Mallory : HTTP/HTTPS Proxy Over SSH

Mallory is a HTTP/HTTPS proxy over SSH tool.

Installation

  • Local machine: go get github.com/justmao945/mallory/cmd/mallory
  • Remote server: need our old friend sshd

Configueration

Config File

Default path is $HOME/.config/mallory.json, can be set when start program

mallory -config path/to/config.json

Content:

  • id_rsa is the path to our private key file, can be generated by ssh-keygen
  • local_smart is the local address to serve HTTP proxy with smart detection of destination host
  • local_normal is similar to local_smart but send all traffic through remote SSH server without destination host detection
  • remote is the remote address of SSH server
  • blocked is a list of domains that need use proxy, any other domains will connect to their server directly

Also Read – DrMemory : Memory Debugger for Windows, Linux, Mac & Android

{
“id_rsa”: “$HOME/.ssh/id_rsa”,
“local_smart”: “:1315”,
“local_normal”: “:1316”,
“remote”: “ssh://user@vm.me:22”,
“blocked”: [
“angularjs.org”,
“golang.org”,
“google.com”,
“google.co.jp”,
“googleapis.com”,
“googleusercontent.com”,
“google-analytics.com”,
“gstatic.com”,
“twitter.com”,
“youtube.com”
]
}

Blocked list in config file will be reloaded automatically when updated, and you can do it manually:

#send signal to reload
kill -USR2
#or use reload command by sending http request
mallory -reload

System config

  • Set both HTTP and HTTPS proxy to localhost with port 1315 to use with block list
  • Set env var http_proxy and https_proxy to localhost:1316 for terminal usage

Get the right suffix name for a domain

mallory -suffix www.google.com

A simple command to forward all traffic for the given port

#install it: go get github.com/justmao945/mallory/cmd/forward

#all traffic through port 20022 will be forwarded to destination.com:22
forward -network tcp -listen :20022 -forward destination.com:22

#you can ssh to destination:22 through localhost:20022
ssh root@localhost -p 20022

R K

Recent Posts

How to Install Docker on Ubuntu (Step-by-Step Guide)

Docker is a powerful open-source containerization platform that allows developers to build, test, and deploy…

4 days ago

Uninstall Docker on Ubuntu

Docker is one of the most widely used containerization platforms. But there may come a…

4 days ago

Admin Panel Dorks : A Complete List of Google Dorks

Introduction Google Dorking is a technique where advanced search operators are used to uncover information…

5 days ago

Log Analysis Fundamentals

Introduction In cybersecurity and IT operations, logging fundamentals form the backbone of monitoring, forensics, and…

6 days ago

Networking Devices 101: Understanding Routers, Switches, Hubs, and More

What is Networking? Networking brings together devices like computers, servers, routers, and switches so they…

7 days ago

Sock Puppets in OSINT: How to Build and Use Research Accounts

Introduction In the world of Open Source Intelligence (OSINT), anonymity and operational security (OPSEC) are…

1 week ago