htun tunnels IP traffic transparently over HTTP or TCP.
htun is a transparent tunnel for transporting IP traffic over HTTP or TCP.
It was developed with situations in mind where traffic to the internet is restricted. For instance, some networks don't allow traffic to the internet at all and require you to go through an HTTP proxy. htun enables you to get full internet access in those situations (all ports, all protocols). It also supports using a SOCKS proxy.
Obviously, performance takes a huge hit. So it is meant for some light browsing or downloading small files sporadically. Expect transfer rates to be cut by a factor of up to 100.
Also, it is not encrypted by default. It is recommended to put another tunnel on top, such as Wireguard.
Since python-pytun is required, which is a non-portable module, this will only run on Linux.
Requirements
To run htun, you need Python3 and the following modules:
- urllib3==1.24
- python_pytun==2.2.1
- pytun==1.0.1
- SocksiPy_branch==1.01
Recommended:
- hexdump==3.3
Usage
The script needs to be run with root privileges both on the server and the client. On the server, run:
./htun.py --server
On the client, run:
./htun.py --uri <SERVER URI>
By default, it uses HTTP on port 80 and the IP addresses 10.13.37.1 and 10.13.37.2 for the client and the server, respectively.
For all options, run ./htun.py --help:
usage: htun.py [-h] [--debug] [--client-addr CADDR] [--server-addr SADDR]
[--tun-netmask TMASK] [--tun-mtu TMTU] [--tun-timeout TIMEOUT]
[--route-subnet RSUBNET] [--proxy PROXY] [--username USERNAME]
[--password PASSWORD] [--listen-port LPORT] [--bind-ip BINDIP]
(--server [{http,tcp}] | --uri URI)
htun tunnels IP traffic transparently over HTTP or TCP (author: Adrian
Vollmer)
optional arguments:
-h, --help show this help message and exit
--debug, -d debug flag to true (default: False)
--client-addr CADDR, -c CADDR
tunnel local address (default: 10.13.37.1)
--server-addr SADDR, -s SADDR
tunnel destination address (default: 10.13.37.2)
--tun-netmask TMASK, -m TMASK
tunnel netmask (default: 255.255.255.0)
--tun-mtu TMTU tunnel MTU (default: 1500)
--tun-timeout TIMEOUT
r/w timeout in seconds (default: 1)
--route-subnet RSUBNET, -n RSUBNET
subnet to be routed via tunnel (default: None)
--proxy PROXY, -P PROXY
proxy URI (<proto>://<host>:<port>) (default: None)
--username USERNAME, -u USERNAME
username for HTTP proxy basic authentication (default:
None)
--password PASSWORD, -W PASSWORD
password for HTTP proxy basic authentication (default:
None)
--listen-port LPORT, -p LPORT
listen port of the server component (default: 80)
--bind-ip BINDIP, -b BINDIP
bind IP address of the server component (default:
0.0.0.0)
--server [SERVER] local port and bind address (http, tcp)
(default: http)
--uri URI remote URI (<proto>://<host>[:<port>]) (default: None)
Examples
TCP Tunnel
To use a TCP tunnel on port 443, run
./htun.py --server tcp -p 443
on the server side and
./htun.py --uri tcp://<host>:443
on the client side. Now the client can reach the server via the IP address 10.13.37.2
SOCKS Proxy
To use HTTP over a SOCKS5 proxy on port 5000, run
./htun.py --server
on the server side and
./htun.py --uri http://<host> --proxy socks5://<proxy-host>:5000
on the client side.
Proxy Authentication
Proxies using basic authentication are supported (but yet untested).
A proxy requiring NTLM authentication is not supported because python-urllib3 does not support NTLM. It is suggested to use cntlm as an additional SOCKS proxy.
Performance
Performance over a TCP tunnel is much better than over an HTTP tunnel. Expect several orders of magnitude in degradation of the connection when using HTTP.
Example downloading 713k bytes without the tunnel:
$ curl https://example.com/example.png > /dev/null
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 713k 100 713k 0 0 2680k 0 --:--:-- --:--:-- --:--:-- 2680k
Downloading the same file with an HTTP tunnel:
$ curl https://example.com/example.png > /dev/null
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 713k 100 713k 0 0 12177 0 0:00:59 0:00:59 --:--:-- 16590
With a TCP tunnel it's at least around 3% of the original speed:
$ curl https://example.com/example.png > /dev/null
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 713k 100 713k 0 0 37640 0 0:00:19 0:00:19 --:--:-- 41086from https://github.com/AdrianVollmer/htun
------------
Tunnel tcp connection through http in Python.
HTTP TUNNEL
A program to tunnel TCP connection through HTTP connection
Usage:
The program is useful when you has a client behind a firewall which only allows HTTP connections or connections to standard ports such as port 80 of HTTP. You will need a remote server outside of the firewall.
