I am playing around with a machine from hack the box. I found what appears to be a squid v. 4.6 listening on port 3128. None of my requests works
< HTTP/1.1 400 Bad Request < Server: squid/4.6 < Mime-Version: 1.0 < Date: Fri, 30 Oct 2020 23:27:28 GMT < Content-Type: text/html;charset=utf-8 < Content-Length: 3505 < X-Squid-Error: ERR_INVALID_URL 0 < Vary: Accept-Language < Content-Language: en < X-Cache: MISS from unbalanced < X-Cache-Lookup: NONE from unbalanced:3128 < Via: 1.1 unbalanced (squid/4.6) < Connection: close
Among the possible reasons, the displayed error page mentions that Missing hostname is the most probable one. I am looking for a way to find this (these) domain name(s)
Since this machine is meant to be accessed with a VPN only, there is no point in using DNS crawlers such as
dnsenum. There is no DNS server on this machine nor in this lab environment (that I know of).
There is no
fail2ban nor any brute-force preventing mechanism so I thought about brute forcing the domain name. All the http fuzzers I know allow to fuzz nearly anything except domains. Do you know such a tool of do I need to script it myself?
Do you think of a more straightforward approach?