github/vim-ale
1
0
Fork 0
mirror of https://github.com/webinstall/webi-installers.git synced 2026-03-03 18:00:18 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
2b37afbc94de76e3c58a28cafdaf9f1a5b9cc434
vim-ale/sclient/README.md
AJ ONeal 9aa31c5167 add sclient
2020-12-02 15:49:57 -07:00

120 lines
2.6 KiB
Markdown
Raw Blame History

---
title: sclient
homepage: https://github.com/therootcompany/sclient
tagline: |
sclient: a cross-platform tool to unwrap TLS as plain text.
---
To update or switch versions, run `webi sclient@stable`.
## Cheat Sheet
> sclient unwraps encrypted connections (HTTPS/TLS/SSL) so that you can work
> with them as as plain text (or binary). Great for debugging web services, and
> security research.
>
> Think of it like netcat (or socat) + openssl s_client.
You can _literally_ use this on example.com:
```bash
sclient example.com:443 localhost:3000
```
To use it with an http client, just set the Host header to the original domain:
```bash
curl -H "Host: example.com" http://localhost:3000
```
```html
<!DOCTYPE html>
<html>
<body>
<h1>Example Domain</h1>
This domain is for use in illustrative examples in documents. You may use
this domain in literature without prior coordination or asking for
permission.
<a href="https://www.iana.org/domains/example">More information...</a>
</body>
</html>
```
### How to Proxy SSH over SSL
SSH can be tunneled within HTTPS, TLS, SSL, WebSockets, etc.
```bash
ssh -o ProxyCommand="sclient %h" jon.telebit.io
```
This is useful to be able to connect to SSH even from behind a corporate
packet-inspection firewall. It can also be used to multiplex and relay multiple
ssh connections through a single host.
### How to unwrap TLS for Telnet (HTTP/HTTPS)
```bash
sclient example.com:443 localhost:3000
```
```bash
telnet localhost 3000
```
### How to unwrap TLS for SMTP/SMTPS/STARTTLS
```bash
sclient smtp.gmail.com:465 localhost:2525
```
```bash
telnet localhost 2525
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 smtp.gmail.com ESMTP c79-v6sm37968282pfb.147 - gsmtp
```
### How to use with stdin / stdout
```bash
sclient whatever.com -
```
Use just like netcat or telnet. A manual HTTP request, for example:
```txt
> GET / HTTP/1.1
> Host: whatever.com
> Connection: close
>
```
### How to pipe connections
```bash
printf "GET / HTTP/1.1\r\nHost: telebit.cloud\r\n\r\n" | sclient telebit.cloud
```
### How to Spoof SNI
Sometimes you want to check to see if your site is vulnerable to SNI-spoofing
attacks, such as Domain Fronting.
The literal domains `example.net` and `example.com` are _actually_ vulnerable to
SNI spoofing:
```bash
sclient --servername example.net example.com:443 localhost:3000
curl -H "example.com" http://localhost:3000
```
Most domains, however, are not:
```bash
sclient --servername google.net google.com:443 localhost:3000
curl -H "google.com" http://localhost:3000
```
Reference in New Issue View Git Blame Copy Permalink