I Need A Tunnel ASAFP

You need a tunnel, not my life story.

You need a tunnel

This is the quick as possible guide to get you up and running a socks proxy (forward tunnel + socks server) on a target so you can do whatever weird thing you're doing. From start to finish, it should take about 5-10 minutes. I am assuming you already have a domain and a valid SSL certificate. There are 6 steps:


  • Docker is installed
  • You already have SSL certificates


  1. 1.
    Install and start gserver
  2. 2.
    Build a gclient
  3. 3.
    Build or download the gtuncli
  4. 4.
    Register the client with the server
  5. 5.
    Start client on the remote host
  6. 6.
    Add the tunnel and socks server

Installing and start gserver

First pull down the latest gtunnel server image. Make sure port 443 is open on your host:
apt install redis
docker pull hotnops/gtunnel-server:latest
mkdir logs
mkdir tls
If you have certificates from letsencrypt or something, just make sure to put them in the tls folder that gets mounted and name the key and certificate: "key" and "cert", respectively.
mv myletsencryptkey.key tls/key
mv myletsencryptcert.cert tls/cert
OR If you don't have a certificate, run this command:
cd tls
openssl req -new -newkey rsa:4096 -x509 -sha256 -days 365 -nodes -out cert -keyout key
Next, start the image from the directory that contains the tls and logs directories.
docker run --net host -v $PWD/logs:/logs -v $PWD/tls:/tls --name gtun-server hotnops/gtunnel-server

Build a client

If you haven't already, download the source from github
git clone https://github.com/hotnops/gtunnel.git gtunnel
cd gtunnel
Run the build client script, the first time might take a minute since it needs to build the docker image.
./build_client.sh -arch x64 -bintype exe -ip <public ip of gserver> -name asafp -outputfile asafp.exe -platform win
There should now be an executable named asafp.exe in the build directory. This is the binary that gets deployed to the remote host.

Build or download the gtuncli

You have two options to obtain the gtuncli: You can build it or download it.
To build it, run
And the gtuncli binary will be in the build/ folder. You can also download the gtuncli artifact from the most recent Github Action located here:

Register the client with the server

The gserver instance you stood up in step 1 needs to be aware of the client you built in step 2. If you want an explanation why this step is separate, go to the actual instructions, I'm just trying to get you up and running. For the clientregister command, the only parameter that is required is the token parameter, which is used for keying. Every other parameter is for readability.
export GTUNNEL_PORT=1337 // You can change this, but it's 1337 by default
./gtuncli clientregister -arch x64 -bintype exe -host <ip or hostname of gserver> -name asafp -platform win -token <token output from client build step>

Start the client on the remote host

It is now time to run the client on the remote host. Once connected, you should see a relevant message in the logs. If the client executable is just an exe, start it however you would start any other exe. If it's a DLL, the exported function to start gserver is "ExportedMain".

Add the tunnel and socks server

Last step. You now need to tell the client that you want to setup a forward tunnel and a socks server. First, you need the client instance ID. You can get that by listing out all the connected clients
./gtuncli clientlist
Using the unique id in the output, we can add a tunnel to that instance
./gtuncli tunnelcreate -clientid <id from previous step> -destinationip -destinationport 4444 -listenip -listenport 5555
This will forward all traffic from localhost port 5555 to the target on localhost 4444. Lastly, start a socks server on the remote host and have it listen on port 4444.
./gtuncli socksstart -clientid <id from previous step> -port 4444
Obviously, you should change port numbers to fit your environment. You now have a forward tunnel / socks proxy. At this point, you would configure your web browser or proxychains to use localhost 5555 and browse away.