Tunnel Server
Start the tunneld server on a remote machine. The server listens on a port specified by parameter -p for HTTP connection from a client program.
python tunneld.py -p <listen_port>
The server then read the HTTP payload and send it to the target using TCP connection. The target is specified by the client when establishing the tunnel.
Usually, tunneling will actually be useful when you use the default HTTP port 80 so that the connection from tunnel client to tunnel server is not blocked by firewall.
Tunnel Client
Start the tunnel client which listen on the local machine. The command needs local port parameter, the remote tunnel server and its port, and the target that the client want to connect to.
python tunnel.py -p <client_port> -r <tunnel_server_host>:<tunnel_server_port> <target_host>:<target_port>
When this command is executed, the client sends a http request to establish the tunnel with the remote tunnel server. The tunnel server will then establish a TCP connection with the target server.
Example
To connect to irc server using the tunnel:
# 1. on server machine (remote_host)
python tunneld.py -p 80
# 2. on client machine:
python tunnel.py -p 8765 -r remote_host:80 irc.freenode.net:6667
# 3. on the client machine, test the tunnel connection using netcat
nc 127.0.0.1 8765
# send irc NICK command to the connection and see the response back from
the irc server
NICK abc
Credit:
This project was inspired by supertunnel project
from https://github.com/khuevu/http-tunnel
------
HTTP tunnel not using websockets.
http-tunnel
http-tunnel is client and server application which allows tunneling any TCP connection trought HTTP requests and responses. It does not use WebSocket so it can pass even restrictive HTTP proxies. Each packet is according to direction encoded as address in GET request or as one line of plain text response. It can be used in combination with SHH server with port forwarding enabled or with SOCKS proxy server to relay internet connectivity to restricted environment.
Features
- tries to establish keep alive connection and thus reduce latency
- encodes all packets using base64 to pretend plain text content
- encrypts all packets using AES
- is able to multiplex many TCP connections in one HTTP tunnel
- dynamically changes request rate according to activity in all connections
Drawbacks
- server is not able to serve more clients at the same time (however it is possible to run multiple instances on different base addresses using Nginx)
- does not handle packet loss in any way (so TCP connection may get corrupted and it depend on application layer whether it can detect such situation)
Compilation
http-tunnel requires POCO libraries. On Debian libpoco-dev package is required for compilation. Run make in Tunnel/Release directory to compile.
Usage
Both client and server can be run using same executable by supplying appropriate arguments. Command line arguments are following:
- -P, --proxy=PORT starts http-tunnel in client mode, in this mode TCP connections are accepted at selected port and tunneled by outgoing HTTP connection
- -R, --relay=PORT starts http-tunnel in server mode, in this mode HTTP server is started and tunneled TCP connections are relayed to selected port at localhost
- -t, --timeout=SECONDS sets time in seconds after which is an inactive connection closed, default is 300 seconds
- -s, --password=STRING sets the key for AES encryption, any string of any length can be used, it is highly recommended to set it, default value is yK!xhk+S*59fnJua
- -h, --host=HOSTNAME sets hostname of the relay server in client mode, is not used in server mode
- -p, --port=PORT sets HTTP server port in both modes, default is 80
- -b, --base=ADDRESS sets base URL at which tunnel is mapped in both modes, defaults to /
- -f, --fake=HOSTNAME sets hostname to use in host field of HTTP request, defaults to real hostname
- -v, --verbosity=LEVEL sets logger verbosity, 0 disables logging, 8 is the most verbose, default is 0
Docker
http-tunnel can be run in Docker as image jvanik/http-tunnel. Use same arguments as if running without Docker.
from https://github.com/jakub-vanik/http-tunnel
-----
Simple tunneling using HTTP packets.
HTTPTunnel
Simple tunneling using HTTP protocol to encapsulate data.
Under Development
I needed to understand an HTTP protocol based tunnel better, so I wrote one based on information in a Wiki (https://en.wikipedia.org/wiki/HTTP_tunel) and the proof of concept it references (https://github.com/luizluca/bridge) which was Ruby based.
from https://github.com/lesterpotter/HTTPTunnel
----
https://github.com/scotow/goxy
----
tcp_over_http_proxy
http CONNECT tunnel
Install
go get -u -v github.com/iikira/tcp_over_http_proxy
Config example
# listen
LocalAddr="0.0.0.0:1252";
# remote HTTP proxy
DestAddr="112.2.247.193:8080";
# remote HTTP proxy custom header
Headers="Proxy-Connecton:keep-alive\r\n";from https://github.com/iikira/tcp_over_http_proxy
-----
HTTP tunnel on top of aiohttp and asyncio.
