{"id":17287421,"url":"https://github.com/utoni/ptunnel-ng","last_synced_at":"2025-04-08T02:36:41.500Z","repository":{"id":50455963,"uuid":"114796710","full_name":"utoni/ptunnel-ng","owner":"utoni","description":"Tunnel TCP connections through ICMP.","archived":false,"fork":false,"pushed_at":"2024-11-27T18:34:33.000Z","size":734,"stargazers_count":452,"open_issues_count":9,"forks_count":75,"subscribers_count":9,"default_branch":"master","last_synced_at":"2025-04-01T01:37:12.498Z","etag":null,"topics":["icmp","icmptunnel","ping","pingtunnel","ptunnel","ptunnel-ng","tunnel"],"latest_commit_sha":null,"homepage":null,"language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/utoni.png","metadata":{"files":{"readme":"README","changelog":"ChangeLog","contributing":null,"funding":null,"license":"COPYING","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":"AUTHORS","dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-12-19T18:10:35.000Z","updated_at":"2025-03-26T17:46:44.000Z","dependencies_parsed_at":"2024-01-07T22:49:15.694Z","dependency_job_id":"30049934-bc8d-427f-9f4c-d0906a5a65f6","html_url":"https://github.com/utoni/ptunnel-ng","commit_stats":{"total_commits":232,"total_committers":7,"mean_commits":"33.142857142857146","dds":0.09913793103448276,"last_synced_commit":"b1baa742c0e667b7d4e4965f74ae6f1740f89837"},"previous_names":["lnslbrty/ptunnel-ng"],"tags_count":10,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/utoni%2Fptunnel-ng","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/utoni%2Fptunnel-ng/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/utoni%2Fptunnel-ng/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/utoni%2Fptunnel-ng/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/utoni","download_url":"https://codeload.github.com/utoni/ptunnel-ng/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247765621,"owners_count":20992335,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["icmp","icmptunnel","ping","pingtunnel","ptunnel","ptunnel-ng","tunnel"],"created_at":"2024-10-15T10:02:23.500Z","updated_at":"2025-04-08T02:36:41.483Z","avatar_url":"https://github.com/utoni.png","language":"C","funding_links":[],"categories":[],"sub_categories":[],"readme":"PingTunnel-[N]ew[G]eneration Read Me\n====================================\n\nWhat is ptunnel-ng?\n----------------\nPtunnel-NG is a bugfixed and refactored version of Ptunnel with some additional\nfeatures e.g. change the magic value without recompiling.\n\n\nWhat is ptunnel?\n----------------\nPtunnel is an application that allows you to reliably tunnel TCP connections\nto a remote host using ICMP echo request and reply packets, commonly known as\nping requests and replies.\n\n\nSimple usage\n------------\nOpens a SSH over ICMP tunnel to a remote.\n\nServer:\nsudo ptunnel-ng\n\nClient:\nsudo ptunnel-ng -p[Server-IP/NAME] -l2222\nssh -p2222 -luser 127.0.0.1\n\n\nRestricted usage\n----------------\nOpens a SSH over ICMP tunnel to a remote but restricts destination IP/Port for tunnel clients.\n10.0.3.1 is the machine your SSH daemon listens on. This can be a virtual machine, container or (.*).\n\nServer:\nsudo ptunnel-ng -r10.0.3.1 -R22\n\nClient:\nsudo ptunnel-ng -p[Server-IP/NAME] -l2222 -r10.0.3.1 -R22\nssh -p2222 -luser 127.0.0.1\n\n\nReverse shell usage\n-------------------\nOpens a SSH over ICMP tunnel to a remote and creates a reverse tunnel on same\nbut restricts destination IP/Port for tunnel clients.\n10.0.3.1 is the machine your SSH daemon listens on. This can be a virtual machine, container or (.*).\n\nServer:\nsudo ptunnel-ng -r10.0.3.1 -R22\n\nClient:\nsudo ./src/ptunnel-ng -p[Server-IP/NAME] -l2222 -r10.0.3.1 -R22\nssh -R 127.0.0.1:22222 127.0.0.1 -p2222\n\nServer:\nssh -p22222 -luser 127.0.0.1\n\n\nContact details\n---------------\nThe ptunnel-ng fork was done by Toni Uhlig:\n   \u003cmatzeton@googlemail.com\u003e\nYou can contact the author of ptunnel, Daniel Stoedle, here:\n   \u003cdaniels@cs.uit.no\u003e\nThe official ptunnel website is located here:\n   \u003chttp://www.cs.uit.no/~daniels/PingTunnel/\u003e\n\n\nDependencies\n------------\nRequired: pthread\nOptional: pcap, selinux\n\n\nCompiling\n---------\nEither run \"./autogen.sh\" for a fully automatic build or run it manually with:\n    \"./configure \u0026\u0026 make\"\n\nYou should end up with a binary called ptunnel-ng.\nThis serves as both the client and proxy. You can\noptionally install it using \"make install\".\nTo compile the Windows binary. You will need mingw installed.