Tunnel SOCKS via HTTP

Tunnel arbitrary traffic via HTTP using a local SOCKS daemon and a remote PHP proxy script. By only relying on plain HTTP, default PHP instances can be used.

socks2http allows for using a remote PHP script to proxy arbitrary traffic. As it does not rely on proper HTTP proxying that requires a particular destination Host header, even shared webspace can be used for this purpose. Running as a local SOCKS4 daemon, many applications can use it natively.

Incoming connections are transparently wrapped into HTTP which are then proxied by the PHP endpoint that connects to the actual destination. By using only POST requests, the handling of CONNECT requests by intermediate proxies or a similar restriction on proxy usage gets circumvented. Also, most PHP instances would not support CONNECT handling. However, as there is no additional security layer, this is all merely for obfuscation purposes due to HTTP.

Mode of operation

                       +------------+ ----HTTP--> +-----------+         +----------+
+--------+             |            | <~~stream~~ | PHP bind  | <~~?~~> | InterWeb |
| Client | <--SOCKS--> | socks2http |             +--^-IPC-^--+         +----------+
+--------+             |            | ~~~~HTTP~~> | PHP write |                     
                       +------------+ <----OK---- +-----------+                     

Running the PHP proxy

The PHP script requires support for IPC via message queues (other methods would also be suitable), and the permission to connect to arbitrary destinations using fsockopen. This should be the case for default installations.

After uploading the script to a hoster of your choice, build and run the local proxy for example by typing:

make && ./socks2http 4444 example.com:80/proxy.php

By this means, local socks traffic at port 4444 will be tunneled to and handled by the given destination, using only direct POST requests.

Please note that the whole process is still pretty fragile and comes with a serious performance penalty, as the code is neither robust, tested, nor generally tweaked enough for “production” use at the moment.

Code & Download