Aiotunnel
Yet another HTTP tunnel, supports two modes; a direct one which open a local port on the host machine and redirect all TCP data to the remote side of the tunnel, which actually connect to the desired URL. A second one which require the client part to run on the target system we want to expose, the server side on a (arguably) public machine (e.g. an AWS EC2) which expose a port to communicate to our target system through HTTP.
Quickstart
Let's suppose we have a machine located at 10.5.0.240 that we want to expose SSH access and a server on which we have free access located at 10.5.0.10; we really don't know if port 22 on 10.5.0.240 is already exposed or if the IP address will change, we actually don't care because once set the server address, it will retrieve all incoming commands via HTTP GET requests to our known server.
10.0.50.15 <----> (TCP) 8888:10.5.0.10:8080 (HTTP) <----> 10.5.0.240:22
So just run the tunneld on the server at 10.5.0.10 (you probably want to daemonize it through NOHUP or by creating a systemd service) in reverse mode:
doe@10.5.0.10:~$ aiotunnel server -r
======== Running on http://0.0.0.0:8080 ========
(Press CTRL+C to quit)On the target machine at 10.5.0.240 run the client bound to the service we want to expose (SSH in this case but could be anything):
doe@10.5.0.240:~$ aiotunnel client --server-addr 10.5.0.10 --server-port 8080 -A localhost -P 22 -r
[2018-10-14 22:20:45,806] Opening a connection with 127.0.0.1:22 and 0.0.0.0:8888 over HTTP
[2018-10-14 22:20:45,831] 0.0.0.0:8888 over HTTP to http://10.5.0.10:8080/aiotunnel
[2018-10-14 22:20:45,832] Obtained a client id: aeb7cfc6-3de3-4bc1-b769-b81641d496ebNow we're ready to open an SSH session to 10.5.0.10 even in the case of a closed 22 port or a different IP address.
doe@10.5.0.15:~$ ssh doe@10.5.0.10 -p 8888
Welcome to Linux 4.19.0-1-MANJARO
Last login: Thu Feb 11 17:28:20 2016
doe@10.5.0.240:~$A more common approach is to use the tunnel without -r/--reverse flag. In this case we actually have the port 22 exposed on the target system, but our network do not permit traffic over SSH. In this case we use a known server as a proxy to demand the actual SSH connection to him, while we communicate with him by using HTTP requests:
POSTto establish the connectionPUTto send dataGETto read responsesDELETEto close the connection
So on our known server located at 10.5.0.10 we start a tunneld process
doe@10.5.0.10:~$ aiotunnel server
======== Running on http://0.0.0.0:8080 ========
(Press CTRL+C to quit)On the network-constrainted machine we start a tunnel instance
doe@10.5.0.5:~$ aiotunnel -A 10.0.5.240 -P 22
[2018-10-15 00:58:41,744] Opening local port 8888 and 10.0.5.240:22 over HTTPAnd we're good to go.
It's possible to use the Dockerfile to build an image and run it in a container, default start with a command aiotunnel server -r, easily overridable.
doe@10.5.0.240:~$ docker build -t aiotunnel /path/to/aiotunnel
doe@10.5.0.240:~$ docker run --rm --network host aiotunnel aiotunnel client --server-addr 10.5.0.10 --server-port 8080 -A localhost -p 22 -rSecurity
SSL/TLS is supported, just set certificates cain and ca in the configuration or by the CLI process to encrypt the communication and use HTTPS (defaulting on port 8443 instead of 8080)
doe@10.5.0.10:~$ aiotunnel server -r --ca /path/to/ca.crt --cert /path/to/cert.crt --key
/path/to/keyfile.key
======== Running on https://0.0.0.0:8443 ========And client side
doe@10.5.0.240:~$ aiotunnel client -A 127.0.0.1 -P 22 --ca /path/to/ca.crt --cert
/path/to/cert.crt --key /path/to/keyfile.key
[2018-10-18 22:20:45,806] Opening a connection with 127.0.0.1:22 and 0.0.0.0:8888 over HTTPS
[2018-10-18 22:20:45,831] 0.0.0.0:8888 over HTTPS to https://10.5.0.10:8443/aiotunnel
[2018-10-18 22:20:45,832] Obtained a client id: aeb7dfc4-3da3-4wc1-b769-n81621db96ebInstallation
Clone the repository and install it locally or play with it using python -i or ipython.
$ git clone https://github.com/codepr/aiotunnel.git
$ cd aiotunnel
$ pip install .
or, to skip cloning part
$ pip install git+https://github.com/codepr/aiotunnel.git@master#egg=aiotunnelfrom https://github.com/codepr/aiotunnel-----相关帖子:https://briteming.blogspot.com/2019/06/linuxvpnhtun.html
No comments:
Post a Comment