netcat using netstack userspace library

netkat

netcat version using raw sockets to avoid iptables and/or other OS filtering mechanisms.

Install

make build

Usage

It requires root privileges:

sudo ./bin/netkat
Usage: nk [options] [hostname] [port]

  -debug
        Debug
  -interface string
        Specify interface to use. Default interface with default route
  -listen
        Bind and listen for incoming connections
  -source-port int
        Specify source port to use
  -udp
        Use UDP instead of default TCP

Docker image

It can be used as a container image, based in alpine:

docker run -it --privileged aojea/netkat:latest 192.168.68.1 80
2021/05/31 21:29:42 Using source address 172.17.0.2/16
2021/05/31 21:29:42 Creating raw socket
2021/05/31 21:29:42 Adding ebpf ingress filter on interface eth0
2021/05/31 21:29:42 filter {LinkIndex: 99, Handle: 0:1, Parent: ffff:fff2, Priority: 0, Protocol: 3}
2021/05/31 21:29:42 Creating user TCP/IP stack
2021/05/31 21:29:42 Dialing ...
2021/05/31 21:29:42 Connection established

Development

netkat uses the gvisor userspace TCP/IP stack "netstack"

It creates a RAW socket attached to the interface with the route to the destination IP, attaching a BPF filter for the traffic mathing the connection parameters specified as arguments.

It also creates an ingress queue and attaches an eBPF filter, to drop the traffic of the connection directed to the RAW socket, preventing that the host stack drops the connection.

Owner
Antonio Ojea
The network is reliable. Latency is zero, Bandwidth is infinite, ..
Antonio Ojea
https://github.com/aojea/netkat
Similar Resources

A library for the MIGP (Might I Get Pwned) protocolA library for the MIGP (Might I Get Pwned) protocol

MIGP library This contains a library for the MIGP (Might I Get Pwned) protocol. MIGP can be used to build privacy-preserving compromised credential ch

Dec 3, 2022

Examples using the stomp package from git://github.com/gmallard/stompngo.git

stompngo_examples - A collection of examples for package stompngo Features Full demonstration of support for STOMP protocols: Protocol Level 1.0 Proto

Jan 22, 2021

SonicWall VPN-SSL Exploit* using Golang

SonicWall VPN-SSL Exploit* using Golang

goshock SonicWall VPN-SSL Exploit* using Golang ( * and other targets vulnerable to shellshock ).

Jul 6, 2022

In memory Key/Value store in go using gRPC.

In memory Key/Value store in go using gRPC.

In memory cache, using gRPC Contents About Running Server Local Docker Kubernetes Example Helm Terraform API Add Get GetByPrefix GetAllItems DeleteKey

Dec 26, 2022

HTTP(S)/WS(S)/TCP Tunnels to localhost using only SSH.

An open source serveo/ngrok alternative.

Dec 29, 2022

Simple HTTP tunnel using SSH remote port forwarding

Simple HTTP tunnel using SSH remote port forwarding

Nov 18, 2022

connect to microsoft flight simulator 2020 using golang

msfs2020-go simconnect package msfs2020-go/simconnect connects to microsoft flight simulator 2020 using golang. cross-compiles from macos/linux, no ot

Nov 23, 2022

An experimental Tor-Proxy serivce written in Go using Go-proxy and Go-libtor.

tor-proxy An experimental standalone tor-proxy service built with Go, using go-proxy, go-libtor and bine. This is a simple replacement to Tor's origin

Nov 9, 2022

A toy MMO example built using Ebiten and WebRTC DataChannels (UDP)

A toy MMO example built using Ebiten and WebRTC DataChannels (UDP)

Ebiten WebRTC Toy MMO ⚠️ This is a piece of incomplete hobby work and not robust. Please read the "Why does this project exist?" section. What is this

Aug 28, 2022
Comments
  • Crash because of TUN/TAP do not support ebpf

    Crash because of TUN/TAP do not support ebpf 

    ./netkat -listen -debug x.x.x.x 1234
2021/06/03 16:29:38 routes {Ifindex: 5 Dst: x.x.x.x/32 Src: y.y.y.y Gw: <nil> Flags: [] Table: 254}
2021/06/03 16:29:38 Creating raw socket
2021/06/03 16:29:38 Adding ebpf ingress filter on interface zzzzzzz
2021/06/03 16:29:38 failed to load objects: field Ingress: program _ingress: map .rodata: map create: read- and write-only maps not supported (requires >= v5.2)
  • Does it only works on Linux ?

