Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

This exploit doesn't depend on that; 80 might as well be 8000 or 8080(common proxy port) or anything else. Observe that the proxy port can be specified:

    return "PROXY 127.0.0.1:80";}


Don't you still need to run the WPAD "server" on port 80?


Yup. That's why it needs to run on port 80.

I don't think Windows Firewall lets you listen on *:80, but localhost:80 is just fine.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: