Write a tunnel through the proxy server in Python

Source: Internet
Author: User
Tags ssh server

 

Background:

1. All computers in the company connect to the Internet through a proxy server (only HTTP requests sent from the internal network can be sent to the Internet, and all packets from the Internet will be intercepted)

2. An employee of an existing company wants to use the home computer to control work on a computer in the company.

3. He can perform any operation on the two computers.

Internal listening port of proxy server: 3128

 

 

 

Ideas:

Currently, you can use Telnet and SSH to remotely control your computer. However, telnet is not secure, so select ssh.

Run a program at home and work, and use the HTTP protocol to pass and receive information through the proxy to establish an SSH connection.

 

Specifically: Work sends an SSH server message and uses the POST request to pass through the proxy to the home. Then, home then wraps the ssh-client response into an HTTP Response and sends it back to the proxy. Then the proxy automatically sends it back to work, in this way, data output and input are achieved.

In this way, you can ignore the existence of the proxy and freely operate the company's intranet computers.

 

Deeper project:

After the company's system network administrator finds this line of employee, it is necessary to write a "filter" to enhance the proxy function to prevent the establishment of such tunnel.

 

Idea: Write this "filter" and place it between work and proxy, that is to say, work HTTP request a: First receive our "filter" check, if there is no problem, then send it to proxy, b: The response to the proxy is also checked. If both are OK, the information is sent back to work. However, if either of A and B has a problem, the tunnel will be intercepted. For details about how to "check", refer to the rfc http document before processing the HTTP request and Response (for example, if the rul in the HTTP request get is too long or contains SSH characters, I can basically get the tunnel information for this request, as long as it is intercepted, it can break this tunnel)

 

If you are interested, you can download the original code on the my download page.

 

 

 

 

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.