Last active
February 23, 2021 06:22
-
-
Save ardzz/de863fb6f6c53de2464aaa8f80ab2f0f to your computer and use it in GitHub Desktop.
SSH SSL Dynamical Port Forwading
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/php | |
| /** | |
| * @author Ardhana <[email protected]> | |
| * | |
| * SSH SSL Launcher | |
| * | |
| * Requirements : | |
| * - PHP 7.* or above | |
| * - stunnel | |
| * | |
| * Arch family : | |
| use pacman : | |
| sudo pacman -S stunnel | |
| download package from archlinux.org : | |
| https://www.archlinux.org/packages/community/x86_64/stunnel/ | |
| * Debian family : | |
| use apt : | |
| sudo apt install stunnel | |
| download package from debian.org : | |
| https://packages.debian.org/search?keywords=stunnel | |
| */ | |
| <?php | |
| $config = [ | |
| "ssh" => [ | |
| [ | |
| "host" => "ssl-sg-6.serverip.co", | |
| "port" => 443, | |
| "username" => "fastssh.com-ambiyah.zip", | |
| "password" => "nnn" | |
| ], | |
| /// ... another SSH | |
| ], | |
| "payload" => [ | |
| "listen_port" => 1080, | |
| "sni" => "v.whatsapp.net" | |
| ] | |
| ]; | |
| class SSH_SSL{ | |
| function __construct(){ | |
| global $config; | |
| if (!file_exists("stunnel.sh")) { | |
| file_put_contents("stunnel.sh", base64_decode("IyEvYmluL2Jhc2gKc3VkbyBraWxsYWxsIHN0dW5uZWwKc3VkbyBzdHVubmVsCg==")); | |
| } | |
| $this->prefix = "SSH_SSL"; | |
| $this->config = json_decode(json_encode($config)); | |
| $this->mainSSH = "Host {$this->prefix}* \n PermitLocalCommand yes\n DynamicForward {$config["payload"]["listen_port"]}\n StrictHostKeyChecking no\n ServerAliveInterval 10\n TCPKeepAlive yes"; | |
| $this->subSSH = "Host {profile}\n HostName 127.0.0.1\n Port 60\n User {user}"; | |
| $this->stunnel = "[SSH]\nclient = yes\naccept = localhost:60\nconnect = {host}:{port}\nsni = {sni}"; | |
| } | |
| private function generateStunnelConfig($data){ | |
| $this->stunnel_config = str_replace( | |
| [ | |
| "{host}", | |
| "{port}", | |
| "{sni}" | |
| ], | |
| [ | |
| $data->host, | |
| $data->port, | |
| $this->config->payload->sni | |
| ], | |
| $this->stunnel | |
| ); | |
| return $this; | |
| } | |
| function getStunnelConfig(){ | |
| return $this->stunnel_config; | |
| } | |
| private function generateSSHConfig($data){ | |
| $this->profile_ssh = uniqid("{$this->prefix}_"); | |
| $this->SSH_config = str_replace( | |
| [ | |
| "{profile}", | |
| "{user}" | |
| ], | |
| [ | |
| $this->profile_ssh, | |
| $data->username | |
| ], | |
| $this->subSSH | |
| ); | |
| $this->SSH_config = "{$this->mainSSH}\n{$this->SSH_config}"; | |
| return $this; | |
| } | |
| function getSSHConfig(){ | |
| return $this->SSH_config; | |
| } | |
| function connect(){ | |
| foreach ($this->config->ssh as $key => $value) { | |
| $this->generateStunnelConfig($value)->generateSSHConfig($value); | |
| $stunnel_config = $this->getStunnelConfig(); | |
| $SSH_config = $this->getSSHConfig(); | |
| echo "SSH Server : {$value->host}\n"; | |
| echo "Proxy : socks5://127.0.0.1:{$this->config->payload->listen_port}\n"; | |
| // overwrite config | |
| echo ((bool) file_put_contents("/etc/stunnel/stunnel.conf", $stunnel_config) ? "Set stunell config : OK" : exit("Set stunnel config : BAD") ) . PHP_EOL; | |
| echo ((bool) file_put_contents($_SERVER["HOME"] . "/.ssh/config", $SSH_config) ? "Set SSH config : OK" : exit("Set SSH config : BAD") ) . PHP_EOL . PHP_EOL; | |
| // connect to SSH | |
| system("bash stunnel.sh"); | |
| system("sshpass -p {$value->password} ssh -N {$this->profile_ssh}"); | |
| } | |
| } | |
| } | |
| (new SSH_SSL)->connect(); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment