

by:john lambert
ID: 41857386
i use windows os , telnet? i need a syntax to test,i need socks 4 not socks 5
0
 
LVL 27

Accepted Solution

by:
skullnobrains earned 2000 total points
ID: 41857399
keep it simple. declare a socks4 server and see if that works. socks is semi-binary protocol so it's a pita to use socks with telnet. note that socks5 servers usually speak socks4
0
 

Author Closing Comment

by:john lambert
ID: 41883939
thank you......
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
This article helps those who get the 0xc004d307 error when trying to rearm (reset the license) Office 2013 in a Virtual Desktop Infrastructure (VDI) and/or those trying to prep the master image for Microsoft Key Management (KMS) activation. (i.e.- C…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question