Table of contents
Spp (Special Protocol Launched)
Spp (Special Protocol Launched)
1. Brief description:
1) Supported protocols: tcp, udp, rudp (reliable udp), ricmp (reliable icmp), rhttp (reliable http), kcp, quic
2) Supported types: two-way proxy, socks5 forward proxy, socks5 reverse proxy
3) External proxy protocol and internal forwarding protocol can be combined freely
4) Support Shadowsocks plugin , spp-shadowsocks-plugin, spp-shadowsocks-plugin-android
5)工具:Releases · esrrhs/spp (github.com)https://github.com/esrrhs/spp/releases/
6) Schematic diagram:
(Picture from GitHub: Releases esrrhs/spp (github.com))
7) Personal opinion:
Easy to use : one command for the server and one for the client to establish a connection
Full-duplex communication : the tool has no distinction between server and client, and the server and client can be specified directly in the command
2. Usage:
1. Prepare
Because it is full-duplex communication (the tool does not have a client and a server, just find the corresponding version of the server and client)
2. Server
1) Method 1: Start the server:
Suppose the server IP is www.server.com, listening port 8888
The specified type is server (server), the protocol is tcp protocol , and the listening port is 8888
# ./spp -type server -proto tcp -listen :8888
2) Method 2: Free combination method:
Can also listen simultaneously with other types of ports and protocols
- After prto , 3 protocols and ports are respectively connected, and they are monitored at the same time
# ./spp -type server -proto tcp -listen :8888 -proto rudp -listen :9999 -proto ricmp -listen 0.0.0.0
3) Method 3: Other methods: Docker can also be used
(This is a little more complicated)
# docker run --name my-server -d --restart=always --network host esrrhs/spp ./spp -proto tcp -listen :8888
3. Client
1) Method 1: Start the TCP forwarding agent
(Forward) Map www.server.com port 8080 to local 8080, so that accessing local 8080 is equivalent to accessing www.server.com 8080
# ./spp -name "test" -type proxy_client -server www.server.com:8888 -fromaddr :8080 -toaddr :8080 -proxyproto tcp
2) Method 2: Start TCP reverse proxy
(Reverse) Map local 8080 to port 8080 of www.server.com, accessing www.server.com 8080 is equivalent to accessing local 8080
# ./spp -name "test" -type reverse_proxy_client -server www.server.com:8888 -fromaddr :8080 -toaddr :8080 -proxyproto tcp
3) Method 3: Start TCP Positive Socks5 Proxy
(Forward) Open the socks5 protocol on the local port 8080, and access the network in the server through the server
# ./spp -name "test" -type socks5_client -server www.server.com:8888 -fromaddr :8080 -proxyproto tcp
4) Method 4: Start tcp reverse socks5 proxy
(Reverse) Open the socks5 protocol on port 8080 of www.server.com, and access the network in the client through the client
# ./spp -name "test" -type reverse_socks5_client -server www.server.com:8888 -fromaddr :8080 -proxyproto tcp
5) Other agency agreements:
Only need to modify the proxyProto parameter of the client
# 代理 UDP协议 ./spp -name "test" -type proxy_client -server www.server.com:8888 -fromaddr :8080 -toaddr :8080 -proxyproto udp # 代理 rudp协议 ./spp -name "test" -type proxy_client -server www.server.com:8888 -fromaddr :8081 -toaddr :8081 -proxyproto rudp # 代理 ricmp协议 ./spp -name "test" -type proxy_client -server www.server.com:8888 -fromaddr :8082 -toaddr :8082 -proxyproto ricmp # 同时使用UDP、rudp、ricmp协议 ./spp -name "test" -type proxy_client -server www.server.com:8888 -fromaddr :8080 -toaddr :8080 -proxyproto udp -fromaddr :8081 -toaddr :8081 -proxyproto rudp -fromaddr :8082 -toaddr :8082 -proxyproto ricmp
6) Internal communication between client and server
It can also be modified to other protocols, automatically converting external protocols and internal protocols
# 代理tcp协议,内部用rudp协议转发 ./spp -name "test" -type proxy_client -server www.server.com:8888 -fromaddr :8080 -toaddr :8080 -proxyproto tcp -proto rudp # 代理tcp协议,内部用ricmp协议转发 ./spp -name "test" -type proxy_client -server www.server.com -fromaddr :8080 -toaddr :8080 -proxyproto tcp -proto ricmp # 代理udp协议,内部用tcp协议转发 ./spp -name "test" -type proxy_client -server www.server.com:8888 -fromaddr :8080 -toaddr :8080 -proxyproto udp -proto tcp # 代理udp协议,内部用kcp协议转发 ./spp -name "test" -type proxy_client -server www.server.com:8888 -fromaddr :8080 -toaddr :8080 -proxyproto udp -proto kcp # 代理tcp协议,内部用quic协议转发 ./spp -name "test" -type proxy_client -server www.server.com:8888 -fromaddr :8080 -toaddr :8080 -proxyproto tcp -proto quic # 代理tcp协议,内部用rhttp协议转发 ./spp -name "test" -type proxy_client -server www.server.com:8888 -fromaddr :8080 -toaddr :8080 -proxyproto tcp -proto rhttp
7) Other methods: docker
# docker run --name my-client -d --restart=always --network host esrrhs/spp ./spp -name "test" -type proxy_client -server www.server.com:8888 -fromaddr :8080 -toaddr :8080 -proxyproto tcp
4、cs、msf
Generate monitoring backdoor monitoring
How to use source developer:
esrrhs/spp: A simple yet powerful proxy (github.com) https://github.com/esrrhs/spp