Shulou(Shulou.com)06/02 Report--

Windows how to use socat, many novices are not very clear about this, in order to help you solve this problem, the following editor will explain for you in detail, people with this need can come to learn, I hope you can gain something.

A brief introduction to 0x01 socat

Socat is a multi-functional network tool, the name is "Socket CAT", can be seen as an N times enhanced version of netcat, its original version is based on Linux, here we use the Windows version, because it is transplanted, need to rely on more libraries, it is not so convenient, the future use may be more based on the Linux platform.

The main feature of socat is to establish a channel between two data streams, and supports many protocols and links: ip, tcp, udp, ipv6, pipe,exec,system,open,proxy,openssl,socket and so on.

Socat's official website: http://www.dest-unreach.org/socat/

Download link for socat: http://www.dest-unreach.org/socat/download/

As for the version of Windows, I found the following two on the Internet, with no guarantee of their security.

Socat for Windows/Cygwin (the dll file of Cygwin is missing in this version and needs to be resolved on its own):

Http://www.nikhef.nl/~janjust/socat/socat-1.6.0.1-cygwin.bin.tar.gz

Socat for Windows (this version has been packaged with Cygwin's dll file):

Http://olds.blogcn.com/wp-content/uploads/16/1615/2009/08/socat.rar

0x02 socat for file transfer

Note: here win08 is used as the local machine and win7 as the target machine for demonstration

Here, we upload the 123.txt on the win08 machine as the target to upload.

First execute the command on the win08 machine

Socat.exe-u open:123.txt,binary tcp4-listen:53

There is no display of the program after execution, which is equivalent to monitoring at the moment.

Next, we execute the command on the win7 machine to receive the file

Socat.exe-u tcp4:192.168.222.175:53 open:123.txt,creat,binary

After execution, you will find that the 123.txt file has been generated under this folder

Note: files will be left on the machine on which create is executed

0x03 socat forward port forwarding

First of all, we need to execute on the border machine.

Socat.exe tcp4-listen:53,reuseaddr,fork tcp4:192.168.222.137:3389

There will be no echo at this time, and then we will use mstsc locally for remote desktop connection

Successful connection

0x04 socat reverse port forwarding

Single layer Port forwarding (1)

Note: here we use win08 to represent the local host and win7 to represent the border host

First, perform snooping on win08 to forward all traffic from external port 53 to local port 888

Socat.exe tcp-listen:53 tcp-listen:888

Then execute the command on win7 to forward 3389 of the local traffic to port 53 of win08

Socat.exe tcp-connect:192.168.222.175:53 tcp:127.0.0.1:3389

Then go back to win08's machine and perform a remote desktop connection

Successful landing

Single layer Port forwarding (2)

In addition to being forwarded locally, traffic can also be forwarded directly to the private network host.

First perform monitoring locally

Socat.exe tcp-listen:53 tcp-listen:111

Execute the command on the border machine win08, 10.1.111.226 is my local address

Socat.exe tcp-connect:10.1.111.226:53 tcp:192.168.222.137:3389

Then go back locally and use mstsc to make a remote connection

Successful landing

Note: there may be other situations such as automatic disconnection of socat timeout. If you execute it a few more times, it will be successful.

Multilayer port forwarding

If further intranet machines are found in the intranet, we can use multi-layer port forwarding. We assume here that the IP is 192.168.222.134 and my local address is 10.1.111.226.

First of all, we monitor on the local machine.

Socat.exe tcp-listen:53 tcp-listen:1000

Then perform forwarding to the border machine win08

Socat.exe tcp4-listen:55,reuseaddr,fork tcp4:10.1.111.226:53

Finally, perform forwarding on the private network machine win7

Socat.exe tcp-connect:192.168.222.175:55 tcp:192.168.222.134:22

Finally, go back to the local area and connect to the ssh in the layer 2 intranet.

Is it helpful for you to read the above content? If you want to know more about the relevant knowledge or read more related articles, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.