6Eyl
bypass upstream proxy’s forbidden website by set up local proxy, why it works?
Question
Proxy server that restricted specific IPs to specific domains. I can bypass theses blocked websites by setup my own local proxy server while using the above proxy server as upstream. What happened? Why it worked?
Context:
- In my company, we use internal network for work, there're some security policies like block external storage cloud, message, social media platform, etc.
- We have static IP, DNS. To connect to outside internet, we must through a proxy server let's call proxy X. Proxy X controlled our connections.
- I want to access these restricted websites.
What I've done
I installed Squid as my local proxy, and using proxy X as upstream proxy. Let's call my local proxy as proxy Y, so that all request that go through proxy Y will go through proxy X. This is the only configuration that I made.
What happens
- when using proxy Y, I can access to these blocked websites.
- from what I saw, in my machine, if I provided hostname (to using local proxy like
http://<host-name>:3128) like loopback addresslocalhost(::1),0.0.0.0,127.0.0.1ormy-computer(10.0.0.x)(another adapter), basically everything but not hostname resolved to my static IP, eg:10.60.100.xwill be able to access to these blocked websites. - the static IP as said above can be generalized to IP that in
10.60.100.0/xsubnet
My guess
- I thought maybe they've config ACL for this subnet and deny access to these blocked domains.
- By using maybe different header when send request to these blocked websites through proxy X by proxy Y, I can access them without restricted. If it's true, what could header be look like? Can I use different method without setup proxy Y.
