Author Topic: HTTP Tunneler  (Read 13095 times)

0 Members and 2 Guests are viewing this topic.

Offline Armin

  • Honorary Leader
  • x86
  • Hero Member
  • *****
  • Posts: 2480
    • View Profile
HTTP Tunneler
« on: December 09, 2005, 10:05:21 am »
Well I'm at school right now and I'm basically just pissed that almost every website I try to go to is blocked. When I get home, I'll probably install a HTTP Tunneler on my server. Anyone know of any decent remote HTTP Tunnelers written in PHP?
Hitmen: art is gay

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: HTTP Tunneler
« Reply #1 on: December 09, 2005, 12:22:24 pm »
Can you connect to external computers on port 22?  If so, you can tunnel through SSH, that's the best way. 

Alternatively, install an HTTP Proxy (not Socks) that runs on port 80.  An HTTP proxy basically tunnels HTTP requests over HTTP. 

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: HTTP Tunneler
« Reply #2 on: December 10, 2005, 01:56:07 pm »
I'm not very experienced in this area, but I don't think using a Proxy would make much of a difference.

Also, if your filter doesn't overlook content (IE page title, first few blocks of HTML, etc), you're still screwed even if you use HTTP tunneling.

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: HTTP Tunneler
« Reply #3 on: December 10, 2005, 02:22:49 pm »
True, it would have to be encrypted.  I think you can  use a proxy over SSL, though.

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: HTTP Tunneler
« Reply #4 on: December 10, 2005, 02:24:34 pm »
True, it would have to be encrypted.  I think you can  use a proxy over SSL, though.

Yeah, I think that would work too, unless the content filter is in some way able to request/obtain the encryption key.  But then not very many pages on the internet have secured versions. :\

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: HTTP Tunneler
« Reply #5 on: December 10, 2005, 02:26:41 pm »
True, it would have to be encrypted.  I think you can  use a proxy over SSL, though.

Yeah, I think that would work too, unless the content filter is in some way able to request/obtain the encryption key.  But then not very many pages on the internet have secured versions. :\

Well, you'd set up a proxy, which uses SSL.  Between the proxy and the destination page, who cares?

You <==encrypted==> filter <==encrypted==> your proxy <==unencrypted==> destination

Offline Blaze

  • x86
  • Hero Member
  • *****
  • Posts: 7136
  • Canadian
    • View Profile
    • Maide
Re: HTTP Tunneler
« Reply #6 on: December 10, 2005, 02:33:02 pm »
I just use www.formetopoopon.com to get around anything.
And like a fool I believed myself, and thought I was somebody else...

Offline Joe

  • B&
  • x86
  • Hero Member
  • *****
  • Posts: 10319
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Re: HTTP Tunneler
« Reply #7 on: December 10, 2005, 02:35:09 pm »
The filter sits right between you and the proxy and has access to everything you say to eachother, including the key exchange. Wheather it takes advantage of that or not is beyond me, but it has the ability to.
I'd personally do as Joe suggests

You might be right about that, Joe.


Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: HTTP Tunneler
« Reply #8 on: December 10, 2005, 02:45:43 pm »
The filter sits right between you and the proxy and has access to everything you say to eachother, including the key exchange. Wheather it takes advantage of that or not is beyond me, but it has the ability to.

No, because SSL uses public key cryptography.  I don't feel like explaining it again, but suffice it to say, public key cryptography isn't vulnerable to being sniffed, that's the entire point. 

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: HTTP Tunneler
« Reply #9 on: December 10, 2005, 02:48:53 pm »
The filter sits right between you and the proxy and has access to everything you say to eachother, including the key exchange. Wheather it takes advantage of that or not is beyond me, but it has the ability to.

What iago said.  It doesn't...

There isn't any key exchanging in public key cryptography.

Offline Quik

  • Webmaster Guy
  • x86
  • Hero Member
  • *****
  • Posts: 3262
  • \x51 \x75 \x69 \x6B \x5B \x78 \x38 \x36 \x5D
    • View Profile
Re: HTTP Tunneler
« Reply #10 on: December 10, 2005, 02:51:45 pm »
Just install apache and php and grab a webproxy script (something like ezproxy.net if it were ever up) and mirror pages in a frame.
Quote
[20:21:13] xar: i was just thinking about the time iago came over here and we made this huge bomb and light up the sky for 6 min
[20:21:15] xar: that was funny

Offline iago

  • Leader
  • Administrator
  • Hero Member
  • *****
  • Posts: 17914
  • Fnord.
    • View Profile
    • SkullSecurity
Re: HTTP Tunneler
« Reply #11 on: December 10, 2005, 02:52:40 pm »
The filter sits right between you and the proxy and has access to everything you say to eachother, including the key exchange. Wheather it takes advantage of that or not is beyond me, but it has the ability to.

What iago said.  It doesn't...

There isn't any key exchanging in public key cryptography.
There IS key exchange, but it's public keys.  When symmetric keys are exchanged over SSL (I'm pretty sure they are), they're encrypted with a public key.

Offline Sidoh

  • x86
  • Hero Member
  • *****
  • Posts: 17634
  • MHNATY ~~~~~
    • View Profile
    • sidoh
Re: HTTP Tunneler
« Reply #12 on: December 10, 2005, 03:13:26 pm »
There IS key exchange, but it's public keys.  When symmetric keys are exchanged over SSL (I'm pretty sure they are), they're encrypted with a public key.

Oh yeah, forgot the public/private keys had to be relational.  Silly me. :)

Offline Joe

  • B&
  • x86
  • Hero Member
  • *****
  • Posts: 10319
  • In Soviet Russia, text read you!
    • View Profile
    • Github
Re: HTTP Tunneler
« Reply #13 on: December 10, 2005, 04:55:12 pm »
Er, when we were discussing MITM attacks, didn't you say that if you have the persons public key, you can read what they're saying, just not say something for them?
I'd personally do as Joe suggests

You might be right about that, Joe.


Offline Ergot

  • 吴立峰 ^_^ !
  • x86
  • Hero Member
  • *****
  • Posts: 3724
  • I steal bandwidth. p_o
    • View Profile
Re: HTTP Tunneler
« Reply #14 on: December 10, 2005, 05:04:11 pm »
Hmm I think it might be the other way around... You can send things but you can't read them.
Who gives a damn? I fuck sheep all the time.
And yes, male both ends.  There are a couple lesbians that need a two-ended dildo...My router just refuses to wear a strap-on.
(05:55:03) JoE ThE oDD: omfg good job i got a boner thinkin bout them chinese bitches
(17:54:15) Sidoh: I love cosmetology