Socat/G

Socat is a multi-purpose relay tool. It is a great tool for troubleshooting networking issues and can also be used to create on-the-fly networking connections, including TCP, UDP and SSL.

Socat/G is a patch for Socat to allow the use of OpenSSL proxy certificates. Proxy certificates (see RFC3820) are short-lived certificates that can be generated using the OpenSSL toolkit 0.9.8 and higher or using the Globus Toolkit grid-proxy-init command.

For details on how to generate or verify OpenSSL proxy certificates, see here.

Patch

The patch to add proxy certificate support to socat 1.7.1.3 can be found here.
The patch to add proxy certificate support to socat 1.7.1.1 can be found here.
The patch to add proxy certificate support to socat 1.7.1.0 can be found here.
The patch to add proxy certificate support to socat 1.7.0.1 can be found here.
The patch to add proxy certificate support to socat 1.7.0.0 can be found here.

Note: the patches for socat-1.7* are all identical except for the VERSION file

The patch to add proxy certificate support to socat 1.6.0.1 can be found here.
The patch to add proxy certificate support to socat 1.6.0.0 can be found here.

To use any of these patches (I use version 1.7.0.0 as an example here):

Download the socat 1.7.0.0 tarball
Download the socat-1.7.0.0g.patch

Unpack the tarball and apply the patch

  tar xjf socat-1.7.0.0.tar.bz2
  cd socat-1.7.0.0
  patch -p0 < ../socat-1.7.0.0g.patch

Now configure and make socat as normal:

  cd socat-1.7.0.0
  ./configure
  make

Using Socat/G

After building socat you can use Socat/G with proxy certificates as follows:

Generate a grid proxy, using e.g. grid-proxy-init, and place the resulting proxy file in the current directory with name proxy
Copy the grid proxy to the remote machine

Run socat locally:

  ./socat OPENSSL-LISTEN:24001,proxy=proxy,capath=.../etc/grid-security/certificates/ 
          -,raw,echo=0

Run socat remotely:

  ./socat EXEC:/bin/bash,login,pty,sighup,sigint,sigquit,stderr,ctty,setsid
          OPENSSL:<remote-host>:24000,proxy=proxy,capath=.../etc/grid-security/certificates/

You should now have an encrypted reverse remote shell to the remote machine on your local desktop!

This tool was tested on CentOS 3/4/5, Fedora Core 5/6/9 and Windows XP using Cygwin. YMMV. Use at your own risk.

Share and enjoy....

Comments to Jan Just Keijser | visitors = 587