GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → EddieIvan01 → Iox

EddieIvan01 / Iox

Licence: mit
Tool for port forwarding & intranet proxy

Programming Languages

go
31211 projects - #10 most used programming language

Labels

proxypentestgolang-tools

Projects that are alternatives of or similar to Iox

Doxycannon
A poorman's proxycannon and botnet, using docker, ovpn files, and a dante socks5 proxy
Stars: ✭ 216 (-47.45%)
Mutual labels:  proxy, pentest
Pythem
pentest framework
Stars: ✭ 1,060 (+157.91%)
Mutual labels:  proxy, pentest
Dorknet
Selenium powered Python script to automate searching for vulnerable web apps.
Stars: ✭ 256 (-37.71%)
Mutual labels:  proxy, pentest
Hackers Tool Kit
Its a framework filled with alot of options and hacking tools you use directly in the script from brute forcing to payload making im still adding more stuff i now have another tool out called htkl-lite its hackers-tool-kit just not as big and messy to see updates check on my instagram @tuf_unkn0wn or if there are any problems message me on instagram
Stars: ✭ 211 (-48.66%)
Mutual labels:  proxy, pentest
Cloudbunny
CloudBunny is a tool to capture the real IP of the server that uses a WAF as a proxy or protection. In this tool we used three search engines to search domain information: Shodan, Censys and Zoomeye.
Stars: ✭ 273 (-33.58%)
Mutual labels:  proxy, pentest
Coin Hive Stratum
use CoinHive's JavaScript miner on any stratum pool
Stars: ✭ 380 (-7.54%)
Mutual labels:  proxy
Ad Pentest Notes
用于记录内网渗透(域渗透)学习 :-)
Stars: ✭ 390 (-5.11%)
Mutual labels:  pentest
Jwtproxy
An HTTP-Proxy that adds AuthN through JWTs
Stars: ✭ 379 (-7.79%)
Mutual labels:  proxy
Ssr Accounts
V2Ray, 免费V2Ray账号分享, 翻墙,无界, 自由门, SquirrelVPN, SS账号, 机场
Stars: ✭ 3,854 (+837.71%)
Mutual labels:  proxy
Proxy Web
proxy-web是用go语言写的,基于snail007/goproxy完成的可视化网页应用
Stars: ✭ 402 (-2.19%)
Mutual labels:  proxy
Encrypted Dns Server
An easy to install, high-performance, zero maintenance proxy to run an encrypted DNS server.
Stars: ✭ 398 (-3.16%)
Mutual labels:  proxy
Shadowsocksx Ng R
ShadowsocksX-NG-R: Shadowsocks(R) Client for MacOS
Stars: ✭ 393 (-4.38%)
Mutual labels:  proxy
Make Fetch Happen
Get in loser, we're making requests!
Stars: ✭ 381 (-7.3%)
Mutual labels:  proxy
Ss7maper
SS7 MAP (pen-)testing toolkit. DISCONTINUED REPO, please use: https://github.com/0xc0decafe/ss7MAPer/
Stars: ✭ 394 (-4.14%)
Mutual labels:  pentest
Memento
Memento is a development-only tool that caches HTTP calls once they have been executed.
Stars: ✭ 380 (-7.54%)
Mutual labels:  proxy
Gdog
A fully featured Windows backdoor that uses Gmail as a C&C server
Stars: ✭ 399 (-2.92%)
Mutual labels:  pentest
Dev Sidecar
开发者边车,github打不开,github加速,git clone加速,git release下载加速,stackoverflow加速
Stars: ✭ 163 (-60.34%)
Mutual labels:  proxy
Slackor
A Golang implant that uses Slack as a command and control server
Stars: ✭ 392 (-4.62%)
Mutual labels:  pentest
Linux Kernel Exploits
linux-kernel-exploits Linux平台提权漏洞集合
Stars: ✭ 4,203 (+922.63%)
Mutual labels:  pentest
Blueshell
红蓝对抗跨平台远控工具
Stars: ✭ 379 (-7.79%)
Mutual labels:  pentest
View All Similar Projects ➔

iox

English | 中文

Tool for port forward & intranet proxy, just like lcx/ew, but better

Why write?

lcx and ew are awesome, but can be improved.

When I first used them, I can't remember these complicated parameters for a long time, such as tran, slave, rcsocks, sssocks.... The work mode is clear, why do they design parameters like this(especially ew's -l -d -e -f -g -h)

Besides, I think the net programming logic could be optimized.

