|
bypass squid via ssh and http tunnel
Hello there! I'm a computer science student and i'm doing my graduation project, it's about tunneling traffic through a restrictive proxy/firewall, I decided to make the project about bypassing squid cache server via tunneling and here is my approach: since ssh v2 has the capability to dynamically make a port forwarding via establishing a socks proxy as follows:
ssh -D 9090 user@SomeRemoteServerIP we can make an encrypted tunnel through the firewall, but what if the proxy server block any connection to any port except port 80?, yes I hear some one said, just change the port that sshd is listing on on the server side to port 80 :) now, what about if the proxy server at the university or the company is smart enough to inspect the content of the packet, not just the source and destanation ports? what if the proxy server even blocks the "connect" http method? now, my question is, is that possible to be a graduation project?, what is the right method to accomplish this correctly, what is the time frame that will take to be ready?, and what is the programming language that can do the job quickly, since I have a knowledge in Ruby, Java, C#, C.what is the language that has the power to do the job without getting involved in a wasting time debugging issues?. thanks in advance. |
I don't really see what you'd be trying to achieve out of this. If a web proxy is going so far as to do inspection, then it's going to be much happier permitting an HTTPS CONNECT than arbitrary binary data, indeed the very point of a CONNECT is to allow a private data connection that it doesn't need to look at, but do it gracefully and with permission. you asked "what if the proxy server even blocks the "connect" http method?" well that's where you need to start asking yourself questions, not stop... IF there is something to this then it's probably behind this. So.... what if they do??
|
what about if the proxy server at the university or the company is smart enough to inspect the content of the packet, not just the source and destanation ports?
Squid dont inspect the content. it just give you the connect method and let the data flow freely. what if the proxy server even blocks the "connect" http method? if squid dont allow connect method, no tunneling is posible. by default squid allows the connect method only to the safe_ports (443) this kind of tools had already been published, and are available for download. google it. salu2 |
Yes but there are plenty of other proxy servers which behave in different ways. Squids are not the only fruit.
|
Guys, there is smthing that you have not mentioned about yet.What about using the usual HTTP GET & POST methods to tunnel through the proxy server, I mean that we can send our maybe encrypted data via get and post, then the proxy server won't be able to inspect any thing!
Sure, on the server side there must be a HTTP server of our own to decapsulate the data and forward it to the right destination, then send it back encrypted to our client that is located behind the proxy server. |
Are you talking about something like corkscrew?
|
Quote:
|
Quote:
mmm... it seems very difficult. You would need a "special" client and a "special" server. besides, if you are trying to pass data as parameters of post, the permitted lenght is very short. The connect method is a MUST. |
Quote:
|
Quote:
Finally, please if any one of you guys have another suggestions or ideas about a project in "penetration testing or security area", I hope that you can share them with me as fast and precise as you can. thanks in advance. |
Quote:
thanks! |
Quote:
thanks! |
| All times are GMT -5. The time now is 09:55 PM. |