登录/ 注册
 找回密码
 立即注册
关闭

CSDN热搜

程序园 精品问答 技术交流 资源下载
返回列表 发新帖
首页 业界区 业界 如何使用 websocket 完成 socks5 网络穿透

如何使用 websocket 完成 socks5 网络穿透

硫辨姥 2025-6-2 23:53:02
有盆友好奇所谓的网络穿透是怎么做的
然后talk is cheap,please show code
所以只好写个简单且常见的websocket例子,
这里的例子大致是这个原理
浏览器插件(或者其他)首先将正常访问请求  --> 转换为socks5访问 --> 假代理服务器建立websocket链接,然后传输socks5协议数据 --> 允许websocket的网关由于不解析websocket数据而不知道是socks5所以未做拦截 --> 真代理服务器从websocket中解析socks5进行转发处理
代码如下
Socks5 --> websocket 端
  1. internal class Socks5ToWSMiddleware : ITcpProxyMiddleware
  2. {
  3.     private readonly IForwarderHttpClientFactory httpClientFactory;
  4.     private readonly ILoadBalancingPolicyFactory loadBalancing;
  5.     private readonly ProxyLogger logger;
  6.     private readonly TimeProvider timeProvider;
  8.     public Socks5ToWSMiddleware(IForwarderHttpClientFactory httpClientFactory, ILoadBalancingPolicyFactory loadBalancing, ProxyLogger logger, TimeProvider timeProvider)
  9.     {
  10.         this.httpClientFactory = httpClientFactory;
  11.         this.loadBalancing = loadBalancing;
  12.         this.logger = logger;
  13.         this.timeProvider = timeProvider;
  14.     }
  16.     public Task InitAsync(ConnectionContext context, CancellationToken token, TcpDelegate next)
  17.     {
  18.         // 过滤符合的路由配置
  19.         var feature = context.Features.Get<IL4ReverseProxyFeature>();
  20.         if (feature is not null)
  21.         {
  22.             var route = feature.Route;
  23.             if (route is not null && route.Metadata is not null
  24.                 && route.Metadata.TryGetValue("socks5ToWS", out var b) && bool.TryParse(b, out var isSocks5) && isSocks5)
  25.             {
  26.                 feature.IsDone = true;
  27.                 route.ClusterConfig?.InitHttp(httpClientFactory);
  28.                 return Proxy(context, feature, token);
  29.             }
  30.         }
  31.         return next(context, token);
  32.     }
  34.     private async Task Proxy(ConnectionContext context, IL4ReverseProxyFeature feature, CancellationToken token)
  35.     { // loadBalancing 选取有效 ip
  36.         var route = feature.Route;
  37.         var cluster = route.ClusterConfig;
  38.         DestinationState selectedDestination;
  39.         if (cluster is null)
  40.         {
  41.             selectedDestination = null;
  42.         }
  43.         else
  44.         {
  45.             selectedDestination = feature.SelectedDestination;
  46.             selectedDestination ??= loadBalancing.PickDestination(feature);
  47.         }
  49.         if (selectedDestination is null)
  50.         {
  51.             logger.NotFoundAvailableUpstream(route.ClusterId);
  52.             Abort(context);
  53.             return;
  54.         }
  55.         selectedDestination.ConcurrencyCounter.Increment();
  56.         try
  57.         {
  58.             await SendAsync(context, feature, selectedDestination, cluster, route.Transformer, token);
  59.             selectedDestination.ReportSuccessed();
  60.         }
  61.         catch
  62.         {
  63.             selectedDestination.ReportFailed();
  64.             throw;
  65.         }
  66.         finally
  67.         {
  68.             selectedDestination.ConcurrencyCounter.Decrement();
  69.         }
  70.     }
  72.     private async Task<ForwarderError> SendAsync(ConnectionContext context, IL4ReverseProxyFeature feature, DestinationState selectedDestination, ClusterConfig? cluster, IHttpTransformer transformer, CancellationToken token)
  73.     {
  74.         // 创建 websocket 请求, 这里为了简单,只创建简单 http1.1 websocket
  75.         var destinationPrefix = selectedDestination.Address;
  76.         if (destinationPrefix is null || destinationPrefix.Length < 8)
  77.         {
  78.             throw new ArgumentException("Invalid destination prefix.", nameof(destinationPrefix));
  79.         }
  80.         var route = feature.Route;
  81.         var requestConfig = cluster.HttpRequest ?? ForwarderRequestConfig.Empty;
  82.         var httpClient = cluster.HttpMessageHandler ?? throw new ArgumentNullException("httpClient");
  83.         var destinationRequest = new HttpRequestMessage();
  84.         destinationRequest.Version = HttpVersion.Version11;
  85.         destinationRequest.VersionPolicy = HttpVersionPolicy.RequestVersionOrLower;
  86.         destinationRequest.Method = HttpMethod.Get;
  87.         destinationRequest.RequestUri ??= new Uri(destinationPrefix, UriKind.Absolute);
  88.         destinationRequest.Headers.TryAddWithoutValidation(HeaderNames.Connection, HeaderNames.Upgrade);
  89.         destinationRequest.Headers.TryAddWithoutValidation(HeaderNames.Upgrade, HttpForwarder.WebSocketName);
