I would like to know how HTTP tunnels work. I tried Google but didn't find what I was looking for.
As far as I know HTTP proxies are like reverse proxys. You request a website, HTTP proxy gets and understands this request and sends it to the origial server. Answer goes from original server to HTTP proxy and back to your PC. Other than SOCKS proxy which just tunnel TCP/IP, a HTTP proxy reads the HTTP-Request, right?
If that is right, here is my question:
How can you tunnel other protocols through an HTTP proxy? E.g. Instant Messengers offer such proxy settings and they use their own protocol.
Answer
Besides the usual GET
/POST
/HEAD
/PUT
, many HTTP proxy servers understand an additional CONNECT
request, which establishes a raw TCP connection to the remote host. This is required to properly support HTTPS, but can often be used for other protocols.
$ nc proxy.example.com 8080
-> CONNECT mail.example.com:587 HTTP/1.0
->
<- HTTP/1.0 200 Connection Established
<- Proxy-agent: Apache/2.2.19 (Debian)
<-
<- 220 mail.example.com ESMTP Badger badger badger badger badger postfix postfix!
-> ehlo grawity-pc
<- 250-mail.example.com
<- 250-PIPELINING
<- 250-SIZE 10240000
<- 250-STARTTLS
<- 250-ENHANCEDSTATUSCODES
<- 250-8BITMIME
<- 250 DSN
-> quit
<- 221 2.0.0 Bye
No comments:
Post a Comment