Sans-I/O implementation of SOCKS4, SOCKS4A, and SOCKS5.
Project description
SOCKSIO
Client-side sans-I/O SOCKS proxy implementation. Supports SOCKS4, SOCKS4A, and SOCKS5.
socksio
is a sans-I/O library similar to
h11
or
h2
, this means the library itself
does not handle the actual sending of the bytes through the network, it only
deals with the implementation details of the SOCKS protocols so you can use
it in any I/O library you want.
Current status: stable
Features not yet implemented:
- SOCKS5 GSS-API authentication.
- SOCKS5 UDP associate requests.
Usage
TL;DR check the examples directory.
Being sans-I/O means that in order to test socksio
you need an I/O library.
And the most basic I/O is, of course, the standard library's socket
module.
You'll need to know ahead of time the type of SOCKS proxy you want to connect to. Assuming we have a SOCKS4 proxy running in our machine on port 8080, we will first create a connection to it:
import socket
sock = socket.create_connection(("localhost", 8080))
socksio
exposes modules for SOCKS4, SOCKS4A and SOCKS5, each of them includes
a Connection
class:
from socksio import socks4
# The SOCKS4 protocol requires a `user_id` to be supplied.
conn = socks4.SOCKS4Connection(user_id=b"socksio")
Since socksio
is a sans-I/O library, we will use the socket to send and
receive data to our SOCKS4 proxy. The raw data, however, will be created and
parsed by our SOCKS4Connection
.
We need to tell our connection we want to make a request to the proxy. We do that by first creating a request object.
In SOCKS4 we only need to send a command along with an IP address and port.
socksio
exposes the different types of commands as enumerables and a
convenience from_address
class method in the request classes to create a
valid request object:
# SOCKS4 does not allow domain names, below is an IP for google.com
request = socks4.SOCKS4Request.from_address(
socks4.SOCKS4Command.CONNECT, ("216.58.204.78", 80))
from_address
methods are available on all request classes in socksio
, they
accept addresses as tuples of (address, port)
as well as string address:port
.
Now we ask the connection to send our request:
conn.send(request)
The SOCKS4Connection
will then compose the necessary bytes
in the proper
format for us to send to our proxy:
data = conn.data_to_send()
sock.sendall(data)
If all goes well the proxy will have sent reply, we just need to read from the
socket and pass the data to the SOCKS4Connection
:
data = sock.recv(1024)
event = conn.receive_data(data)
The connection will parse the data and return an event from it, in this case, a
SOCKS4Reply
that includes attributes for the fields in the SOCKS reply:
if event.reply_code != socks4.SOCKS4ReplyCode.REQUEST_GRANTED:
raise Exception(
"Server could not connect to remote host: {}".format(event.reply_code)
)
If all went well the connection has been established correctly and we can start sending our request directly to the proxy:
sock.sendall(b"GET / HTTP/1.1\r\nhost: google.com\r\n\r\n")
data = receive_data(sock)
print(data)
# b'HTTP/1.1 301 Moved Permanently\r\nLocation: http://www.google.com/...`
The same methodology is used for all protocols, check out the examples directory for more information.
Development
Install the test requirements with pip install -r test-requirements.txt
.
Install the project in pseudo-editable mode with flit install -s
.
Tests can be ran directly invoking pytest
.
This project uses nox
to automate
testing and linting tasks. nox
is installed as part of the test requirements.
Invoking nox
will run all sessions, but you may also run only some them, for
example nox -s lint
will only run the linting session.
In order to test against a live proxy server a Docker setup is provided based
on the Dante
SOCKS server.
A container will start danted
listening on port 1080. The docker-compose.yml
will start the container and map the ports appropriately. To start the container
in the background:
docker-compose -f docker/docker-compose.yml up -d
To stop it:
docker-compose -f docker/docker-compose.yml down
Alternatively, remove the -d
flag to run the containers in the foreground.
Reference documents
Each implementation follows the documents as listed below:
- SOCKS4: https://www.openssh.com/txt/socks4.protocol
- SOCKS4A: https://www.openssh.com/txt/socks4a.protocol
- SOCKS5: https://www.ietf.org/rfc/rfc1928.txt
- SOCKS5 username/password authentication: https://www.ietf.org/rfc/rfc1929.txt
- SOCKS5 GSS-API authentication: https://www.ietf.org/rfc/rfc1961.txt
License
MIT
Project details
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.