aploium / shootback Goto Github PK

View Code? Open in Web Editor NEW

955.0 955.0 237.0 249 KB

a reverse TCP tunnel let you access target behind NAT or firewall

License: MIT License

Python 100.00%

reverse reverse-tcp-tunnel tcp tunnel

shootback's People

Contributors

Stargazers

Watchers

Forkers

gitli2015 dicivenni zeropool dy47 yueguangguang winning1120xx juncojet shekkbuilder agahlot withkhw furusiyya olivierh59500 minkione kwiha markrey techlord-rce michalkoczwara opexxx ydc1992 benheise psuedoelastic sudowright bash-sec m00zh33 icakir xahhfork mrlobic itsns connlan mayidudu siowcy xlong88 ognz urandu darg0001 johnjohnsp1 samyoyo jack51706 xymantec rajivraj kurtdegreeff kaicastledine dinamite01 songofhack baggiowangyu securitywarrior zjuchenyuan quivalen jnaulty w796933 ryankomodo y4b41 decolnz plishu bypasscc jwthanh puppycodes team-firebugs iamtutu hardw00t clicknull faltifo binihao5bei wxlg1117 hanggecrazy frailleon zoenbo thanatoskira feniczy orinocoz princeofdream alaamub yansre p01ice heikipikker wanghuafeng gijonhoo otis4631 ustbgaofan whtt 3wapp jeferwang zard777 zhsso unoffices ykbj niithub liujian883 nbzdwss78 spensercai codedad1983 lianfei rettier woodywanghg billxq av1080p daimonster jovigb xuduofeng orangle

shootback's Issues

SSL support

Modern security standards do not support old/weak short ssl key/cert setups. I also encountered other issues which I had to fix. Also there must be a way to make it work with self-signed cert. Can you make the changes in your code?

I really like this project. The code is robust. You have done a wonderful job. I am using this in stead of ssh as some virtual environment I work with block ssh connections.

For this to work i had to make these changes

Slaver :
def _make_ssl_context(self):
if ssl is None:
log.warning('ssl module is NOT valid in this machine! Fallback to plain')
return None

    ctx = ssl.create_default_context(ssl.Purpose.SERVER_AUTH)
    ctx.check_hostname = False
    ctx.verify_mode = ssl.CERT_NONE

    return ctx

Master:
def _make_ssl_context(self):
if ssl is None:
log.warning('ssl module is NOT valid in this machine! Fallback to plain')
return None
ctx = ssl.create_default_context(ssl.Purpose.CLIENT_AUTH)
ctx.check_hostname = False
ctx.verify_mode = ssl.CERT_NONE

    ctx.set_ciphers('DEFAULT@SECLEVEL=1')

    _certfile = tempfile.mktemp()
    with open(_certfile, 'w') as fw:
        fw.write(_DEFAULT_SSL_CERT)
    _keyfile = tempfile.mktemp()
    with open(_keyfile, 'w') as fw:
        fw.write(_DEFAULT_SSL_KEY)
    ctx.load_cert_chain(_certfile, _keyfile)
    os.remove(_certfile)
    os.remove(_keyfile)

    return ctx

Without these modifications, I could not get this to work.

I would request you to modify the code in line with modern standards. Also is it possible to make it work with self-signed cert?

centos7.5作为slaver，连接成功后数据不通

问题：

centos7.5作为slaver，master和slaver是能连接通的，但是报了以下错误信息，求助解决方案？
但是以下master和slaver调换一下就没有问题，centos7.5作为master，mac作为slaver，一切正常；

