Skip to content
Reverse SOCKS5 implementation in Go
Go Shell
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
.circleci no need to run make in circleci Oct 5, 2019
tools initial import Oct 4, 2019
.gitignore initial import Oct 4, 2019
.travis.yml Go 1.3 is not supported Oct 4, 2019
README.md Better explanation of the Windows usage Oct 7, 2019
main.go initial import Oct 4, 2019
rclient.go drop else since block ends with return statement Oct 5, 2019
rserver.go initial import Oct 4, 2019
tlshelp.go fix golint style Oct 5, 2019

README.md

Build Status CircleCI Codacy Badge

revsocks

Reverse socks5 tunneler with SSL/TLS and proxy support (without proxy authentication and with basic/NTLM proxy authentication) Based on https://github.com/brimstone/rsocks and https://github.com/llkat/rsockstun

Features

  • Single executable (thanks to Go!)
  • Linux/Windows/Mac/BSD support
  • Encrypted communication with TLS
  • Support for proxies (without authentication or with basic/NTLM proxy authentication)
  • Automatic SSL/TLS certificate generation if not specified

Architecture

  • server = locally listening socks server
  • client = client which connects back to server

Usage

Usage:
1) Start on VPS: revsocks -listen :8443 -socks 127.0.0.1:1080 -pass SuperSecretPassword
2) Start on client: revsocks -connect clientIP:8443 -pass SuperSecretPassword
3) Connect to 127.0.0.1:1080 on the VPS with any socks5 client.
4) Enjoy. :]

Optional parameters

Add params:
 -proxy 1.2.3.4:3128 - connect via proxy
 -proxyauth Domain/username:password  - proxy creds
 -proxytimeout 2000 - server and clients will wait for 2000 msec for proxy connections... (Sometime it should be up to 4000...)
 -useragent "Internet Explorer 9.99" - User-Agent used in proxy connection (sometimes it is usefull)
 -pass Password12345 - challenge password between client and server (if not match - server reply 301 redirect)
 -recn - reconnect times number. Default is 3. If 0 - infinite reconnection
 -rect - time delay in secs between reconnection attempts. Default is 30

Requirements

  • Go 1.4 or higher
  • Few external Go modules (yamux, go-socks5 and go-ntlmssp)

Compile and Installation

Linux VPS

  • install Golang: apt install golang
export GOPATH=~/go
go get github.com/hashicorp/yamux
go get github.com/armon/go-socks5
go get github.com/kost/go-ntlmssp
go build

launch:

./revsocks -listen :8443 -socks 127.0.0.1:1080 -pass Password1234

Windows client:

  • download and install golang
go get github.com/hashicorp/yamux
go get github.com/armon/go-socks5
go get github.com/kost/go-ntlmssp
go build

Windows optional

optional: to build as Windows GUI:

go build -ldflags -H=windowsgui

You can also compress exe - just use any exe packer, ex: UPX

upx revsocks

Usage examples

revsocks -connect clientIP:8443 -pass Password1234

or with proxy and user agent:

revsocks -connect clientIP:8443 -pass Password1234 -proxy proxy.domain.local:3128 -proxyauth Domain/userpame:userpass -useragent "Mozilla 5.0/IE Windows 10"

Client connects to server and send agentpassword to authorize on server. If server does not receive agentpassword or reveive wrong pass from client (for example if spider or client browser connects to server ) then it send HTTP 301 redirect code to www.microsoft.com

Custom certificate

Generate self-signed certificate with openssl:

openssl req -new -x509 -keyout server.key -out server.crt -days 365 -nodes
You can’t perform that action at this time.