TCP Tunnel via an HTTP Resource...

eduardo has asked for the wisdom of the Perl Monks concerning the following question:

I have a quick question as to how to address a problem, whether it is even doable, and what tools are out there that may help me solve this problem. I need to be able to deploy a secure terminal emulator through the web. My idea is: "it should be possible using mod_perl to write a handler, that when Apache receives a request for /foo/ssh_resource it creates a tunnel between the client that connected (a modified SSH applet that sends the GET request, and then drops down into the SSH protocol) and a SSH daemon on the internal network somewhere." My question is twofold:

A) is this doable? Is it possible to hijack an HTTP request after the GET in Apache (most likely using mod_perl) and basically connect it to a SSH daemon? (for ease on this first iteration, the SSH daemon can be on the localhost on an unblocked port to connections comming *from* the localhost)

b) has anyone does this before? can I get some pointers to tools? how would I go about this? Thanks in advance!

Comment on TCP Tunnel via an HTTP Resource...

Replies are listed 'Best First'.
Re: TCP Tunnel via an HTTP Resource... by gildir (Pilgrim) on Oct 17, 2001 at 18:49 UTC
A) Not that way. You will be violating HTTP protocol and that wont get through proxy. Even an IDS might rise an alarm, if target network use such a device. Easy detectable, generaly not working. But there is a solution. Split TCP stream to a 'packets' of data and then transfer these data as a 'CGI script' arguments. Maybe like this: `/cgi-bin/covert.pl?data=34a5c7ef04 /cgi-bin/covert.pl?data=20374a53752042` [download] The back channel will be the 'CGI' response. This way you are efectively making a covert channel, practicaly undetectable. But very slow one :-) B) look for httunel on freshmeat	[reply] [d/l]
Re: TCP Tunnel via an HTTP Resource... by jackdied (Monk) on Oct 17, 2001 at 18:12 UTC
Try a search on freshmeat, and failing that google There have been several hacks that implement telnet over http, but they have large drawbacks. Primarily, you end up polling the server to get information back to the client, which makes for really bad interactive performance. If you are doing this on a restrictive network (maybe your company's http is proxied) then you will probably run into other barriers like too many requests, or transfer limits. I've tried to do this in the past, and just ended up slipping a modem into a spare box to call my home box that was connected to a cable modem. -jackdied	[reply]
Re: TCP Tunnel via an HTTP Resource... by echo (Pilgrim) on Oct 17, 2001 at 18:02 UTC
Check out MindTerm, an SSH client implemented as a Java applet.	[reply]
Re: TCP Tunnel via an HTTP Resource... by perrin (Chancellor) on Oct 17, 2001 at 17:55 UTC
You can't use a web server as a TCP tunnel. You can have a mod_perl app start up a port forwarder (like SSH), but you can't take a connection and hand it to something else without some low-level C hacking on both programs. You could try using a telnet:// or rlogin:// URL if you just want people to click on a link and have a terminal pop up.	[reply]
Re: TCP Tunnel via an HTTP Resource... by strredwolf (Chaplain) on Oct 29, 2001 at 09:07 UTC
I belive there was a "http_tunnel" somewhere along with "udp_tunnel" and "dns_tunnel" in which you can tunnel a TCP/IP connection through HTTP, UDP (reliabily), or even DNS. Check Google. Slashdot also has this. -- $Stalag99{"URL"}="http://stalag99.keenspace.com";	[reply]