服务器系统

master：macOs High Sierra
slaver：centos7.5

报错信息

master

➜ shootback [master] python3 master.py -m 0.0.0.0:10000 -c 0.0.0.0:20000
[INFO 2018-07-27 15:00:42,478] shootback 2.2.8-r13 running as master
[INFO 2018-07-27 15:00:42,478] author: Aploium <[email protected]>  site: https://github.com/aploium/shootback
[INFO 2018-07-27 15:00:42,478] slaver from: 0.0.0.0:10000 customer from: 0.0.0.0:20000
[INFO 2018-07-27 15:00:42,479] heart beat daemon start, delay: 30s
[INFO 2018-07-27 15:00:42,479] Listening for slavers: 0.0.0.0:10000
[INFO 2018-07-27 15:00:42,479] Listening for customers: 0.0.0.0:20000
[INFO 2018-07-27 15:00:42,480] SocketBridge daemon started
[INFO 2018-07-27 15:00:44,830] Got slaver 192.168.94.133:33930 Total: 1
[INFO 2018-07-27 15:00:44,833] Got slaver 192.168.94.133:33932 Total: 2
[INFO 2018-07-27 15:00:44,835] Got slaver 192.168.94.133:33934 Total: 3
[INFO 2018-07-27 15:00:44,838] Got slaver 192.168.94.133:33936 Total: 4
[INFO 2018-07-27 15:00:44,842] Got slaver 192.168.94.133:33938 Total: 5
[WARNING 2018-07-27 15:01:12,488] error during heartbeat to 192.168.94.133:33930: received zero bytes, socket was closed
[WARNING 2018-07-27 15:01:12,497] heart beat failed: 192.168.94.133:33930, time: 11.61ms
[WARNING 2018-07-27 15:01:12,502] error during heartbeat to 192.168.94.133:33932: received zero bytes, socket was closed
[WARNING 2018-07-27 15:01:12,503] heart beat failed: 192.168.94.133:33932, time: 5.76ms
[WARNING 2018-07-27 15:01:12,513] error during heartbeat to 192.168.94.133:33934: received zero bytes, socket was closed
[WARNING 2018-07-27 15:01:12,514] heart beat failed: 192.168.94.133:33934, time: 10.53ms
[WARNING 2018-07-27 15:01:12,525] error during heartbeat to 192.168.94.133:33936: received zero bytes, socket was closed
[WARNING 2018-07-27 15:01:12,525] heart beat failed: 192.168.94.133:33936, time: 11.58ms
[WARNING 2018-07-27 15:01:12,531] error during heartbeat to 192.168.94.133:33938: received zero bytes, socket was closed
[WARNING 2018-07-27 15:01:12,531] heart beat failed: 192.168.94.133:33938, time: 5.74ms
[WARNING 2018-07-27 15:01:12,531] heart_beat_daemon: sorry, no slaver available, keep sleeping
[INFO 2018-07-27 15:01:12,565] Got slaver 192.168.94.133:33940 Total: 1
[INFO 2018-07-27 15:01:12,581] Got slaver 192.168.94.133:33942 Total: 2

slaver：

➜ shootback git:(master) python slaver.py -m 192.168.98.178:10000 -t 0.0.0.0:80
[INFO 2018-07-27 15:00:44,811] shootback 2.2.8-r13 slaver running
[INFO 2018-07-27 15:00:44,812] author: Aploium <[email protected]>  site: https://github.com/aploium/shootback
[INFO 2018-07-27 15:00:44,812] Master: 192.168.98.178:10000
[INFO 2018-07-27 15:00:44,812] Target: 0.0.0.0:80
[INFO 2018-07-27 15:00:44,812] running as slaver, master addr: 192.168.98.178:10000 target: 0.0.0.0:80
[INFO 2018-07-27 15:00:44,812] SocketBridge daemon started
[INFO 2018-07-27 15:00:44,820] connected to master[192.168.98.178:10000] at 192.168.94.133:33930 total: 1
[INFO 2018-07-27 15:00:44,823] connected to master[192.168.98.178:10000] at 192.168.94.133:33932 total: 2
[INFO 2018-07-27 15:00:44,825] connected to master[192.168.98.178:10000] at 192.168.94.133:33934 total: 3
[INFO 2018-07-27 15:00:44,828] connected to master[192.168.98.178:10000] at 192.168.94.133:33936 total: 4
[INFO 2018-07-27 15:00:44,832] connected to master[192.168.98.178:10000] at 192.168.94.133:33938 total: 5
[WARNING 2018-07-27 15:01:12,478] bad handshake or timeout between: 192.168.98.178:10000 and 192.168.94.133:33930
[WARNING 2018-07-27 15:01:12,478] a slaver[192.168.94.133:33930] abort due to handshake error or timeout
[WARNING 2018-07-27 15:01:12,491] bad handshake or timeout between: 192.168.98.178:10000 and 192.168.94.133:33932
[WARNING 2018-07-27 15:01:12,491] a slaver[192.168.94.133:33932] abort due to handshake error or timeout
[WARNING 2018-07-27 15:01:12,499] bad handshake or timeout between: 192.168.98.178:10000 and 192.168.94.133:33934
[WARNING 2018-07-27 15:01:12,500] a slaver[192.168.94.133:33934] abort due to handshake error or timeout
[WARNING 2018-07-27 15:01:12,515] bad handshake or timeout between: 192.168.98.178:10000 and 192.168.94.133:33936
[WARNING 2018-07-27 15:01:12,515] a slaver[192.168.94.133:33936] abort due to handshake error or timeout
[WARNING 2018-07-27 15:01:12,521] bad handshake or timeout between: 192.168.98.178:10000 and 192.168.94.133:33938
[WARNING 2018-07-27 15:01:12,521] a slaver[192.168.94.133:33938] abort due to handshake error or timeout
[INFO 2018-07-27 15:01:12,553] connected to master[192.168.98.178:10000] at 192.168.94.133:33940 total: 1
[INFO 2018-07-27 15:01:12,567] connected to master[192.168.98.178:10000] at 192.168.94.133:33942 total: 2

当网络较差甚至断开时, 无法自动重连

当服务端断网再恢复网络或者强行关闭再启动服务器端, 客户端无法重连上来.
当客户端断网恢复或更换IP地址后, 也无法自动连上服务端
需要重启服务端/客户端才可以

Why not just use SSH?

