github/vim-ale
1
0
Fork 0
mirror of https://github.com/webinstall/webi-installers.git synced 2026-05-16 21:56:33 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
9f28505af72ebe86257b26ecae021e9909c5f453
vim-ale/sclient
History
AJ ONeal 9f28505af7 ref: delete unreachable upstream-fetcher modules 
Stacked on the modifications PR. Now that no live code path references
the per-package fetchers, the shared HTTP/parsing helpers, the
in-process normalizer, or the example template, delete them. Pure
deletion — no behavior change.

- ~93 per-package <pkg>/releases.js fetcher modules.
- _common/{brew,fetcher,git-tag,gitea,github,github-source,
  githubish,githubish-source}.js shared HTTP/parsing helpers.
- _webi/normalize.js in-process normalization layer (cache files
  arrive normalized from webicached).
- _example/releases.js fetcher template for new packages.

The Go cache daemon (webicached) is now the sole producer of release
metadata; the Node process never makes an upstream request.
2026-05-08 16:31:59 -06:00
..
install.ps1
chore: npm run fmt
2026-03-08 19:38:49 -06:00
install.sh
refactor!(posix): use posix shebang #!/bin/sh (fix #494)
2022-08-21 07:10:33 +00:00
README.md
doc(sclient): update README Files section
2023-11-02 09:59:07 -06:00

README.md

title, homepage, tagline
title homepage tagline
sclient https://github.com/therootcompany/sclient sclient: a cross-platform tool to unwrap TLS as plain text.

To update or switch versions, run webi sclient@stable.

Files

These are the files / directories that are created and/or modified with this install:

~/.config/envman/PATH.env
~/.local/bin/sclient

Cheat Sheet

sclient unwraps encrypted connections (HTTPS/TLS/SSL) so that you can work with them as as plain text (or binary). Great for debugging web services, and security research.

Think of it like netcat (or socat) + openssl s_client.

You can literally use this on example.com:

sclient example.com:443 localhost:3000

To use it with an http client, just set the Host header to the original domain:

curl -H "Host: example.com" http://localhost:3000

<!doctype html>
<html>
  <body>
    <h1>Example Domain</h1>
    This domain is for use in illustrative examples in documents. You may use
    this domain in literature without prior coordination or asking for
    permission.
    <a href="https://www.iana.org/domains/example">More information...</a>
  </body>
</html>

How to Proxy SSH over SSL

SSH can be tunneled within HTTPS, TLS, SSL, WebSockets, etc.

ssh -o ProxyCommand="sclient --alpn ssh %h" jon.telebit.io

This is useful to be able to connect to SSH even from behind a corporate packet-inspection firewall. It can also be used to multiplex and relay multiple ssh connections through a single host.

How to unwrap TLS for Telnet (HTTP/HTTPS)

sclient example.com:443 localhost:3000

telnet localhost 3000

How to unwrap TLS for SMTP/SMTPS/STARTTLS

sclient --alpn smtp smtp.gmail.com:465 localhost:2525

telnet localhost 2525

Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 smtp.gmail.com ESMTP c79-v6sm37968282pfb.147 - gsmtp

How to use with stdin / stdout

sclient whatever.com -

Use just like netcat or telnet. A manual HTTP request, for example:

> GET / HTTP/1.1
> Host: whatever.com
> Connection: close
>

How to pipe connections

printf "GET / HTTP/1.1\r\nHost: telebit.cloud\r\n\r\n" | sclient telebit.cloud

How to Spoof SNI

Sometimes you want to check to see if your site is vulnerable to SNI-spoofing attacks, such as Domain Fronting.

The literal domains example.net and example.com are actually vulnerable to SNI spoofing:

sclient --servername example.net example.com:443 localhost:3000
curl -H "example.com" http://localhost:3000

Most domains, however, are not:

sclient --servername google.net google.com:443 localhost:3000
curl -H "google.com" http://localhost:3000
Reference in New Issue View Git Blame Copy Permalink