Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/pyjabox/TunnelOverTerminal
Tunnel TCP or UDP data stream over a terminal session which has been established by Expect script
https://github.com/pyjabox/TunnelOverTerminal
expect ssh tcp terminal tunnel
Last synced: 4 months ago
JSON representation
Tunnel TCP or UDP data stream over a terminal session which has been established by Expect script
- Host: GitHub
- URL: https://github.com/pyjabox/TunnelOverTerminal
- Owner: pyjabox
- Created: 2019-08-31T15:02:56.000Z (over 5 years ago)
- Default Branch: master
- Last Pushed: 2019-09-02T15:33:49.000Z (over 5 years ago)
- Last Synced: 2024-06-30T06:25:07.555Z (7 months ago)
- Topics: expect, ssh, tcp, terminal, tunnel
- Language: Python
- Homepage:
- Size: 20.5 KB
- Stars: 9
- Watchers: 3
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
- stars - pyjabox/TunnelOverTerminal
README
# Tunnel Over Terminal (ToT)
Tunnel TCP data stream over a terminal session (UDP evaluated for an upcoming release)
# Use cases
Context : you have a terminal access to a remote linux box, but going through multiple bastion hosts which have custom prompt and would never allow whatever sort of tunneling
With ToT, you can :
- Go through bastion hosts which prevent any kind of tunneling. As long as the connection can be done through a traditional Expect script and you land on a terminal, you are good to go.
- Do port redirection from remote network to a local port in local network over this tunnel. Thanks to that you can access web application, Java application, create a Reverse SSH connection...
- Transfer files over this tunnel. SCP will work fine and at a decent rate (~200KB/s)
# Requirements
On local host:
- Python 2.7.16
- Standard Linux binaries (mkfifo, xxd, netcat, expect)
- pv utility if you want statistics
On bastion intermediate hosts:
- whatever as long as information is carried in reliable way
On remote host:
- Standard Linux binaries (mkfifo, xxd, netcat)
- optional but preferable : allowing SSH port forwarding. This, in order to bring a SSH session over ToT and use the already powerful possibility of SSH port-forwarding
# Setup
1/ On source machine, create named pipes (FIFO) :
- mkfifo fromN
- mkfifo toN
- mkfifo fromNC-HEX
- mkfifo fromN-HEX
2/ On target machine, create named pipes (FIFO) :
- mkfifo fromNC
- mkfifo toNC
3/ On source machine, modify the three Expect scripts (connect.exp ; remote-read.exp ; remote-write.exp) to let them connect to target machine automatically. Leave the last "send", "expect" and "interact" functions as is. Don't forget to "chmod +x" them.
# Usage
```
usage: ToT.py [-h] [-s PORT_SOURCE] [-ip IP_DESTINATION] [-d PORT_DESTINATION]
[-f FORCE] [--clean CLEAN] [--stats STATS]
optional arguments:
-h, --help show this help message and exit
-s PORT_SOURCE, --port_source PORT_SOURCE
provide an integer (default: 8765)
-ip IP_DESTINATION, --ip_destination IP_DESTINATION
provide an ip (default: 127.0.0.1)
-d PORT_DESTINATION, --port_destination PORT_DESTINATION
provide an integer (default: 22)
-f FORCE, --force FORCE
provide yes or no (default: no)
--clean CLEAN provide brutal or no (default: no)
--stats STATS provide yes or no (default: no)
```
# Example
Terminal 1 :
```
user@mylocalhost:~$ python ./ToT.py -s 8765 -ip 127.0.0.1 -d 22 --stats yes
Press CTRL-C to exit...
Traffic in tunnel (in HEX + Overhead)
Input bytes= 164 ; Output bytes= 0
```
Terminal 2 :
```
user@mylocalhost:~$ ssh remoteuser@localhost -p 8765
cisco@localhost's password:
Welcome to Remote Host Server
Last login: Sat Aug 31 17:28:05 2019 from 10.60.2.100
remoteuser@remotehost:~$
```
In this simple scenario, SSH connection will be encapsulated over ToT, whatever is in the middle (bastion hosts, telnet connection...).