awetse / sockjmp Goto Github PK
View Code? Open in Web Editor NEWThis project forked from sysdream/sockjmp
Lightweight TCP socket bridge
sockjmp's Introduction
sockjmp
=======
Lightweight TCP socket bridge
1. Objectives
The main goal of sockjmp is to provide a way to create various TCP channels
even with high constraints. Sockjmp provides a way to create various sockets
(server sockets, client sockets and encrypted sockets) and to bridge them
automatically.
This tool may be very useful during a pentest when a transparent bridge has
to be set up on a compromised server to allow bouncing from the Internet to
an internal service. Moreover, some cases are hard to handle, especially when
reverse TCP connections are used to connect a client (on pentester side) to a
remote service (on target server side).
Unlike socat, sockjmp is very light and can be statically compiled using gcc.
2. Features
Sockjmp allows basic TCP socket bridging operations:
- Local listening TCP socket creation
- Remote destination TCP socket creation
- Encrypted TCP socket creation
- Unified bridging between all types of created sockets
Therefore, it is easy to create a channel like this:
[ pentester client soft. ]----
| (connected to localhost:1234)
[ localhost:1234 (server) ]<---
| (local bridge, pentester side)
[ 0.0.0.0:1235 (server) ]<---
| (normal reverse TCP connection)
[ remote server:6555 ]----
In this case, the pentester set up two listening sockets, make the remote
server connect to its machine on port 1235, and its client software connect
to localhost on port 1234, sockjmp handling the bridging stuff, running on
pentester side.
This is a particular use case netcat or even ssh cannot help whereas sockjmp
does. To avoid information leak, the reverse TCP connection coming from the
compromised server can be encrypted thanks again to sockjmp. A quick way to
do this consists in dropping onto the remote server a statically linked
sockjmp version, and use it to create the reverse TCP connection. Therefore,
all data sent between the pentester sockjmp instance and the server-side
instance is encrypted (xor-based encryption).
3. Benefits
- Sockjmp weights only a half Mb when statically linked and about a few Kb when dynamically linked.
- Sockjmp allows encrypted communication channels between two hosts
- Sockjmp allows all kind of combination of socket
4. Credits
Loic Valbon, Anthony Baube, Sysdream
sockjmp's People
Contributors
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. ๐๐๐
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google โค๏ธ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.