A fast and reliable reverse TCP tunnel, designed to be multi-clients and hold high concurrency (support Gzip and AES in transmission)
It also can be used as reverse socks/http/ftp/smtp… proxy, anything as long as is use TCP! Help you to bypass firewall or NAT to access the LAN.
高性能,高稳定性的Python反向TCP隧道代理, 穿透内网,用于内网NAT或防火墙后的内网机器与外网建立TCP隧道. 也可用作Socks/http/ftp…代理
1.支持多个client, 多个TCP链接(多个Socket) 相互独立不影响
Brief explain about how the reverse tcp proxy works
In some situations, Machine Slaver can connect to Machine Master, but Master cannot connect to Slaver directly, by reusing the slaver’s connection, programs in the master machine can connect to the slaver’s machine directly(in those programs’ sight)
In default config,
Master will listen 127.0.0.1:1088 and 0.0.0.0:2082
Slaver will connect master_ip:20822 and target_ip:80 (in default cfg, they are all 127.0.0.1)
Working stage data stream (in default config):
The proxy it self is transparent to the BobSoft
Which means, as the view of the BobSoft, it is equal to:
- download and unzip, make sure you have python3.x (2.x support will be added later)
- copy or rename the config.sample.py to config.py
- nc -l -p 80 (Listen localhost’s 80 port, slaver will then connect this. nc for netcat)
- (new terminal) python3 master.py (the master will listen localhost:80 for your other programs and 0.0.0.0:20822 for slavers)
- (new terminal) python3 slaver.py (the slaver will connect to master_ip:20822 and target_ip:80, in this case, they are both localhost)
- (new terminal) nc 127.0.0.1 1088 (connect the tunnel)
- type and send something like I love luciaz in the nc of step 6#
- now you will see an I love luciaz output in the nc of step 3#, and try to send something back!
- execute the slaver in another Linux machine (maybe VMare)
- set slaver_target_addr = (‘localhost’, 22) and master_addr = (‘master_ip’, 20822) , others remain default
- use an ssh client(such as putty) to connect localhost:1088 in the MASTER machine
- now you connected to the slaver machine’s ssh.
Besides directly connect to the target (website, ftp, etc..), we can use other non-reverse proxy as the backend. If the backend target is an http proxy, the whole system works like a reverse http proxy, or if the backend is an socks4/5 proxy, the system becomes an reverse socks4/5 proxy,etc..
(same as the former) <--> slaver_machine <--> Socks5 Proxy (maybe in slaver_machine) <--> Real target
If we have more than on slaver machines, just copy the cfg and run then in every salver machines. Due to the internal slaver queue mechanism, load balance will be applied automatically
For more information, please see Github: https://github.com/Aploium/PyReverseTcpTunnel