Or socat, or netcat, or... :)

How to synchronize the code of the intranet server on the extranet server through git?

公网服务器运行master.py，内网pc运行slaver.py，为什么slaver.py无法连接公网服务器

怎么关闭

关闭时，有时端口被占用，建议：有masterstart.py 和 masterstop.py 管理进程

这工具能用来翻墙吗

NOT an issue but question

how to access all open port services from local to client, because there are many port such as rdp, flask, some services at different ports etc. how to use ip virtualisation such as use domain instead of ip and local server can be accessed anywhere

slaver support using proxy to connect to master

In some special network environment, like some company or school,
you must using proxy to connect to the Internet.
In this situation, slaver need to use proxy to connect to the master.

Hope you can support for SOCKS5 proxy as well~

Minecraft TCP No Work

home server:

vds:

minecraft:

how to properly run on vds it is necessary?
How do I properly run an application on my home computer?
The server is running on 0.0.0.0:25566

这个项目可以实现p2p吗？望回复

一台vps运行master，两台slaver实现p2p互联，握手通过vps，接下来的数据传输实现p2p

Feature request: Forking

I would appreciate if master after receiving the connection from slaver would fork itself listening on port received from client and that port is defined in separate GET request received before fork.

The Case:
I am running socks5 proxy server together with slaver and this socks is redirected to public ip and port in master. This simple reversed connection works. Problem I am facing is with multiple slavers with socks proxy running behind NAT. Master is not able to manage multiple connections from public internet to each separate proxy on separate public ports on server's public ip.

Would it be possible for you to write such functionality?

BlockingIOError(11, 'Resource temporarily unavailable')

I got a error number 11 after several packets when transfering large data. The error message is BlockingIOError(11, 'Resource temporarily unavailable').

shootback/common_func.py

Line 277 in cab462c

except Exception as e:

It seems that errno.EWOULDBLOCK should be considered. My guess is that even the socket is writeable, but it may not be able to send a big chunk of data to remote pair.

什么时候能支持python2

如题

Not support python version 2.6.6 :(

/home/common_func.py:24: UserWarning: selectors module not available, fallback to select
warnings.warn('selectors module not available, fallback to select')
Traceback (most recent call last):
File "slaver.py", line 396, in
main_slaver()
File "slaver.py", line 359, in main_slaver
args = argparse_slaver()
File "slaver.py", line 311, in argparse_slaver
https://github.com/aploium/shootback""".format(ver=version_info()),
File "/home/tomcat/common_func.py", line 68, in version_info
return "{}.{}.{}-r{}".format(*version)
ValueError: zero length field name in forma

secretkey不起作用

slaver和master即使设置不同的key，也可以连接成功和正常使用。

可以支持https么

服务端如何配置才能支持https

ubuntu下很多连接处于fin_wait2状态，导致服务端经常不能从客户端获取数据。

服务端运行在windows上，客户端运行在ubuntu 14上面，很多连接处于fin_wait2，导致从服务器转发连接，从客户端获取数据失败。

如何在 slaver 机器上显示 customer 的 ip 地址

我有如下的部署：
局域网内的主机A，有 ipv4 地址和 ipv6 地址，作为网络服务器。ipv4 地址不是公网 ip，而 ipv6 地址是公网 ip，因此我做了一个 AAAA 的域名解析，因此我的域名可以直接访问这台内网主机A。但是，由于很多人没有 ipv6 环境，所以我还是需要内网穿透来提供 ipv4 服务。
阿里云上的主机B，有 ipv4 地址，因此我对相同的域名又设置了一个DNS的A记录，由此访客没有ipv6网络，则访问到的实际上是B主机，我在B主机和A主机之间通过 shootback 进行端口转发。由此，一个 ipv4和ipv6的双栈便搭建好了。

问题是，对于没有ipv6网络的访客，目前好像是B主机记录其真实 IP 地址，到了A主机那里显示的 ip 地址不体现真实访客。比如，A主机上的 shootback 日志里显示的是 A 和 B 之间的连接信息，apache 的 access.log 里体现的访客 ip 地址是 127.0.0.1. 唯一能看到访客 ip 的是从A主机的shootback日志里。

有什么办法能让内网中的 B 也显示访客的真实 ip 地址呢？