> ## Documentation Index
> Fetch the complete documentation index at: https://docs.bytejmp.com/llms.txt
> Use this file to discover all available pages before exploring further.

# 3128 - Squid Proxy

> Squid proxy detection and exploitation: service fingerprinting and internal port scanning through the proxy.

## Service Detection

```bash theme={"dark"}
nmap -p3128 -sC -sV -Pn TARGET
```

**Example**

```bash theme={"dark"}
PORT     STATE SERVICE    VERSION
3128/tcp open  http-proxy Squid http proxy 4.14
|_http-server-header: squid/4.14
|_http-title: ERROR: The requested URL could not be retrieved
```

***

## Internal Port Scanning via Squid

### Spose: Squid Port Scanner

[https://github.com/aancw/spose](https://github.com/aancw/spose)

```bash theme={"dark"}
git clone https://github.com/aancw/spose.git
cd spose
python3 spose.py --proxy TARGET:3128 --target INTERNAL_IP
```

**Example output**

```shellscript theme={"dark"}
10.10.10.5:3306 seems OPEN
10.10.10.5:8080 seems OPEN
```