  90.         destinationRequest.Headers.TryAddWithoutValidation(HeaderNames.SecWebSocketVersion, "13");
  91.         destinationRequest.Headers.TryAddWithoutValidation(HeaderNames.SecWebSocketKey, ProtocolHelper.CreateSecWebSocketKey());
  92.         destinationRequest.Content = new EmptyHttpContent();
  93.         if (!string.IsNullOrWhiteSpace(selectedDestination.Host))
  94.         {
  95.             destinationRequest.Headers.TryAddWithoutValidation(HeaderNames.Host, selectedDestination.Host);
  96.         }
  97.         
  98.         // 建立websocket 链接,成功则直接 复制原始 req/resp 数据,不做任何而外处理
  99.         var destinationResponse = await httpClient.SendAsync(destinationRequest, token);
  100.         if (destinationResponse.StatusCode == HttpStatusCode.SwitchingProtocols)
  101.         {
  102.             using var destinationStream = await destinationResponse.Content.ReadAsStreamAsync(token);
  103.             var clientStream = new DuplexPipeStreamAdapter<Stream>(null, context.Transport, static i => i);
  104.             var activityCancellationSource = ActivityCancellationTokenSource.Rent(route.Timeout);
  105.             var requestTask = StreamCopier.CopyAsync(isRequest: true, clientStream, destinationStream, StreamCopier.UnknownLength, timeProvider, activityCancellationSource,
  106.                 autoFlush: destinationResponse.Version == HttpVersion.Version20, token).AsTask();
  107.             var responseTask = StreamCopier.CopyAsync(isRequest: false, destinationStream, clientStream, StreamCopier.UnknownLength, timeProvider, activityCancellationSource, token).AsTask();
  109.             var task = await Task.WhenAny(requestTask, responseTask);
  110.             await clientStream.DisposeAsync();
  111.             if (task.IsCanceled)
  112.             {
  113.                 Abort(context);
  114.                 activityCancellationSource.Cancel();
  115.                 if (task.Exception is not null)
  116.                 {
  117.                     throw task.Exception;
  118.                 }
  119.             }
  120.         }
  121.         else
  122.         {
  123.             Abort(context);
  124.             return ForwarderError.UpgradeRequestDestination;
  125.         }
  127.         return ForwarderError.None;
  128.     }
  130.     public Task<ReadOnlyMemory<byte>> OnRequestAsync(ConnectionContext context, ReadOnlyMemory<byte> source, CancellationToken token, TcpProxyDelegate next)
  131.     {
  132.         return next(context, source, token);
  133.     }
  135.     public Task<ReadOnlyMemory<byte>> OnResponseAsync(ConnectionContext context, ReadOnlyMemory<byte> source, CancellationToken token, TcpProxyDelegate next)
  136.     {
  137.         return next(context, source, token);
  138.     }
  140.     private static void Abort(ConnectionContext upstream)
  141.     {
  142.         upstream.Transport.Input.CancelPendingRead();
  143.         upstream.Transport.Output.CancelPendingFlush();
  144.         upstream.Abort();
  145.     }
  146. }
复制代码
websocket --> Socks5 端
  1. internal class WSToSocks5HttpMiddleware : IMiddleware
  2. {
  3.     private static ReadOnlySpan<byte> EncodedWebSocketKey => "258EAFA5-E914-47DA-95CA-C5AB0DC85B11"u8;
  4.     private WebSocketMiddleware middleware;
  5.     private readonly Socks5Middleware socks5Middleware;
  7.     public WSToSocks5HttpMiddleware(IOptions<WebSocketOptions> options, ILoggerFactory loggerFactory, Socks5Middleware socks5Middleware)
  8.     {
  9.         middleware = new WebSocketMiddleware(Scoks5, options, loggerFactory);
  10.         this.socks5Middleware = socks5Middleware;
  11.     }
  13.     private async Task Scoks5(HttpContext context)
  14.     {
  15.         var upgradeFeature = context.Features.Get<IHttpUpgradeFeature>();
  16.         // 检查是否未正确 websocket 请求
  17.         var f = context.Features.Get<IHttpWebSocketFeature>();
  18.         if (f.IsWebSocketRequest)
  19.         {
  20.             // 返回 websocket 接受信息
  21.             var responseHeaders = context.Response.Headers;
  22.             responseHeaders.Connection = HeaderNames.Upgrade;
  23.             responseHeaders.Upgrade = HttpForwarder.WebSocketName;
  24.             responseHeaders.SecWebSocketAccept = CreateResponseKey(context.Request.Headers.SecWebSocketKey.ToString());
  26.             var stream = await upgradeFeature!.UpgradeAsync(); // Sets status code to 101
  27.             
  28.             // 建原始 websocket stream 包装成 pipe 方便使用原来的 socks5Middleware 实现
  29.             var memoryPool = context is IMemoryPoolFeature s ? s.MemoryPool : MemoryPool<byte>.Shared;
