Location>code7788 >text

Intranet penetration of the http proxy server

Popularity:784 ℃/2024-12-19 20:03:04

Accessing the intranet on the public networkhttpServices can use intranet penetration tools,for examplefrprespond in singingnpsand other excellent tools. However, I found that these kinds of tools will start more than one port on the server, and it is easy for some network censors to find out that intranet penetration is being done. So I wondered if it is possible to start only one http service on the server to accomplish the intranet penetration, and only one http service port can be opened for the public service. So I finished the code:Click on the jump to see the code

The principle is shown below:image

As shown in the above figure, the intranet client and the public server will only create a websocket connection, which is very good to disguise the relevant data. And websocket send and receive are segmented, so it is very easy to encrypt and decrypt these segmented data (my code is too lazy to do).

Example of Mode 1:

# Run the program on the public server
go run -s 192.168.1.88:8080
# Intranet client runtime program
go run -c ws://192.168.1.88:8080
# This will use the public ip:port as an http proxy to access the intranet machine /
curl -v -x 192.168.1.88:8080 /

Example of Mode 2:

# Run the program on the public server
go run -s 192.168.1.88:8080
# Intranet client runtime program
go run -c ws://192.168.1.88:8080 -p 172.17.1.88:1080
# At this point will use the public network ip:port as http proxy to use the intranet machine through the proxy 172.17.1.88:1080 access /
curl -v -x 192.168.1.88:8080 /

I have verified the use ofgit clone Way to clone intranet repository code via public proxy, works perfectly.