Why not just use SSH?

[MarioVilas]

Or socat, or netcat, or... :)

[MarioVilas]

Sorry if I come across as rude, I just don't quite imagine a situation where I would need this project instead of the well-known tools...

[Natureshadow]

I asked myself the same thing :D. What this thing does has existed for years, only that shootback seems to lack all security.

[s1l0uk]

I would have agreed with you both till last week when I worked with a client who shall remain nameless... they had none of the above installed.

In that situation this would have been very useful "Here download this and try..." instead of teaching the other admin how to do sockets in python.

Only my humble opiniom - tools on here are offered under opensource license out of the goodness of the developers heart - if you dont need it then dont use it - the community will probably not care ;-)

[Natureshadow]

I would have agreed with you both till last week when I worked with a client who shall remain nameless... they had none of the above installed.

In that situation this would have been very useful "Here download this and try..." instead of teaching the other admin how to do sockets in python.

Huh? Installing openssh-client from any distribution sure is no more complex than installing this thing here by hand.

Only my humble opiniom - tools on here are offered under opensource license out of the goodness of the developers heart - if you dont need it then dont use it - the community will probably not care ;-)

I see it as a duty of experienced and qualofied sysadmins to protect less experienced users from needlessly opening security holes in their systems.

[s1l0uk]

Yeah try doing that when your instances are inside a network and generic packages are not available via yum/apt (ie the infosec team have crippled the yum / apt.d sources for security)

Also how are you going to use SSH when I have blocked it on egress?

I see it as my duty to educate those who have spent too much time in their own environment and dont see the world outside their ivory tower :-)

[MarioVilas]

I would argue that uploading the netcat binary is much easier than installing a Python program as complex as this one. Also useful in "real life" pentesting (meaning, you don't get to talk to the sysadmin at all, and you don't make changes to the system).

As for the "SSH is blocked" question, you can just move it to another port. I, for one, never set up Internet-facing SSH servers on port 22.

[aploium]

Actually, I wrote this because I'm learning python socket programming, This was my first program in socket operation. Then I found it useful in some cases, so uploaded it to github.

well, some how, it became popular, I don't know why, maybe many people are facing similar scenario.

For security and production use, you can use ngrok or just SSH -R instead

btw, I had used this in a CTF competition, in that case, SSH and ngrok are not able to handle.

[MarioVilas]

Thanks for your answer. I had imagined that could be the case, but I wanted to make sure I wasn't missing something here. :)

[zjuchenyuan]

@MarioVilas For stability, shootback is much better than ncat and SSH shootback will maintain some not just one connections

[Crapula-Alligator]

@zjuchenyuan SSH is quite stable for multiple connections. Ncat of course is not.

[Natureshadow]

I have had SSH tunnels running for months.

[OneB1t]

We needed Tool running stable on Windows server 2008 (just epic... ) And found out that this Is working much better than socat/netcat/portfusion stability on Windows Is much better

Ssh Is pain on Windows environments...i can see why this Is si popular Its a nice project

[DaMatrix]

ssh tunnels will have congestion issues when handling lots of connections (since it's all transferred through a single TCP socket), whereas this allows individual congestion control for each session.