I Need A Tunnel ASAFP
You need a tunnel, not my life story.
You need a tunnel
This is the quick as possible guide to get you up and running a socks proxy (forward tunnel + socks server) on a target so you can do whatever weird thing you're doing. From start to finish, it should take about 5-10 minutes. I am assuming you already have a domain and a valid SSL certificate. There are 6 steps:
Assumptions:
Docker is installed
You already have SSL certificates
Steps:
Install and start gserver
Build a gclient
Build or download the gtuncli
Register the client with the server
Start client on the remote host
Add the tunnel and socks server
Installing and start gserver
First pull down the latest gtunnel server image. Make sure port 443 is open on your host:
If you have certificates from letsencrypt or something, just make sure to put them in the tls folder that gets mounted and name the key and certificate: "key" and "cert", respectively.
OR If you don't have a certificate, run this command:
Next, start the image from the directory that contains the tls and logs directories.
Build a client
If you haven't already, download the source from github
Run the build client script, the first time might take a minute since it needs to build the docker image.
There should now be an executable named asafp.exe in the build directory. This is the binary that gets deployed to the remote host.
Build or download the gtuncli
You have two options to obtain the gtuncli: You can build it or download it.
To build it, run
And the gtuncli binary will be in the build/ folder. You can also download the gtuncli artifact from the most recent Github Action located here:
Register the client with the server
The gserver instance you stood up in step 1 needs to be aware of the client you built in step 2. If you want an explanation why this step is separate, go to the actual instructions, I'm just trying to get you up and running. For the clientregister command, the only parameter that is required is the token parameter, which is used for keying. Every other parameter is for readability.
Start the client on the remote host
It is now time to run the client on the remote host. Once connected, you should see a relevant message in the logs. If the client executable is just an exe, start it however you would start any other exe. If it's a DLL, the exported function to start gserver is "ExportedMain".
Add the tunnel and socks server
Last step. You now need to tell the client that you want to setup a forward tunnel and a socks server. First, you need the client instance ID. You can get that by listing out all the connected clients
Using the unique id in the output, we can add a tunnel to that instance
This will forward all traffic from localhost port 5555 to the target on localhost 4444. Lastly, start a socks server on the remote host and have it listen on port 4444.
Obviously, you should change port numbers to fit your environment. You now have a forward tunnel / socks proxy. At this point, you would configure your web browser or proxychains to use localhost 5555 and browse away.
Last updated