shootback – a reverse TCP tunnel let you access target behind NAT or firewall

shootback is a reverse TCP tunnel let you access target behind NAT or firewall
Consumes less than 1% CPU and 8MB memory under 800 concurrency.
slaver is single file and only depends on python(2.7/3.4+) standard library.How it works

Typical Scene

Access company/school computer(no internet IP) from home

Make private network/site public.

Help private network penetration.

Help CTF offline competitions.

Connect to device with dynamic IP, such as ADSL

Getting started

requirement:

Master: Python3.4+, OS independent

Slaver: Python2.7/3.4+, OS independent

no external dependencies, only python std lib

download git clone http://ift.tt/2kCjqgM

(optional) if you need a single-file slaver.py, run python3 build_singlefile_slaver.py

run these command

# master listen :10000 for slaver, :10080 for youpython3 master.py -m 0.0.0.0:10000 -c 127.0.0.1:10080# slaver connect to master, and use example.com as tunnel target# ps: you can use python2 in slaver, not only py3python3 slaver.py -m 127.0.0.1:10000 -t example.com:80# doing request to mastercurl -v -H “host: example.com” 127.0.0.1:10080# — some HTML content from example.com –# — some HTML content from example.com –# — some HTML content from example.com —

a more reality example:
assume your master is 22.33.44.55 (just like the graph above)

# slaver_local_ssh slaver master(22.33.44.55) You# —- master —-python3 master.py -m 0.0.0.0:10000 -c 0.0.0.0:10022# —- slaver —-python(or python3) slaver.py -m 22.33.44.55:10000 -t 127.0.0.1:22# —- YOU —-ssh 22.33.44.55 -p 10022

for more help, please see python3 master.py –help and python3 slaver.py –help

Tips

run in daemon:nohup python(or python3) slaver.py -m host:port -t host:port -q &
or:

# screen is a linux commandscreenpython(or python3) slaver.py -m host:port -t host:port# press ctrl-a d to detach screen# and if necessary, use “screen -r” to reattach

ANY service using TCP is shootback-able. HTTP/FTP/Proxy/SSH/VNC/…

shootback itself just do the transmission job, do not handle encrypt or proxy.
however you can use a 3rd party proxy (eg: shadowsocks) as slaver target.
for example:shadowsocks_servershootback_slavershootback_mastershadowsocks_client(socks5)

Warning

in windows, due to the limit of CPython select.select() , shootback can NOT handle more than 512 concurrency, you may meetValueError: too many file descriptors in select()
If you have to handle such high concurrency in windows, Anaconda-Python3 is recommend, it’s limit in windows is 2048

Performance

in my laptop of intel I7-4710MQ, win10 x64:

1.6Gbits/s of loopback transfer (using iperf), with about 5% CPU occupation.

800 thread ApacheBench, with less than 1% CPU and 8MB memory consume

Download shootback http://ift.tt/2m7NUXR http://ift.tt/2aM8QhC

Anúncios

Deixe um comentário

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair / Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair / Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair / Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair / Alterar )

Conectando a %s