Information Security News

chisel: A fast TCP tunnel over HTTP

by ·

chisel

Chisel is a fast TCP tunnel, transported over HTTP, secured via SSH. Single executable including both client and server. Written in Go (golang). It is mainly useful for passing through firewalls, though it can also be used to provide a secure endpoint into your network. Chisel is very similar to crowbar though achieves much higher performance.

 

Features

  • Easy to use
  • Performant*
  • Encrypted connections using the SSH protocol (via crypto/ssh)
  • Authenticated connections; authenticated client connections with a users config file, authenticated server connections with fingerprint matching.
  • Client auto-reconnects with exponential backoff
  • Client can create multiple tunnel endpoints over one TCP connection
  • Client can optionally pass through HTTP CONNECT proxies
  • Server optionally doubles as a reverse proxy
  • Server optionally allows SOCKS5 connections (See guide below)
  • Reverse port forwarding (Connections go through the server and out the client)

Download

Use

[pastacode lang=”markup” message=”” highlight=”” provider=”manual” manual=”%24%20chisel%20server%20–help%0A%0A%20%20Usage%3A%20chisel%20server%20%5Boptions%5D%0A%0A%20%20Options%3A%0A%0A%20%20%20%20–host%2C%20Defines%20the%20HTTP%20listening%20host%20%E2%80%93%20the%20network%20interface%0A%20%20%20%20(defaults%20the%20environment%20variable%20HOST%20and%20falls%20back%20to%200.0.0.0).%0A%0A%20%20%20%20–port%2C%20-p%2C%20Defines%20the%20HTTP%20listening%20port%20(defaults%20to%20the%20environment%0A%20%20%20%20variable%20PORT%20and%20fallsback%20to%20port%208080).%0A%0A%20%20%20%20–key%2C%20An%20optional%20string%20to%20seed%20the%20generation%20of%20a%20ECDSA%20public%0A%20%20%20%20and%20private%20key%20pair.%20All%20commications%20will%20be%20secured%20using%20this%0A%20%20%20%20key%20pair.%20Share%20the%20subsequent%20fingerprint%20with%20clients%20to%20enable%20detection%0A%20%20%20%20of%20man-in-the-middle%20attacks%20(defaults%20to%20the%20CHISEL_KEY%20environment%0A%20%20%20%20variable%2C%20otherwise%20a%20new%20key%20is%20generate%20each%20run).%0A%0A%20%20%20%20–authfile%2C%20An%20optional%20path%20to%20a%20users.json%20file.%20This%20file%20should%0A%20%20%20%20be%20an%20object%20with%20users%20defined%20like%3A%0A%20%20%20%20%20%20%7B%0A%20%20%20%20%20%20%20%20%22%3Cuser%3Apass%3E%22%3A%20%5B%22%3Caddr-regex%3E%22%2C%22%3Caddr-regex%3E%22%5D%0A%20%20%20%20%20%20%7D%0A%20%20%20%20when%20%3Cuser%3E%20connects%2C%20their%20%3Cpass%3E%20will%20be%20verified%20and%20then%0A%20%20%20%20each%20of%20the%20remote%20addresses%20will%20be%20compared%20against%20the%20list%0A%20%20%20%20of%20address%20regular%20expressions%20for%20a%20match.%20Addresses%20will%0A%20%20%20%20always%20come%20in%20the%20form%20%22%3Chost%2Fip%3E%3A%3Cport%3E%22.%0A%0A%20%20%20%20–auth%2C%20An%20optional%20string%20representing%20a%20single%20user%20with%20full%0A%20%20%20%20access%2C%20in%20the%20form%20of%20%3Cuser%3Apass%3E.%20This%20is%20equivalent%20to%20creating%20an%0A%20%20%20%20authfile%20with%20%7B%22%3Cuser%3Apass%3E%22%3A%20%5B%22%22%5D%7D.%0A%0A%20%20%20%20–proxy%2C%20Specifies%20another%20HTTP%20server%20to%20proxy%20requests%20to%20when%0A%20%20%20%20chisel%20receives%20a%20normal%20HTTP%20request.%20Useful%20for%20hiding%20chisel%20in%0A%20%20%20%20plain%20sight.%0A%0A%20%20%20%20–socks5%2C%20Allows%20client%20to%20access%20the%20internal%20SOCKS5%20proxy.%20See%0A%20%20%20%20chisel%20client%20–help%20for%20more%20information.%0A%0A%20%20%20%20–pid%20Generate%20pid%20file%20in%20current%20directory%0A%0A%20%20%20%20-v%2C%20Enable%20verbose%20logging%0A%0A%20%20%20%20–help%2C%20This%20help%20text%0A%0A%20%20Version%3A%0A%20%20%20%20X.Y.Z%0A%0A%20%20Read%20more%3A%0A%20%20%20%20https%3A%2F%2Fgithub.com%2Fjpillora%2Fchisel”/]

 

 

