7200 Star! Open source free intranet penetration tool

Time:2021-9-27

[introduction]: inlets is an intranet penetration tool based on websocket tunnel, which can expose local services to the public network.

brief introduction

Inlets uses reverse proxy and websocket tunnel to expose internal or developing services to the public network through exit nodes. The exit node can be a VPS or any computer with public IPv4.

Similar tools include ngrok and Argo tunnel, but both of them are closed source, have their own limitations, are expensive, and have limited support for arm / arm64. Ngrok is often blocked by the company’s firewall policy and cannot be used. Other open source tunnel tools basically only consider the static configuration of a single tunnel. Inlets aims to dynamically discover local services, expose them to public IP or domain names through websocket tunnel, and automatically configure TLS certificates.

Inlets has completed the following functions:

  • Based on the definition of the client, the service entry is automatically created at the exit node

    • Single port and single websocket hosting multiple sites through DNS / domain name
  • Link encryption using SSL over WebSockets (WSS: / /)
  • Automatic reconnection
  • Authority authentication through service account or HTTP basic auth

    • Issue certificates using letsencrypt staging or production through http01 challenge
  • Native cross platform support, including armhf and arm64 architectures
  • Provide dockerfile and kubernetes yaml files
  • Automatically discover and instantiate Service – inlets – operators of loadbalancer type in kubernetes cluster
  • In addition to HTTP (s), it also supports the transmission of websocket traffic in the tunnel

Project address:
https://github.com/inlets/inlets

Simple use

For detailed installation and deployment steps, please refer to the official website. Xiaoqiu will briefly introduce the installation steps (also refer to the operation of the official website), eliminating the generation of tokens.

Install inlets service

Brew or curl installation is recommended on the official website:

#Install to current directory
curl -sLS https://get.inlets.dev | sh

#Install to / usr / local / bin/
curl -sLS https://get.inlets.dev | sudo sh
#Installing with brew
brew install inlets

Xiaoqiu can use it on windows. Download the inlets.exe file directly and execute it on the command line. The download address is:

https://github.com/inlets/inl…

Start tunnel server

This step needs to be operated on the machine with public IP to map the intranet services out of the network. (Xiaoqiu doesn’t have such a server, which can be installed directly on the local machine and can’t map the public network, but he can also complete the agent mapping process, and the process is the same.)

Download inlets.exe, put it in disk F, and execute the command to start:

/f/inlets/inlets.exe server --port=8090

As shown below:

7200 Star! Open source free intranet penetration tool

Run HTTP service

Test with Python’s built-in HTTP service:

mkdir inlets-test
cd /inlets-test
touch hello-world
python -m http.server 3000

As shown below:

7200 Star! Open source free intranet penetration tool

<br/>
Visit localhost: 3000

7200 Star! Open source free intranet penetration tool

Start the inlets client

Start the inlets client on the same machine as the HTTP service, and execute the following command:

/f/inlets/inlets.exe client --remote=192.168.244.1:8090 --upstream=http://127.0.0.1:3000
  • –The remote parameter must be set to the IP of the egress node
  • –The upstream parameter is the IP and port of the intranet service to be exposed

As shown below:

7200 Star! Open source free intranet penetration tool

Access exit node:

7200 Star! Open source free intranet penetration tool

other

The above can be said to be the most basic and commonly used functions of inlets. Inlets also has more advanced functions. You can try the children’s shoes you are interested in:

  • Support docker installation and deployment
  • Single exit node multi service
  • Set the fixed port for the control plane

Open source outpostShare popular, interesting and practical open source projects on a daily basis. Participate in maintaining the open source technology resource library of 100000 + star, including python, Java, C / C + +, go, JS, CSS, node.js, PHP,. Net, etc.

Recommended Today

Blog Garden Background page dynamic effects

1. To set animation, you must first apply for permission 1.1 first enter [my blog park] and enter [settings] in [management] 1.2 find [blog sidebar announcement] and click [apply for JS permission] 1.3 write the content of application JS permission (examples are as follows) Dear blog administrator: Can you open JS permission for me? I […]