1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

***WARNING*** Before you use Proxies you should no this!

Discussion in 'BlackHat Lounge' started by Skyebug77, Apr 6, 2016.

  1. Skyebug77

    Skyebug77 Jr. VIP Jr. VIP

    Joined:
    Mar 22, 2012
    Messages:
    2,192
    Likes Received:
    1,596
    Occupation:
    Marketing
    Location:
    Portland,Or
    This is long, but very well worth it.......

    NEVER EVER USE PUBLIC PROXIES ON YOUR OWN MACHINE!

     
    • Thanks Thanks x 7
    Last edited by a moderator: May 18, 2016
  2. mnunes532

    mnunes532 Supreme Member

    Joined:
    Jan 21, 2014
    Messages:
    1,439
    Likes Received:
    468
    Gender:
    Male
    Location:
    Portugal
    WOW :eek: thanks for the share, never knew it was so easy to make something like this.

    I've already used squid proxy but never used it to harm people this way...
     
  3. Skyebug77

    Skyebug77 Jr. VIP Jr. VIP

    Joined:
    Mar 22, 2012
    Messages:
    2,192
    Likes Received:
    1,596
    Occupation:
    Marketing
    Location:
    Portland,Or
    Yeah I was amazed to learn this. It is crazy how fast this spreads. As an IM using proxies for scraping, I thought it would be good to share this so people are careful.
     
  4. hudsonhicks

    hudsonhicks Junior Member

    Joined:
    Nov 6, 2015
    Messages:
    197
    Likes Received:
    92
    Occupation:
    Chef
    Location:
    UK
    Nothing new here..Man in the middle has been around forever.
    You can have a lot of fun pretending to be a free wifi provider with a laptop and a copy of backtrack linux running :D
     
  5. Skyebug77

    Skyebug77 Jr. VIP Jr. VIP

    Joined:
    Mar 22, 2012
    Messages:
    2,192
    Likes Received:
    1,596
    Occupation:
    Marketing
    Location:
    Portland,Or
    You are right, infact this video has been around a few years. But I think it is worth sharing this because us, Internet Marketers, so easily go grab proxies for different uses, not even thinking about the huge issues thiss can cause them.

    You saw how fast this 1 proxy in the video spread......

    My point of posting this is to make sure that we are doing our best to protect ourselves, so our own accounts and personal information are not stolen, by using a proxy.

    How many people think twice about this at all when they grab proxies? I would lay odds not very many at all. Yet this is a huge issue that still exists.

    There are simple things we can certainly do to protect ourselves while using proxies, and the first is to understand what the real threat is, how it works and protecting ourselves from this.
     
    • Thanks Thanks x 1
    Last edited: Apr 7, 2016
  6. lawnsa23

    lawnsa23 Newbie

    Joined:
    Mar 5, 2016
    Messages:
    15
    Likes Received:
    0
    Hi, can't keep up with him could someone explain?
     
  7. divok

    divok Senior Member

    Joined:
    Jul 21, 2010
    Messages:
    1,067
    Likes Received:
    648
    Location:
    .IN
    he created a public proxy , he created javascript payloads to steal your passwords and cookie using the proxy server .
     
  8. pressrelease

    pressrelease Power Member

    Joined:
    Jan 6, 2016
    Messages:
    676
    Likes Received:
    241
    Location:
    Disneyland
    Can open source VPN could lead the same result.
     
  9. phatzilla

    phatzilla Jr. VIP Jr. VIP

    Joined:
    Apr 9, 2009
    Messages:
    1,388
    Likes Received:
    1,024
    this really only affects you if you use the proxy in a webbrowser. Using it for http requests is harmless -- no js execution.
     
  10. Cratos

    Cratos Jr. VIP Jr. VIP Premium Member

    Joined:
    Aug 16, 2012
    Messages:
    1,888
    Likes Received:
    1,168
    Gender:
    Male
    Occupation:
    SEO
    Location:
    Where The Elite SEOs Dwell
    I might will like to visit espain for sure someday. My ancestors is from der.
     
    • Thanks Thanks x 1
  11. onelettershor

    onelettershor Supreme Member

    Joined:
    Aug 4, 2015
    Messages:
    1,302
    Likes Received:
    447
    Gender:
    Female
    Location:
    Land of sheep
    I don't have time to watch 40 minutes of this can you summarise it for me?
     
  12. Skyebug77

    Skyebug77 Jr. VIP Jr. VIP

    Joined:
    Mar 22, 2012
    Messages:
    2,192
    Likes Received:
    1,596
    Occupation:
    Marketing
    Location:
    Portland,Or
    How many people use bots or other web applications that use webrowser?
     
  13. HoNeYBiRD

    HoNeYBiRD Jr. VIP Jr. VIP

    Joined:
    May 1, 2009
    Messages:
    7,504
    Likes Received:
    8,431
    Gender:
    Male
    Occupation:
    Geographer, Tourism Manager
    Location:
    Ghosted
    Someone already did :)
     
    • Thanks Thanks x 1
  14. Zwielicht

    Zwielicht Moderator Staff Member Moderator Jr. VIP

    Joined:
    Aug 31, 2013
    Messages:
    7,697
    Likes Received:
    13,836
    Gender:
    Male
    Occupation:
    Death
    Location:
    Riverside, California
    Home Page:
    I'm about 16 minutes through it so far, but this guy was actually pretty funny.
     
    • Thanks Thanks x 1
  15. Cratos

    Cratos Jr. VIP Jr. VIP Premium Member

    Joined:
    Aug 16, 2012
    Messages:
    1,888
    Likes Received:
    1,168
    Gender:
    Male
    Occupation:
    SEO
    Location:
    Where The Elite SEOs Dwell
    fuckin hades man. This whole time.. I'm never using proxies on my machine again. Bastards.
     
  16. Skyebug77

    Skyebug77 Jr. VIP Jr. VIP

    Joined:
    Mar 22, 2012
    Messages:
    2,192
    Likes Received:
    1,596
    Occupation:
    Marketing
    Location:
    Portland,Or
    Yeah he is. I was laughing pretty hard through his demo.
     
  17. Skyebug77

    Skyebug77 Jr. VIP Jr. VIP

    Joined:
    Mar 22, 2012
    Messages:
    2,192
    Likes Received:
    1,596
    Occupation:
    Marketing
    Location:
    Portland,Or
    Then he threw the proxy he created into 1 proxy list and within 24 hours that malicious proxy was in more than 1k + proxy lists and essentially anyone that used that proxy was hacked.
     
    Last edited: Apr 7, 2016
  18. Mcrayton

    Mcrayton Newbie

    Joined:
    Dec 21, 2014
    Messages:
    2
    Likes Received:
    0
    Crazy stuff never knew this! Great Share!
     
  19. Skyebug77

    Skyebug77 Jr. VIP Jr. VIP

    Joined:
    Mar 22, 2012
    Messages:
    2,192
    Likes Received:
    1,596
    Occupation:
    Marketing
    Location:
    Portland,Or
    Yep, thought this would benefit everyone here.
     
  20. Cushy Prisons In USA

    Cushy Prisons In USA Registered Member

    Joined:
    Mar 26, 2016
    Messages:
    81
    Likes Received:
    3
    Thanks for the heads up!