[pastacode lang=”markup” message=”” highlight=”” provider=”manual” manual=”%24%20chisel%20client%20–help%0A%0A%20%20Usage%3A%20chisel%20client%20%5Boptions%5D%20%3Cserver%3E%20%3Cremote%3E%20%5Bremote%5D%20%5Bremote%5D%20…%0A%0A%20%20%3Cserver%3E%20is%20the%20URL%20to%20the%20chisel%20server.%0A%0A%20%20%3Cremote%3Es%20are%20remote%20connections%20tunnelled%20through%20the%20server%2C%20each%20of%0A%20%20which%20come%20in%20the%20form%3A%0A%0A%20%20%20%20%3Clocal-host%3E%3A%3Clocal-port%3E%3A%3Cremote-host%3E%3A%3Cremote-port%3E%0A%0A%20%20%20%20%E2%96%A0%20local-host%20defaults%20to%200.0.0.0%20(all%20interfaces).%0A%20%20%20%20%E2%96%A0%20local-port%20defaults%20to%20remote-port.%0A%20%20%20%20%E2%96%A0%20remote-port%20is%20required*.%0A%20%20%20%20%E2%96%A0%20remote-host%20defaults%20to%200.0.0.0%20(server%20localhost).%0A%0A%20%20%20%20example%20remotes%0A%0A%20%20%20%20%20%203000%0A%20%20%20%20%20%20example.com%3A3000%0A%20%20%20%20%20%203000%3Agoogle.com%3A80%0A%20%20%20%20%20%20192.168.0.5%3A3000%3Agoogle.com%3A80%0A%20%20%20%20%20%20socks%0A%20%20%20%20%20%205000%3Asocks%0A%0A%20%20%20%20*When%20the%20chisel%20server%20has%20–socks5%20enabled%2C%20remotes%20can%0A%20%20%20%20specify%20%22socks%22%20in%20place%20of%20remote-host%20and%20remote-port.%0A%20%20%20%20The%20default%20local%20host%20and%20port%20for%20a%20%22socks%22%20remote%20is%0A%20%20%20%20127.0.0.1%3A1080.%20Connections%20to%20this%20remote%20will%20terminate%0A%20%20%20%20at%20the%20server’s%20internal%20SOCKS5%20proxy.%0A%0A%20%20Options%3A%0A%0A%20%20%20%20–fingerprint%2C%20A%20*strongly%20recommended*%20fingerprint%20string%0A%20%20%20%20to%20perform%20host-key%20validation%20against%20the%20server’s%20public%20key.%0A%20%20%20%20You%20may%20provide%20just%20a%20prefix%20of%20the%20key%20or%20the%20entire%20string.%0A%20%20%20%20Fingerprint%20mismatches%20will%20close%20the%20connection.%0A%0A%20%20%20%20–auth%2C%20An%20optional%20username%20and%20password%20(client%20authentication)%0A%20%20%20%20in%20the%20form%3A%20%22%3Cuser%3E%3A%3Cpass%3E%22.%20These%20credentials%20are%20compared%20to%0A%20%20%20%20the%20credentials%20inside%20the%20server’s%20–authfile.%20defaults%20to%20the%0A%20%20%20%20AUTH%20environment%20variable.%0A%0A%20%20%20%20–keepalive%2C%20An%20optional%20keepalive%20interval.%20Since%20the%20underlying%0A%20%20%20%20transport%20is%20HTTP%2C%20in%20many%20instances%20we’ll%20be%20traversing%20through%0A%20%20%20%20proxies%2C%20often%20these%20proxies%20will%20close%20idle%20connections.%20You%20must%0A%20%20%20%20specify%20a%20time%20with%20a%20unit%2C%20for%20example%20’30s’%20or%20’2m’.%20Defaults%0A%20%20%20%20to%20’0s’%20(disabled).%0A%0A%20%20%20%20–proxy%2C%20An%20optional%20HTTP%20CONNECT%20proxy%20which%20will%20be%20used%20reach%0A%20%20%20%20the%20chisel%20server.%20Authentication%20can%20be%20specified%20inside%20the%20URL.%0A%20%20%20%20For%20example%2C%20http%3A%2F%2Fadmin%3Apassword%40my-server.com%3A8081%0A%0A%20%20%20%20–pid%20Generate%20pid%20file%20in%20current%20directory%0A%0A%20%20%20%20-v%2C%20Enable%20verbose%20logging%0A%0A%20%20%20%20–help%2C%20This%20help%20text%0A%0A%20%20Version%3A%0A%20%20%20%20X.Y.Z%0A%0A%20%20Read%20more%3A%0A%20%20%20%20https%3A%2F%2Fgithub.com%2Fjpillora%2Fchisel”/]

 

More

Copyright © 2017 Jaime Pillora <dev@jpillora.com>

Source: https://github.com/jpillora/

Support Our Threat Intelligence

If you find our technology report and cybersecurity news helpful, consider supporting our work.

Crypto QR Code
USDT (TRC20):
TN8BdV8cp4T1Cd28gK9qTAnZknzzuwyUtm
USDT (ERC20):
0x3725e1a7d3bc5765499fa6aaafe307fabcd75bce

Tags: