X-Git-Url: https://git.josue.xyz/?a=blobdiff_plain;f=sclient%2FREADME.md;fp=sclient%2FREADME.md;h=db356ac2516a28d562663d5a3a329a40e5b9386f;hb=9aa31c51676f22996a1f26d921d3acb037f5cfad;hp=0000000000000000000000000000000000000000;hpb=9726de49670ecb53d02d5eb9218e62324e15c821;p=webi-installers%2F.git diff --git a/sclient/README.md b/sclient/README.md new file mode 100644 index 0000000..db356ac --- /dev/null +++ b/sclient/README.md @@ -0,0 +1,119 @@ +--- +title: sclient +homepage: https://github.com/therootcompany/sclient +tagline: | + sclient: a cross-platform tool to unwrap TLS as plain text. +--- + +To update or switch versions, run `webi sclient@stable`. + +## Cheat Sheet + +> sclient unwraps encrypted connections (HTTPS/TLS/SSL) so that you can work +> with them as as plain text (or binary). Great for debugging web services, and +> security research. +> +> Think of it like netcat (or socat) + openssl s_client. + +You can _literally_ use this on example.com: + +```bash +sclient example.com:443 localhost:3000 +``` + +To use it with an http client, just set the Host header to the original domain: + +```bash +curl -H "Host: example.com" http://localhost:3000 +``` + +```html + + + +

Example Domain

+ This domain is for use in illustrative examples in documents. You may use + this domain in literature without prior coordination or asking for + permission. + More information... + + +``` + +### How to Proxy SSH over SSL + +SSH can be tunneled within HTTPS, TLS, SSL, WebSockets, etc. + +```bash +ssh -o ProxyCommand="sclient %h" jon.telebit.io +``` + +This is useful to be able to connect to SSH even from behind a corporate +packet-inspection firewall. It can also be used to multiplex and relay multiple +ssh connections through a single host. + +### How to unwrap TLS for Telnet (HTTP/HTTPS) + +```bash +sclient example.com:443 localhost:3000 +``` + +```bash +telnet localhost 3000 +``` + +### How to unwrap TLS for SMTP/SMTPS/STARTTLS + +```bash +sclient smtp.gmail.com:465 localhost:2525 +``` + +```bash +telnet localhost 2525 + +Trying 127.0.0.1... +Connected to localhost. +Escape character is '^]'. +220 smtp.gmail.com ESMTP c79-v6sm37968282pfb.147 - gsmtp +``` + +### How to use with stdin / stdout + +```bash +sclient whatever.com - +``` + +Use just like netcat or telnet. A manual HTTP request, for example: + +```txt +> GET / HTTP/1.1 +> Host: whatever.com +> Connection: close +> +``` + +### How to pipe connections + +```bash +printf "GET / HTTP/1.1\r\nHost: telebit.cloud\r\n\r\n" | sclient telebit.cloud +``` + +### How to Spoof SNI + +Sometimes you want to check to see if your site is vulnerable to SNI-spoofing +attacks, such as Domain Fronting. + +The literal domains `example.net` and `example.com` are _actually_ vulnerable to +SNI spoofing: + +```bash +sclient --servername example.net example.com:443 localhost:3000 +curl -H "example.com" http://localhost:3000 +``` + +Most domains, however, are not: + +```bash +sclient --servername google.net google.com:443 localhost:3000 +curl -H "google.com" http://localhost:3000 +```