Bypassing Firewall using Httptunnel

http://www.nocrew.org/software/httptunnel.html

Httptunnel creates a bidirectional virtual data path tunneled in HTTP requests. The requests can be sent via an HTTP proxy if so desired. This can be useful for users behind restrictive firewalls. If WWW access is allowed through a HTTP proxy, it's possible to use httptunnel and telnet or PPP to connect to a computer outside the firewall.

Here is how htc sends data to the destination:

1. Open TCP connection to hts

2. Send HTTP POST with a large Content-Length

3. Send TUNNEL_DATA packets until POST Content-Length would be exceeded.

4. Send TUNNEL_PADDING packets to exactly satisfy Content-Length - 1

5. Send TUNNEL_DISCONNECT (1 byte)

6. Close TCP connection

7. Go to step 1

Here is how htc gets data from the destination.

1. Open TCP connection to hts

2. Send HTTP GET

3. Wait for response from hts

4. Read TUNNEL_DATA, then TUNNEL_PADDING, TUNNEL_DISCONNECT packets

5. Close TCP connection

6. Go to step 1

Tunnel creation and destruction

This can be useful for users behind restrictive firewalls. If WWW access is allowed through a HTTP proxy, it's possible to use httptunnel and, say, telnet or PPP to connect to a computer outside the firewall.