Skip to content

lander0s/ping-tunnel

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

55 Commits

libs

libs

 
 

src

src

 
 

win/vs2019

win/vs2019

 
 

.gitignore

.gitignore

 
 

LICENSE.md

LICENSE.md

 
 

README.md

README.md

 
 

makefile

makefile

 
 

ping-tunnel.json

ping-tunnel.json

 
 

Repository files navigation

Ping-Tunnel

Firewall evasion using ICMP tunnel

This tool is based on ptunnel, it allows you to reliably tunnel TCP connections to a remote host using ICMP echo request and reply packets, commonly known as ping requests and replies

Use case

You are being blocked by a firewall when attempting to connect to a certain host but you can send and receive pings, then you can tunnel your TCP connections using this "ping proxy"

In contrast with ptunnel, this tool:

  • Allows you to forward multiple TCP ports to different destinations at the same time (see config file)
  • Works on Windows 10 (No MinGW required)

Supported platforms

  • Windows 10
  • Linux

Usage

Display help with ping-tunnel -h

Available options:
  -h, --help        produce this help message
  -q, --quiet       reduce verbosity
  -l, --list        display a list of available network interfaces
  -c, --config arg  specifies the configuration file to use

        config file defaults to ./ping-tunnel.json

Run the server facet using a configuration file like this one:

{
    "run_as_proxy"      : true,
    "network_interface" : "eth0",
}

Run the client facet using a configuration file like this one:

{
    "run_as_proxy"      : false,
    "proxy_address"     : "192.168.0.9",
    "network_interface" : "eth0",
    "port_forwarding" : [
        {
            "description"         : "SMTP server",
            "local_port"          : 25,
            "destination_port"    : 25,
            "destination_address" : "otherserver.com"
        },
        {
            "description"         : "IMAP server",
            "local_port"          : 143,
            "destination_port"    : 143,
            "destination_address" : "otherserver.com"
        },
        {
            "description"         : "Mysql server",
            "local_port"          : 3306,
            "destination_port"    : 3306,
            "destination_address" : "192.168.0.9"
        }
    ]
}

You have to run both facets as root/administrator. Once you have everything up and running you can connect to your client (the local ports in the config file) and they will behave as if they were the destination address/port, acting as a transparent proxy.

Compilation

Windows

For Windows you can use the Visual Studio 2019 project located at /win/vs2019
Before running the program you need to install npcap (the pcap for Windows 10)

Linux

install dependencies

sudo apt install libpcap0.8 libpcap-dev

and compile

make

License

MIT

Credits

This project uses:

  • json JSON library for Modern C++
  • popl Program options parser library
  • npcap Packet sniffing library for Windows 10
  • libpcap Packet sniffing library for Linux

Author

David Landeros dh.landeros08@gmail.com

About

Firewall evasion with ICMP Tunnel

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages