Tunnel Project
Results 1 to 9 of 9

Thread: Tunnel Project

  1. #1

    Tunnel Project

    Hey guys/gals,

    I'm an avid programmer and am always looking for new and exciting projects to work on... the latest is a TCP tunneling application. Currently it is in winsock and is implemented for IRC but the idea / code could be used for virtually any internet service (non-graphical right now)... anyway- if there are any experienced winsock programmers around, i'd like to discuss some things about the application... maybe this could be an interesting thread? anyway...

    The Program ->
    Visual Basic (quick start)
    Winsock ...

    Currently i set up two sock(s) one on port 23 (telnet) and one on port 6667 (irc) basically forwarding all data from one Sock to another... the initial connection is made from telnet into the tunnel server, then by command the tunnel will connect/establish a connection with the IRC Server, then it just bounces all the data back & forth...

    Tell me what ya think?
    any ideas?
    When you connect to your ISP, you are potentially opening your computer to the world. There are \'naughty people\' out there who enjoy breaking into other people\'s computers. Give some thought to the security of your computer...
    http://www.AntiOnline.com/sig.php?imageid=360

  2. #2
    Senior Member
    Join Date
    Feb 2003
    Posts
    109
    Wow, that's really neat. I'm working on something similar that i'm coding in Java. It is a three-machine tunnel to get a remote shell when the client and admin machines are both NAT'd.
    Unfortunately I don't know C winsock very well.
    $person!=$kiddie or die(\"Alas, die you hotmail hacker!!\");
    SecureVision

  3. #3
    Jaded Network Admin nebulus200's Avatar
    Join Date
    Jun 2002
    Posts
    1,356
    You might want to look at the source code of Hobbit's netcat. It can essentially already do this and it comes with the source code, which might be helpful to you if you get stuck. If you have difficulty finding it, I have a copy of it that is pretty well commented. Also keep in mind that netcat can be used for more applications than simple relaying...

    You would just do something along the lines of:

    nc -l -p <incoming port> | nc target_server outgoing_port

    or

    nc -l -p 23 | nc some_irc_server 6667

    One thing that would be pretty cool would be able to chose where you terminated the tunnel from your program, I think that would be a little harder... Also keep in mind that if you do this, that there is no authentication or wrapping for nc, so anyone would be able to relay through you unless your firewall was setup to only allow certain things...

    Pretty cool project, wish I still had that kind of free time.

    /nebulus
    There is only one constant, one universal, it is the only real truth: causality. Action. Reaction. Cause and effect...There is no escape from it, we are forever slaves to it. Our only hope, our only peace is to understand it, to understand the 'why'. 'Why' is what separates us from them, you from me. 'Why' is the only real social power, without it you are powerless.

    (Merovingian - Matrix Reloaded)

  4. #4
    Senior Member
    Join Date
    Apr 2002
    Posts
    634
    I have never tried it, but CryptCat is a modification of NetCat with a better security. You could want to check also its source code.

    KC
    Life is boring. Play NetHack... --more--

  5. #5
    Hey, we are geting closer to having a fully functional version of this application...
    it's pretty neat. we were having trouble syncing the two connections... the problem was that the tunneler didn't know what server to bounce the data to... we were trying to use commands (in a telnet environment) but this created problems when trying to use other client (other than telnet)... we dcided to go with some CGI tools that help the user/client configure his/her connections to the unreachable host (ie- my IRC server)... anyway, when we are done with the coding i might post the source- it's pretty simple and rather useful...

    anyway- i thought i'd just keep y'all informaed
    When you connect to your ISP, you are potentially opening your computer to the world. There are \'naughty people\' out there who enjoy breaking into other people\'s computers. Give some thought to the security of your computer...
    http://www.AntiOnline.com/sig.php?imageid=360

  6. #6
    ----------------------------------------------------------------
    alright gang, i'm so close to having this application up & running...

    -problem, is that when you connect via IRC the server will request some ident information via port 113 (someone correct me if i'm wrong) ... the idea is that (i think) your IRC Client will actually listen/serve on port 113 to any request(s) the IRC Server makes...

    -the whole idea of the application is to allow IRC via other ports (23,80,etc...) and bounce them to 6667 or whatever... i'm having a tricky time finding info on this ident/113 thing... if anyone that runs an IRC server could shed some light on this subject i'd be very gratefull...

    -the basic idea is to emulate the ident requests...
    When you connect to your ISP, you are potentially opening your computer to the world. There are \'naughty people\' out there who enjoy breaking into other people\'s computers. Give some thought to the security of your computer...
    http://www.AntiOnline.com/sig.php?imageid=360

  7. #7
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,403
    Originally posted here by pr0letariat
    ----------------------------------------------------------------
    alright gang, i'm so close to having this application up & running...

    -problem, is that when you connect via IRC the server will request some ident information via port 113 (someone correct me if i'm wrong) ... the idea is that (i think) your IRC Client will actually listen/serve on port 113 to any request(s) the IRC Server makes...
    You're right. Most IRC servers do not require you to respond to a ident request. What ident does is identify the user that runs the application that listens on a perticular port.
    If you do not reply to the ident request you will notice your id on irc will start with an ~.


    -the whole idea of the application is to allow IRC via other ports (23,80,etc...) and bounce them to 6667 or whatever... i'm having a tricky time finding info on this ident/113 thing... if anyone that runs an IRC server could shed some light on this subject i'd be very gratefull...

    -the basic idea is to emulate the ident requests...
    Read RFC-1413
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  8. #8
    sorry if this makes me sound stupid or whatever, and dont think im mocking you, but what is the point of having two servers just bounce data back and forward???

  9. #9
    Senior Member tampabay420's Avatar
    Join Date
    Aug 2002
    Posts
    953
    to change the port the data is coming through...
    he said it was for IRC, so i assume that the IRC ports (~6667) or prolly blocked (as they are on my network as well) it would be easy to use non-wanted services/tools via common (http, ftp, telnet) ports... but i could be wrong...
    yeah, I\'m gonna need that by friday...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides