Wednesday, April 20, 2011

Paros Proxy: An application layer data interceptor

This post is about using Paros Proxy, an application layer proxy server which intercepts all the application layer traffic from a specified port and allows you to modify the content going and coming form different HTTP servers. It is a very useful tool for debuggers designing dynamic websites since it can be used to understand the data being passed. It is a much better tool than Wireshark if complete information about network packets is not needed. Paros is written in java (therefore can be easily used on any OS) and is simple to use. This article will talk about how to install and run Paros with a simple configuration change. Also an example of the potential use of Paros is demonstrated.

You can download Paros from here. Please note that Java Run Time Environment needs to be installed.

Basic Usage


Go to options menu and click on local proxy, specify the address as localhost and a port preferably larger than 1024 (else you will need to start the application with admin privileges). Now point your browser http,https proxy to localhost and port 8080.



Try to browse a website and check HTTP headers in Paros. Request tab displays all the HTTP requests made by the client while response tab displays all the corresponding responses. The more interesting feature is the trap tab which can intercept and 'hold' a page before passing it to a browser. So you can trap a request or a response page and make modifications, drop it or pass it by clicking on the continue button.

You can even send your own http requests by going to tools-->manual request editor. There are some other nice features such as encoding/decoding in base64 scheme tool. (spider) and session tracking






In HTTP there is a field user-agent which contains information about client's browser. Paros modifies this header with its own name. Some sites can flag this as as a request generated by a bot and may not let you enter the site. To prevent this you can change the parameters to run Paros with.  Right click on the Paros icon and click on properties. Append '-jar paros.jar -nouseragent' to Target.





Changing port:

Paros can be set up to listen at whichever port you want it to. The corresponding settings can be found at Tools-->Options-->Local Proxy



Finally here is a small video illustrating the potential use of Paros.





Important Links:
1. Download Paros Proxy
2. Download Java Runtime Environment (JRE)

5 comments:

  1. Hello, is there an easy method to script and modify in automatic a http response before it reaches the browser? For example, I want to be able to pre-insert some values inside a web form that would appear empty otherwise.

    Please comment.

    ReplyDelete
    Replies
    1. If you want to do it only once, then paros proxy is a wonderful tool. Then firebug is a great addon for firefox. IF you want to do it repeatedly try the addons Modify-response
      https://addons.mozilla.org/en-US/firefox/addon/modify-response/

      or Tamper data
      https://addons.mozilla.org/en-US/firefox/addon/tamper-data/

      do try and tell me!

      Delete
  2. Hello, is there an easy method to script and modify in automatic a http response before it reaches the browser? For example, I want to be able to pre-insert some values inside a web form that would appear empty otherwise.

    Please comment.

    ReplyDelete
  3. It is very nice to use proxy to access blocked sites but student don't know about proxies so I have also very useful link you just no need proxy put your site witch are blocked in your place and you get access through it.
    Akinator UK proxy

    ReplyDelete