    Does it only works on Linux ?

    It works fine in Linux, but failed on macOS.

    # go version
go version go1.16.5 darwin/amd64

# go build
package github.com/aojea/netkat
        imports gvisor.dev/gvisor/pkg/tcpip/link/rawfile: build constraints exclude all Go files in /netkat/vendor/gvisor.dev/gvisor/pkg/tcpip/link/rawfile
  • add TCP listen

    add TCP listen

    Add listen options

    It needs some refactoring

    • [x] add tests
    • [x] bpf and ebpf filter, we don't know the source ip and port
    • [x] variables doesn't match now
    • [ ] UDP listener, I can't find it in gvisor
Related tags
Network netkat
An userspace SORACOM Arc client powered by wireguard-go

soratun An easy-to-use, userspace SORACOM Arc client powered by wireguard-go. For deploying and scaling Linux servers/Raspberry Pi devices working wit

Jun 2, 2022
This service is intented to collect data using grpc using Go lang backend and cassandra DB as storage

Go Data Collection This service is intented to collect data using grpc using Go lang backend and cassandra DB as storage. Dev Setup make test_env make

Apr 13, 2022
A library to simplify writing applications using TCP sockets to stream protobuff messages

BuffStreams Streaming Protocol Buffers messages over TCP in Golang What is BuffStreams? BuffStreams is a set of abstraction over TCPConns for streamin

Dec 13, 2022
Pure-Go library for cross-platform local peer discovery using UDP multicast :woman: :repeat: :woman:
 Pure-Go library for cross-platform local peer discovery using UDP multicast :woman: :repeat: :woman:

peerdiscovery Pure-go library for cross-platform thread-safe local peer discovery using UDP multicast. I needed to use peer discovery for croc and eve

Jan 8, 2023
Library for receiving (near) realtime notifications about earthquakes using websockets

goseismic goseismic is library for receiving (near) realtime notifications about earthquakes using websockets from SeismicPortal. Using goseismic, rec

Dec 29, 2022
httpx is a fast and multi-purpose HTTP toolkit allows to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads.
 httpx is a fast and multi-purpose HTTP toolkit allows to run multiple probers using retryablehttp library, it is designed to maintain the result reliability with increased threads.

Features • Installation • Usage • Running httpx • Notes • Join Discord httpx is a fast and multi-purpose HTTP toolkit allow to run multiple probers us

Jan 8, 2023
checkip is a CLI tool and library that checks an IP address using various public services.
 checkip is a CLI tool and library that checks an IP address using various public services.

checkip is a CLI tool and library that checks an IP address using various public services.

Dec 20, 2022
Simple-request-limiter - Example of limiting API requests using standard Go library

Route: http://localhost:8080/urls example of body in POST request that was used:

Feb 2, 2022
Hostkeydns - Library for verifying remote ssh keys using DNS and SSHFP resource records

hostkeydns import "suah.dev/hostkeydns" Package hostkeydns facilitates verifying

Feb 11, 2022
Package telnet provides TELNET and TELNETS client and server implementations, for the Go programming language, in a style similar to the "net/http" library that is part of the Go standard library, including support for "middleware"; TELNETS is secure TELNET, with the TELNET protocol over a secured TLS (or SSL) connection.

go-telnet Package telnet provides TELNET and TELNETS client and server implementations, for the Go programming language. The telnet package provides a

Dec 28, 2022