Wednesday, April 20, 2011

Paros Proxy: An application layer data interceptor

This post is about using Paros Proxy, an application layer proxy server which intercepts all the application layer traffic from a specified port and allows you to modify the content going and coming form different HTTP servers. It is a very useful tool for debuggers designing dynamic websites since it can be used to understand the data being passed. It is a much better tool than Wireshark if complete information about network packets is not needed. Paros is written in java (therefore can be easily used on any OS) and is simple to use. This article will talk about how to install and run Paros with a simple configuration change. Also an example of the potential use of Paros is demonstrated.

You can download Paros from here. Please note that Java Run Time Environment needs to be installed.

Basic Usage

Go to options menu and click on local proxy, specify the address as localhost and a port preferably larger than 1024 (else you will need to start the application with admin privileges). Now point your browser http,https proxy to localhost and port 8080.

Try to browse a website and check HTTP headers in Paros. Request tab displays all the HTTP requests made by the client while response tab displays all the corresponding responses. The more interesting feature is the trap tab which can intercept and 'hold' a page before passing it to a browser. So you can trap a request or a response page and make modifications, drop it or pass it by clicking on the continue button.

You can even send your own http requests by going to tools-->manual request editor. There are some other nice features such as encoding/decoding in base64 scheme tool. (spider) and session tracking

In HTTP there is a field user-agent which contains information about client's browser. Paros modifies this header with its own name. Some sites can flag this as as a request generated by a bot and may not let you enter the site. To prevent this you can change the parameters to run Paros with.  Right click on the Paros icon and click on properties. Append '-jar paros.jar -nouseragent' to Target.

Changing port:

Paros can be set up to listen at whichever port you want it to. The corresponding settings can be found at Tools-->Options-->Local Proxy

Finally here is a small video illustrating the potential use of Paros.

Important Links:
1. Download Paros Proxy
2. Download Java Runtime Environment (JRE)