gtuncli usage
Configuring and interacting with gServer
Building gtuncli
In the gtunnel directory, run the following command
It might take a minute, since the executable is built inside a docker container, but you will have an executalbe named "gtuncli" in the gtuncli/build directory.
Configuration
You can configure the server and port for gtuncli in two separate ways. If both are set, gtuncli will honor the environment variables over the configuration file.
Environment Variables
To configure the server and port via environment variables, set the following:
Configuration File
In the same directory as the executable, create a file named .gtunnel.conf. Inside that file, insert the following:
Commands
clientlist
Description
List all the connected clients
Parameters
None
Example
clientregister
Description
Register a gclient binary with the server. This will provide all of the relevant metadata as well as the token, which is required for authentication.
Parameters
arch - The architecture of the binary. Options are x64 or x86. No defaults.
bintype - The executable type of the binary. Options are exe or lib. Exe is the name for an executable, not the PE file format, so it works for linux as well. Lib will produce an .so file or .dll file depending on platform.
ip - The address to which the client was configured to connect.
name - The friendly name for the binary.
platform - The operating system platform. Can be win, linux, or mac.
port - The port which the client will connect.
proxy - A proxy server that the client will call through. In the form of http(s)://proxyserver:port
token - The token provided during the client build that is used for authentication.
Example
clientdisconnect
Description
Disconnects a client from the gserver.
Parameters
clientid - The unique ID of the client to disconnect. You can get the clientid by calling clientlist.
Example
tunnelcreate
Description
Create a tunnel for a gclient.
Parameters
clientid - The ID of the client that is creating the tunnel. This can be found by running clientlist.
destinationip - The IP to which connections will be forwarded.
destinationport - The TCP port to which connections will be forwarded.
direction - The direction of the tunnel. Options are forward or reverse. Defaults to forward.
listenip - The IP address to which the listener will be bound.
listenport - The port that will accept new connections to be tunneled.
tunnelid - A friendly name for the tunnel. A random string will be generated if none is provided.
Example
This example establishes a forward tunnel to access a webserver located on an intranet.
This example established a reverse tunnel to allow a beaconing tool to call out. Assume that the teamserver is at IP address 192.168.1.10. This command will open port 4444 on the target and tunnel any TCP connection destined for 127.0.0.1:4444 back to 192.168.1.10.
tunneldelete
Description
Delete a tunnel. All TCP connections established under tunnel will be terminated.
Parameters
clientid - The ID of the client whose tunnel is to be deleted.
tunnelid - The ID of the tunnel to be deleted.
Example
tunnellist
Description
List all tunnels for a given gclient.
Parameters
clientid - The ID of the client whose tunnels are to be listed.
Example
socksstart
Description
Start a socks server on the gclient and bind it to a port.
Parameters
clientid - The ID of the client that will be starting the socks server.
port - The port on which the socks server will bind. The socks server will always bind to IP address 127.0.0.1 for now.
Example
This command will start a socks server on the target listening on port 2222. If you desire to access the socks server, you will still need to create a forward tunnel that points to localhost:2222.
socksstop
Description
Stop a socks server on a gclient.
Parameters
clientid - The ID of the client for which the socks server should be stopped.
Example
Last updated