GithubHelp home page GithubHelp logo

jiho-dev / crowbar Goto Github PK

View Code? Open in Web Editor NEW

This project forked from q3k/crowbar

0.0 1.0 0.0 40 KB

Tunnel TCP over a plain HTTP session (warning: mediocre Go code)

License: BSD 2-Clause "Simplified" License

Go 100.00%

crowbar's Introduction

Crowbar

When a corkscrew just isn't enough...

Intro

Crowbar overview

Crowbar is an EXPERIMENTAL tool that allows you to establish a secure circuit with your existing encrypting TCP endpoints (an OpenVPN setup, an SSH server for forwarding...) when your network connection is limited by a Web proxy that only allows basic port 80 HTTP connectivity.

Crowbar will tunnel TCP connections over an HTTP session using only GET and POST requests. This is in contrast to most tunneling systems that reuse the CONNECT verb. It also provides basic authentication to make sure nobody who stumbles upon the server steals your proxy to order drugs from Silkroad.

Features

  • Establishes TCP connections via a proxy server using only HTTP GET and POST requests
  • Authenticates users from an authentication file
  • Will probably get you fired if you use this in an office setting

Security & Confidentiality

Crowbar DOES NOT PROVIDE ANY DATA CONFIDENTIALITY. While the user authentication mechanism protects from replay attacks to establish connectivity, it will not prevent someone from MITMing the later connection transfer itself, or from MITMing whole sessions. So, yeah, make sure to use it only tunnel an SSH or OpenVPN server, and firewall off most outgoing connections on your proxy server (ie. only allow access to an already publicly-available SSH server)

The authentication code and crypto have not been reviewed by cryptographers. I am not a cryptographer. You should consider this when deploying Crowbar.

Known bugs

The crypto can be improved vastly to enable server authentication and make MITMing more difficult. It could also use a better authentication setup to allow the server to keep password hashes instead of plaintext.

The server should include some filtering functionality for allowed remote connections.

The server lacks any cleanup functions and rate limiting, so it will leak both descriptors and memory - this should be fixed soon.

Is it any good?

Eh, it works. I'm not an experienced Golang programmer though, so the codebase is probably butt-ugly.

License

BSD 2-clause, 'nuff said.

Usage

Binary releases

Release and snapshot binaries can be downloaded from this project's Github Releases page.

Server setup

This assumes you're using Linux. If not, you're on your own.

Set up an user for the service

useradd -rm crowbard
mkdir /etc/crowbar/
chown crowbar:crowbar /etc/crowbar

Create an authentication file - a new-line delimited file containing username:password pairs.

touch /etc/crowbar/userfile
chown crowbar:crowbar /etc/crowbar/userfile
chmod 600 /etc/crowbar/userfile
echo -ne "q3k:supersecurepassword\n1337h4xx0r:canttouchthis" >> /etc/crowbar/userfile

Set up an iptables rule to forward traffic from the :80 port to :8080, where the server will be running. Replace eth0 with your public network interface.

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to-port 8080

Run the daemon in screen/tmux or write some unit files for your distribution:

crowbard -userfile=/etc/crowbard/userfile

Client setup

This assumes you're running Linux on your personal computer. If not, you're on your own.

Crowbar will honor the de-facto standard HTTP_PROXY env var on Linux:

export HTTP_PROXY=evil.company.proxy.com:80

For netcat-like functionality:

crowbar-forward -local=- -username q3k -password secret -server http://your.proxy.server.com:80 -remote towel.blinkenlights.nl:23

For port-forwarding:

crowbar-forward -local=127.0.0.1:1337 -username q3k -password secret -server http://your.proxy.server.com:80 -remote towel.blinkenlights.nl:23 &
nc 127.0.0.1 1337

For SSH ProxyCommand integration, place this in your .ssh/config, and then SSH into your.ssh.host.com as usual:

Host your.ssh.host.com
    ProxyCommand crowbar-forward -local=- -username q3k -password secret -server http://your.proxy.server.com:80 -remote %h:%p 

Building from source

I assume you have a working $GOPATH.

go get github.com/q3k/crowbar/...

crowbar-forward and crowbard will be in $GOPATH/bin.

crowbar's People

Contributors

arachnist avatar jiho-dev avatar jiho-jung avatar q3k avatar

Watchers

 avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.