  30.             StreamPipeReaderOptions readerOptions = new StreamPipeReaderOptions
  31.             (
  32.                 pool: memoryPool,
  33.                 bufferSize: memoryPool.GetMinimumSegmentSize(),
  34.                 minimumReadSize: memoryPool.GetMinimumAllocSize(),
  35.                 leaveOpen: true,
  36.                 useZeroByteReads: true
  37.             );
  39.             var writerOptions = new StreamPipeWriterOptions
  40.             (
  41.                 pool: memoryPool,
  42.                 leaveOpen: true
  43.             );
  45.             var input = PipeReader.Create(stream, readerOptions);
  46.             var output = PipeWriter.Create(stream, writerOptions);
  47.             var feature = context.Features.Get<IReverseProxyFeature>();
  48.             var route = feature.Route;
  49.             using var cts = CancellationTokenSourcePool.Default.Rent(route.Timeout);
  50.             var token = cts.Token;
  51.             context.Features.Set<IL4ReverseProxyFeature>(new L4ReverseProxyFeature() { IsDone = true, Route = route });
  52.             // socks5Middleware 进行转发
  53.             await socks5Middleware.Proxy(new WebSocketConnection(context.Features)
  54.             {
  55.                 Transport = new WebSocketDuplexPipe() { Input = input, Output = output },
  56.                 ConnectionId = context.Connection.Id,
  57.                 Items = context.Items,
  58.             }, null, token);
  59.         }
  60.         else
  61.         {
  62.             context.Response.StatusCode = StatusCodes.Status400BadRequest;
  63.         }
  64.     }
  66.     public static string CreateResponseKey(string requestKey)
  67.     {
  68.         // "The value of this header field is constructed by concatenating /key/, defined above in step 4
  69.         // in Section 4.2.2, with the string "258EAFA5-E914-47DA-95CA-C5AB0DC85B11", taking the SHA-1 hash of
  70.         // this concatenated value to obtain a 20-byte value and base64-encoding"
  71.         // https://tools.ietf.org/html/rfc6455#section-4.2.2
  73.         // requestKey is already verified to be small (24 bytes) by 'IsRequestKeyValid()' and everything is 1:1 mapping to UTF8 bytes
  74.         // so this can be hardcoded to 60 bytes for the requestKey + static websocket string
  75.         Span<byte> mergedBytes = stackalloc byte[60];
  76.         Encoding.UTF8.GetBytes(requestKey, mergedBytes);
  77.         EncodedWebSocketKey.CopyTo(mergedBytes[24..]);
  79.         Span<byte> hashedBytes = stackalloc byte[20];
  80.         var written = SHA1.HashData(mergedBytes, hashedBytes);
  81.         if (written != 20)
  82.         {
  83.             throw new InvalidOperationException("Could not compute the hash for the 'Sec-WebSocket-Accept' header.");
  84.         }
  86.         return Convert.ToBase64String(hashedBytes);
  87.     }
  89.     public Task InvokeAsync(HttpContext context, RequestDelegate next)
  90.     {
  91.        // 过滤符合的路由配置
  92.         var feature = context.Features.Get<IReverseProxyFeature>();
  93.         if (feature is not null)
  94.         {
  95.             var route = feature.Route;
  96.             if (route is not null && route.Metadata is not null
  97.                 && route.Metadata.TryGetValue("WSToSocks5", out var b) && bool.TryParse(b, out var isSocks5) && isSocks5)
  98.             {
  99.                 // 这里偷个懒,利用现成的 WebSocketMiddleware 检查 websocket 请求,
  100.                 return middleware.Invoke(context);
  101.             }
  102.         }
  103.         return next(context);
  104.     }
  105. }
  107. internal class WebSocketConnection : ConnectionContext
  108. {
  109.     public WebSocketConnection(IFeatureCollection features)
  110.     {
  111.         this.features = features;
  112.     }
  114.     public override IDuplexPipe Transport { get; set; }
  115.     public override string ConnectionId { get; set; }
  117.     private IFeatureCollection features;
  118.     public override IFeatureCollection Features => features;
  120.     public override IDictionary<object, object?> Items { get; set; }
  121. }
  123. internal class WebSocketDuplexPipe : IDuplexPipe
  124. {
  125.     public PipeReader Input { get; set; }
  127.     public PipeWriter Output { get; set; }
  128. }
复制代码
所以利用 websocket 伪装的例子大致就是这样就可以完成 tcp的 socks5 处理了 udp我就不来了
最后有兴趣的同学给 L4/L7的代理 VKProxy 点个赞呗 (暂时没有使用文档,等啥时候有空把配置ui站点完成了再来吧)

来源:程序园用户自行投稿发布,如果侵权,请联系站长删除
免责声明:如果侵犯了您的权益,请联系站长,我们会及时删除侵权内容,谢谢合作!

使用道具 举报
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 立即注册
发帖
硫辨姥
2025-6-2 23:53:02

0

粉丝关注

16

主题发布

板块介绍填写区域,请于后台编辑
微信扫一扫