Solved

Nmap how to find wich type of socks is this?

Posted on 2016-10-24
4
130 Views
Last Modified: 2016-11-11
Npam how to find wich type of socks is this?
i use this syntax

nmap -sS -n -Pn --max-retries 1 -T 4 --script socks-open=proxy xxxxxx/xx 

Open in new window


Result:
Can't see if is socks 4 or 5
Nmap scan report for xxxxxxxx
Host is up (0.016s latency).
PORT     STATE    SERVICE
1080/tcp open socks

Open in new window

0
Comment
Question by:john lambert
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 27

Expert Comment

by:skullnobrains
ID: 41857383
nmap does not know and does not perform such detections.

the standard protocol for 1080 is socks proxy
the port being 1080 ca, also be a web server but you can't be sure.

first try and declare the host and port as a socks server and see if it works. if yes, you have your answer.

try and connect with telnet. if you get a banner, you probably have the protocol written in the banner.

nc smtp.gmail.com 25
220 smtp.gmail.com ESMTP f17sm15860558wmf.10 - gsmtp

for banner-less protocols, you'd have to fish and expect to be lucky. often, sending a dummy or empty query will produce a reasonably significant error string that will help you guess.

sending "DUMMY" as a request to a web server produces an error that is obviously HTTP

$ nc -v localhost 80
Connection to localhost 80 port [tcp/http] succeeded!
DUMMY
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>501 Not Implemented</title>
</head><body>
<h1>Not Implemented</h1>
<p>DUMMY to / not supported.<br />
</p>
<hr>
<address>Apache Server at 127.0.1.1 Port 80</address>
</body></html>

in some cases you'd be less lucky. i do not know of a working all-purpose detector ( but many which claim to be able to do so are actually dummies )
0
 

Author Comment

by:john lambert
ID: 41857386
i use windows os , telnet? i need a syntax to test,i need socks 4 not socks 5
0
 
LVL 27

Accepted Solution

by:
skullnobrains earned 500 total points
ID: 41857399
keep it simple. declare a socks4 server and see if that works. socks is semi-binary protocol so it's a pita to use socks with telnet. note that socks5 servers usually speak socks4
0
 

Author Closing Comment

by:john lambert
ID: 41883939
thank you......
0

Featured Post

PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Possible fixes for Windows 7 and Windows Server 2008 updating problem. Solutions mentioned are from Microsoft themselves. I started a case with them from our Microsoft Silver Partner option to open a case and get direct support from Microsoft. If s…
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
This tutorial will teach you the core code needed to finalize the addition of a watermark to your image. The viewer will use a small PHP class to learn and create a watermark.
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question