27

类似lcx/ew的端口转发/内网代理工具,功能更优

 5 years ago
source link: https://github.com/EddieIvan01/iox
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
neoserver,ios ssh client

iox

English | 中文

Tool for port forward & intranet proxy, just like lcx / ew , but better

Why write?

lcx and ew are awesome, but can be improved.

when I first used them, I can't remember these complicated parameters for a long time, such as tran, slave, rcsocks, sssocks... . The work mode is clear, why do they design parameters like this(especially ew 's -l -d -e -f -g -h )

Besides, I think the net programming logic could be optimized.

For example, while running lcx -listen 8888 9999 command, client must connect to :8888 first, then :9999 , in iox , there's no limit to the order in two ports. And while running lcx -slave 1.1.1.1 8888 1.1.1.1 9999 command, lcx will connect two hosts serially, but it's more efficient to connect in concurrently, as iox does.

And what's more, iox provides traffic encryption feature. Actually, you can use iox as a simple ShadowSocks.

Of course, because iox is written in Go, the static-link-program is a little big, raw program is 2.2MB (800KB for UPX compression)

Feature

  • traffic encryption (optional)
  • humanized CLI option
  • logic optimization
  • UDP traffic forward (TODO)

Usage

You can see, all params are uniform. -l/--local means listen on a local port; -r/--remote means connect to remote host

Two mode

fwd:

Listen on 0.0.0.0:8888 and 0.0.0.0:9999 , forward traffic between 2 connections 

./iox fwd -l 8888 -l 9999


for lcx:
./lcx -listen 8888 9999

Listen on 0.0.0.0:8888 , forward traffic to 1.1.1.1:9999 

./iox fwd -l 8888 -r 1.1.1.1:9999


for lcx:
./lcx -tran 8888 1.1.1.1 9999

Connect 1.1.1.1:8888 and 1.1.1.1:9999 , forward between 2 connection 

./iox fwd -r 1.1.1.1:8888 -r 1.1.1.1:9999


for lcx:
./lcx -slave 1.1.1.1 8888 1.1.1.1 9999

proxy

Start Socks5 server on 0.0.0.0:1080 

./iox proxy -l 1080


for ew:
./ew -s ssocksd -l 1080

Start Socks5 server on be-controlled host, then forward to internet VPS

VPS forward 0.0.0.0:9999 to 0.0.0.0:1080

You must use in pair, because it contains a simple protocol to control connecting back

./iox proxy -r 1.1.1.1:9999
./iox proxy -l 9999 -l 1080       // notice, the two port are in order


for ew:
./ew -s rcsocks -l 1080 -e 9999
./ew -s rssocks -d 1.1.1.1 -e 9999

Then connect intranet host

# proxychains.conf
# socks5://1.1.1.1:1080

$ proxychains rdesktop 192.168.0.100:3389

enable encryption

For example, we forward 3389 port in intranet to our VPS

// be-controller host
./iox fwd -r 192.168.0.100:3389 -r *1.1.1.1:8888 -k 656565


// our VPS
./iox fwd -l *8888 -l 33890 -k 656565

It's easy to understand: traffic between be-controlled host and our VPS:8888 will be encrypted, the pre-shared secret key is 'AAA', iox will use it to generate seed key and IV, then encrypt with AES-CTR

So, the * should be used in pairs 

./iox fwd -l 1000 -r *127.0.0.1:1001 -k 000102
./iox fwd -l *1001 -r *127.0.0.1:1002 -k 000102
./iox fwd -l *1002 -r *127.0.0.1:1003 -k 000102
./iox proxy -l *1003


$ curl google.com -x socks5://127.0.0.1:1000

Using iox as a simple ShadowSocks 

// ssserver
./iox proxy -l *9999 -k 000102


// sslocal
./iox fwd -l 1080 -r *VPS:9999 -k 000102

License

The MIT license


report

Recommend

  • 59
    • www.freebuf.com 6 years ago
    • Cache

    内网渗透之端口转发与代理

    内网渗透之端口转发与代理

  • 5
    • www.wooyun.org 7 years ago
    • Cache

    内网渗透中转发工具总结 | WooYun知识库

    内网渗透中转发工具总结 TwoEyes ·

  • 25
    • www.tuicool.com 5 years ago
    • Cache

    内网全局代理工具及特征分析

    简介 端口转发是点对点的方式,代理是点对面的方式,如果我们只需要访问主机的特定的端口,使用端口转发就够了,但通常在渗透进内网之后,我们还需要对整个内网进行横向渗透,这时代理必然是一个高校的方法。代理分为正向代理...

  • 8
    • 3gstudent.github.io 4 years ago
    • Cache

    渗透基础——端口转发与代理

    0x00 前言 在渗透测试中,经常会使用到端口转发和代理。 端口转发是转发一个网络端口从一个网络节点到另一个网络节点的行为。 实际应用中需要考虑两种情况: Client->Transit server->Server:Client能够正...

  • 13
    • abcdxyzk.github.io 4 years ago
    • Cache

    SSH端口转发 及 SSH代理

    SSH端口转发 及 SSH代理 2015-04-09 23:06:00 SSH端口转发 假设A、B为内网机,C为可登录公网机。那么A连B过程为: 假设 A、B、C 的ssh端口分别为portA、portB、portC。 1. 远程转发-R, 远...

  • 320
    • lcx.cc 3 years ago
    • Cache

    Cloudflare 自定义源站端口、代理、端口转发

    Cloudflare 自定义源站端口、代理、端口转发 2019-03-25 约 1724 字 预计阅读 4 分钟   Cloudflare CDN 如何实现自定义源站端口、代理...

  • 27
    • y4er.com 3 years ago
    • Cache

    各种端口转发工具的使用方法

    各种端口转发工具的使用方法2019-07-23科普转发工具的用法本文主要介绍几种内网中常用的端口转发以代理的几种姿势。阅读本文前请看到每个阶段的网络环境,对理解本文有重要帮助。我们在这里用三台实验机client :172.16.1.1

  • 3
    • halfcoke.github.io 3 years ago
    • Cache

    FRP端口转发工具

    FRP端口转发工具及部署方式详解(win+linux)在此前的文章中,介绍了使用ssh命令进行端口转发。使用ssh进行端口转发有优点也有缺点,其优点主要在使用方便,服务器上基本都安装了ssh服务...

  • 8
    • server.51cto.com 2 years ago
    • Cache

    反向代理和端口转发以及靶场渗透

    反向代理和端口转发以及靶场渗透 作者:美迪慧尔 2022-09-16 10:00:31 反向代理服务器通常可用来作为Web加速,即使用反向代理作为Web服务器的前置机来降低网络和服务器的负载,提高访问效率

  • 7
    • 51.ruyo.net 1 year ago
    • Cache

    VS Code免费提供内网穿透端口转发服务,支持HTTP(S)协议

    VS Code免费提供内网穿透端口转发服务,支持HTTP(S)协议 我是小马甲~...

About Joyk


Aggregate valuable and interesting links.
Joyk means Joy of geeK