\nIf you want pcap support you will need the WinPcap library as well.\nWinPcap is available here:\n  \u003chttp://www.winpcap.org/install/bin/WpdPack_4_0_2.zip\u003e\n\nREMEMBER: ptunnel-ng might not work on Windows without WinPcap!\n\n\nRunning\n-------\nPtunnel works best when starting as root, and usually requires starting as root.\nCommon ptunnel-ng options:\n\nProxy(Server):\n\t./ptunnel-ng -r\u003cdestination address\u003e -R\u003cdestination port\u003e -v \u003cloglevel\u003e\n\t             -P\u003cpassword\u003e -u\u003cuser\u003e -g\u003cgroup\u003e\n\nForwarder(Client):\n\t./ptunnel-ng -p \u003caddress\u003e -l \u003clisten port\u003e -r\u003cdestination address\u003e\n\t             -R\u003cdestination port\u003e -v \u003cloglevel\u003e\n\t             -P\u003cpassword\u003e -u\u003cuser\u003e -g\u003cgroup\u003e\n\nThe -p switch sets the address of the host on which the proxy is running. A\nquick test to see if the proxy will work is simply to try pinging this host -\nif you get replies, you should be able to make the tunnel work.\nIf pinging works but you are not able to establish a tunnel, you should play\naround with the -m switch and change the magic value. A IDS/IPS or Firwall\nmight try to fool you.\n\nThe -l, -r and -R switches set the local listening port, destination address\nand destination port. For instance, to tunnel ssh connections from the client\nmachine via a proxy running on proxy.pingtunnel.com to the computer\nlogin.domain.com, the following command line would be used:\n\nsudo ./ptunnel-ng -p proxy.pingtunnel.com -l 8000 -r login.domain.com -R 22\n\nAn ssh connection to login.domain.com can now be established as follows:\n\nssh -p 8000 localhost\n\nIf ssh complains about potential man-in-the-middle attacks, simply remove the\noffending key from the known_hosts file. The warning/error is expected if you\nhave previously ssh'd to your local computer (i.e., ssh localhost), or you have\nused ptunnel-ng to forward ssh connections to different hosts.\n\nOf course, for all of this to work, you need to start the proxy on your\nproxy-computer (we'll call it proxy.pingtunnel.com here). Doing this is very\nsimple:\n\nsudo ./ptunnel-ng\n\nIf you find that the proxy isn't working, you will need to enable packet\ncapturing on the main network device. Currently this device is assumed to be\nan ethernet-device (i.e., ethernet or wireless). Packet capturing is enabled by\ngiving the -L switch, and supplying the device name to capture packets on (for\ninstance eth0 or en1). The same goes for the client. On versions of Mac OS X\nprior to 10.4 (Tiger), packet capturing must always be enabled (both for proxy\nand client), as resent packets won't be received otherwise.\n\nTo protect yourself from others using your proxy, you can protect access to it\nwith a password using the -P switch. The password is never sent in\nthe clear, but keep in mind that it may be visible from tools like top or ps,\nwhich can display the command line used to start an application.\n\nFinally, the -u switch will attempt to run the proxy in unprivileged mode (i.e.,\nno need for root access), and the -v switch controls the amount of output from\nptunnel-ng. -1 indicates no output, 0 shows errors only, 1 shows info messages, 2\ngives more output, 3 provides even more output, level 4 displays debug info and\nlevel 5 displays absolutely everything, including the nasty details of sends and\nreceives. The -o switch allows output to be saved to a logfile.\n\nSecurity features: Please see the ptunnel-ng man-page for instructions.\n\n\nSupported operating systems\n---------------------------\nPtunnel supports most operating systems with libpcap, the usual POSIX functions\nand a BSD sockets compatible API. In particular, it has been tested on Linux\nFedora Core 2 and Mac OS X 10.3.6 and above. As of version 0.7, ptunnel-ng can also\nbe compiled on Windows, courtesy of Mike Miller, assuming mingw and WinPcap is\ninstalled.\n\n\nTODOs\n-----\n- refactoring\n- libsodium integration\n\n\nCredits and contributors\n------------------------\nDaniel Stoedle et al.\n\n\nLicense\n-------\nPing Tunnel NG is Copyright (c) 2017-2019, Toni Uhlig \u003cmatzeton@googlemail.com\u003e,\nAll rights reserved. Ping Tunnel NG is licensed under the\nBSD License. Please see the COPYING file for details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Futoni%2Fptunnel-ng","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Futoni%2Fptunnel-ng","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Futoni%2Fptunnel-ng/lists"}