For example, while running lcx -listen 8888 9999 command, client must connect to :8888 first, then :9999, in iox, there's no limit to the order in two ports. And while running lcx -slave 1.1.1.1 8888 1.1.1.1 9999 command, lcx will connect two hosts serially, but it's more efficient to connect in concurrent, as iox does.

What's more, iox provides traffic encryption feature (it's useful when there is a IDS on target). Actually, you can use iox as a simple ShadowSocks.

And iox also provides UDP traffic forward.

Of course, because iox is written in Go, the static-link-program is a little large, raw program is 2.2MB (800KB after UPX compression)

Features

  • Traffic encryption (optional)
  • Humanized CLI option
  • Logic optimization
  • UDP traffic forward
  • TCP multiplexing in reverse proxy mode

Usage

You can see, all params are uniform. -l/--local means listen on a local port; -r/--remote means connect to remote host

Note: after v0.4, -l/--local could specify which IP to listen on. If only ports are specified, the default is 0.0.0.0:PORT

-l 127.0.0.1:9999      -l *127.0.0.1:9999      # 127.0.0.1:9999
-l 9999                -l *9999                # 0.0.0.0:9999

`-l :9999` is also OK, but it's not recommended. Because `-l *:9999`(listen on 0.0.0.0:9999 with encryption) is ambiguous

Working mode

fwd

Listen on 0.0.0.0:8888 and 0.0.0.0:9999, forward traffic between 2 connections

./iox fwd -l 8888 -l 9999

Listen on 0.0.0.0:8888, forward traffic to 1.1.1.1:9999

./iox fwd -l 8888 -r 1.1.1.1:9999

Connect 1.1.1.1:8888 and 1.1.1.1:9999, forward between 2 connection

./iox fwd -r 1.1.1.1:8888 -r 1.1.1.1:9999

proxy

Start Socks5 server on 0.0.0.0:1080

./iox proxy -l 1080

Start Socks5 server on be-controlled host, then forward to internet VPS

VPS forward 0.0.0.0:9999 to 0.0.0.0:1080

You must use in a pair, because it contains a simple protocol to control connecting back

./iox proxy -r 1.1.1.1:9999
./iox proxy -l 9999 -l 1080       // notice, the two port are in order


for ew:
./ew -s rcsocks -l 1080 -e 9999
./ew -s rssocks -d 1.1.1.1 -e 9999

Then connect intranet host

# proxychains.conf
# socks5://1.1.1.1:1080

$ proxychains rdesktop 192.168.0.100:3389

Enable encryption

For example, we forward 3389 port in the intranet to our VPS

// be-controller host
./iox fwd -r 192.168.0.100:3389 -r *1.1.1.1:8888 -k 656565


// our VPS
./iox fwd -l *8888 -l 33890 -k 656565

It's easy to understand: traffic between be-controlled host and our VPS:8888 will be encrypted, the pre-shared secret key is 'AAA', iox will use it to generate seed key and nonce (Normally, nonce shouldn't be reused. But consider that iox's encryption is only for bypassing IDS, in order not to allocate extra space, the TCP stream encryption will reuse the nonce), then encrypt with Xchacha20 (replace AES-CTR with Xchacha20 in v0.3 version)

So, the * should be used in pairs

./iox fwd -l 1000 -r *127.0.0.1:1001 -k 000102
./iox fwd -l *1001 -r *127.0.0.1:1002 -k 000102
./iox fwd -l *1002 -r *127.0.0.1:1003 -k 000102
./iox proxy -l *1003 -k 000102


$ curl google.com -x socks5://127.0.0.1:1000

Using iox as a simple ShadowSocks

// ssserver
./iox proxy -l *9999 -k 000102


// sslocal
./iox fwd -l 1080 -r *VPS:9999 -k 000102

UDP forward

Only need to add CLI option -u

./iox fwd -l 53 -r *127.0.0.1:8888 -k 000102 -u
./iox fwd -l *8888 -l *9999 -k 000102 -u
./iox fwd -r *127.0.0.1:9999 -r 8.8.8.8:53 -k 000102 -u

NOTICE: When you make a multistage connection, the Remote2Remote-UDP-mode must be started last, which is the No.3 command in above example

UDP forwarding may have behavior that is not as you expected. Actually, on GitHub now, there are only examples of forwarding a local listener to a remote host, so I can only implement them with my understanding

You can find why in the source code. If you have any ideas, PR / issue are welcomed

License

The MIT license

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].