Butter Dev Logo
Search:   

July 9, 2008

Google Ratproxy – Part 2 (Running and Using Ratproxy)

In my first Ratproxy post I provided instructions on building Ratproxy in a Windows/Cygwin environment.  In this post I will discuss running and using Ratproxy in a Windows/Cygwin environment. 

Run the Ratproxy executable (ratproxy.exe):

  1. Open a windows command prompt in the directory where ratproxy.exe lives.
  2. Enter: ratproxy.exe -v C:\cygwin -w ratproxy.log -p 8282 -d yourdomain.com -lfscm.  The -p parameter specifies the port that Ratproxy will use  (by default Ratproxy will use 8080) and the -d specifies the domain we will be testing (obviously enter your own domain here).  The rest of the parameters are straightforward and can be reviewed in the official documentation

Configure your browser to use Ratproxy:

Now that Ratproxy is running you need to configure your browser to use the proxy.

Internet Explorer 7

  1. Tools > Internet Options
  2. Connections  > LAN Settings
  3. Select ‘Use a proxy server for your LAN’
  4. Address: The location where Ratproxy is running (localhost or 127.0.0.1 should work).
  5. Port: The port you chose to bind Ratproxy to (in this example 8282). 
  6. Now close and open a fresh browser window. 

Firefox 3.0

  1. Tools > Options
  2. Network > Settings
  3. Select ‘Manual proxy configuration’
  4. HTTP Proxy: The location where Ratproxy is running (localhost or 127.0.0.1 should work).
  5. Port: The port you chose to bind Ratproxy to (in this example 8282). 
  6. Now close and open a fresh browser window. 

If you don’t have this configured correctly or if Ratproxy is not running your browser will display an error indicating that the proxy server refused connection.

Do Stuff – and let Ratproxy do the hard work!:

That’s it.  Now all you need to do is step through your website highlighting the main errors that you think may be vulnerable.  Ratproxy will be tracking your session behind the scenes. 

Generate a formatted HTML report of Ratproxy findings:

  1. Open the Cygwin bash shell.
  2. cd to the ratproxy directory
  3. Enter: sh ratproxy-report.sh ratproxy.log > report.html

Ratproxy will generate a nicely formatted HTML report.  That is all for this post, I hope it was helpful.

 

10 responses to “Google Ratproxy – Part 2 (Running and Using Ratproxy)”

  1. Chris says:

    David,

    On my Windows+cygwin environment, I was able to setup cygwin and ratproxy properly, and run ratproxy with no issues. Now I’m trying to run ratproxy-report.sh via a cygwin bash, but am getting these errors when I run “./ratproxy-report.sh ratproxy.log>report.html”:

    ./ratproxy-report.sh: line 29: $’\r’: command not found
    ./ratproxy-report.sh: line 230: syntax error near unexpected token ‘elif’
    ./ratproxy-report.sh: line 230: ‘ elif [ “$severity” = “2” ]; then

    I’ve looked through the ratproxy-report.sh file, and it looks fine there. Even when I try running ratproxy-report.sh without any arguments, I still those errors; I would have expected to get something like:

    Usage: $0 ratproxy.log

    I’m wondering if there is something in cygwin I need installed, but I can’t think of any. I’ve gone over your part 1 and part 2 posts several times, and the ratproxy doc a few times as well. Any thoughts? I’m sure it’s something little and silly because it usually is 🙂

  2. My guess is that it is an issue with windows line break characters in the script (the \r is suspicious as that is not a valid unix line feed). Try running dos2unix (should be in your cygwin bin) or opening the file in a text editor that will allow you to easily replace the windows line breaks with *nix line breaks.

    You shouldn’t have this problem unless you attempted to open and save the script that came with the ratproxy install.

  3. Chris says:

    You rock David – that did it!

  4. Chris says:

    Let me be specific in what resolved it – I went back to the cygwin installer, and on the “Choose Installation Directory”, select DOS/text for the Default Text File Type.

  5. Rob says:

    Thanks so much for this tutorial. Great Job!!!

  6. Mary says:

    Great tutorial- have ratproxy running and it’s doing a great job auditing servers. Thanks!

  7. Anne says:

    I have configurate Windows+cygwin environment and I’m trying to run ratproxy-report.sh in cygwin, but am getting this error when I run “./ratproxy-report.sh ratproxy.log>report.html”:

    /usr/bin/sh: /usr/bin/awk: Not such file or directory
    /usr/bin/sh: /usr/bin/awk: Not such file or directory

    and the report is empty 🙁

    Can you help me please??

  8. David says:

    I sent Anne a message and she never responded.

  9. Abhijat says:

    Hi David,

    I performed all steps as mentioned in Part 1 and 2. But looks like Ratproxy is not working.

    Problem is that I am not getting connected to my server to making ratproxy work:

    Below is the error:

    C:\cygwin\ratproxy>ratproxy.exe -v C:\cygwin -w ratproxy.log -p 8282 -d mybank.
    com -lfscm
    ratproxy version 1.58-beta by
    [*] Proxy configured successfully. Have fun, and please do not be evil.
    [+] Accepting connections on port 8282/tcp (local only)…
    [!] WARNING: Connection to target failed.
    [!] WARNING: Connection to target failed.

    Note I am using a web proxy server to access internet.

    Even when I change the proxy settings in IE as localhost as proxy and 8282 as port to ge connected to rat proxy. I cannot browse internet to my site.

    Please help me out.

    Thanks,
    Abhijat
    I am sure there should be some option to tell ratproxy to get directed to my web proxy server, as it is with anyother web proxies scanners like webscarb or burp. I couldn’t found any place where should I mention my proxy settings.

  10. Abhijat says:

    Ooops I got it, it had to be like this
    C:\cygwin\ratproxy>ratproxy.exe -v C:\cygwin -w ratproxy.log -p 8282 -d mybank.
    com -P : -lfscm

    I missed the option.

    Anyways I appreciate the work. Ratproxy logs are more elaborative.

Leave a Reply

Optimization WordPress Plugins & Solutions by W3 EDGE