sclient
v1.4.3
Published
Secure Client for exposing TLS (aka SSL) secured services as plain-text connections locally. Also ideal for multiplexing a single port with multiple protocols using SNI.
Downloads
1,465
Maintainers
Readme
sclient.js
Secure Client for exposing TLS (aka SSL) secured services as plain-text connections locally.
Also ideal for multiplexing a single port with multiple protocols using SNI.
Unwrap a TLS connection:
$ sclient whatever.com:443 localhost:3000
> [listening] whatever.com:443 <= localhost:3000
Connect via Telnet
$ telnet localhost 3000
Connect via netcat (nc)
$ nc localhost 3000
cURL
$ curl http://localhost:3000 -H 'Host: whatever.com'
Inverse SSH proxy (ssh over https):
$ sclient ssh [email protected]
(this is the same as a normal SSH Proxy, just easier to type):
$ ssh -o ProxyCommand="sclient %h" [email protected]
Inverse rsync proxy (rsync over https):
$ sclient rsync [email protected]:path/ path/
A poor man's (or Windows user's) makeshift replacement for openssl s_client
, stunnel
, or socat
.
Install
macOS, Linux, Windows
First download and install the current version of node.js
npm install -g sclient
npx sclient example.com:443 localhost:3000
Usage
sclient [flags] [ssh|rsync] <remote> [local]
- flags
-k, --insecure
ignore invalid TLS (SSL/HTTPS) certificates--servername <string>
spoof SNI (to disable use IP as <remote> and do not use this option)
- remote
- must have servername (i.e. example.com)
- port is optional (default is 443)
- local
- address is optional (default is localhost)
- must have port (i.e. 3000)
Examples
Bridge between telebit.cloud
and local port 3000
.
sclient telebit.cloud 3000
Same as above, but more explicit
sclient telebit.cloud:443 localhost:3000
Ignore a bad TLS/SSL/HTTPS certificate and connect anyway.
sclient -k badtls.telebit.cloud:443 localhost:3000
Reading from stdin
sclient telebit.cloud:443 -
sclient telebit.cloud:443 - </path/to/file
ssh over https
sclient ssh [email protected]
rsync over https
sclient rsync -av [email protected]:my-project/ ~/my-project/
Piping
printf "GET / HTTP/1.1\r\nHost: telebit.cloud\r\n\r\n" | sclient telebit.cloud:443
Testing for security vulnerabilities on the remote:
sclient --servername "Robert'); DROP TABLE Students;" -k example.com localhost:3000
sclient --servername "../../../.hidden/private.txt" -k example.com localhost:3000