SBM Labs

Cyber Security Collaboration Project

Bypass firewall using HTTP tunnel
21 Sep 2013

We are going to look how we can bypass corporate firewall using HTTP tunnel. This technology allows incapsulate network traffic in HTTP packets. Then it will be sent to the HTTP tunnel server, retrieved and forwarded to the destination host. So you can access to any host by any port if HTTP traffic is not restricted on the firewall.

Let's do it.

We need:
1. Ubuntu Desktop 12.04 LTS with restricted outgoing connections by SSH (TCP/22).
2. Ubuntu Server 12.04 LTS without any network restrictions.
3. Software HTTPTunnel (http://http-tunnel.sourceforge.net) for Linux.

Installation of HTTPTunnel.

Software HTTPTunnel has client and server parts.

1. Extract archive by command tar xzf HTTPTunnel_*.tgz.
2. Copy folder "common" to folder "perl" by command cp -R common perl.
3. Go to the folder perl by command cd perl.
4. Run script by command perl httptunnel_client.pl for desktop and perl httptunnel_server.pl for server.

Then HTTPTunnel will be available for configuration through web interface http://localhost:1079 for client and http://localhost for server.

Configuration of HTTPTunnel client.

Add entry to Portmapping Proxi.
1. map port – client port (for example, 7788).
2. to port - destination port (for example, 22).
3. on server - destination server (for example, ssh.alwaysdata.com).
4. description - any comment.

Then go the tab "Tunnel Server" and configure IP address of the HTTPTunnel server. Scripts will not work during 5-10 seconds after you save configuration.

Configuration of HTTPTunnel server.

We should check that our HTTPTunnel server accept connections on TCP/80.

Test.