DH
Uploaded byDávid Halász
PPTX, PDF185 views

Smuggling TCP traffic through HTTP

This document discusses smuggling TCP traffic through HTTP by leveraging HTTP upgrades. It proposes a new project called Purr that implements a TCP "smuggling" server in Ruby using Rack and a client-side proxy. Purr aims to allow anything TCP-based to be tunneled through HTTP, controlled by a browser extension using native messaging and accessible from web apps via a JS library. The incomplete implementation has a server and basic client-side proxy functionality, but more work is needed for distribution, libraries, HTTPS support, and testing.

Embed presentation

Download to read offline
Smuggling TCP traffic through HTTP Dávid Halász dhalasz@redhat.com
About me Software Engineer at Red Hat in Brno Working on the ManageIQ UI and remote consoles and notifications and many other stuff mostly in Ruby Maintaining the SASS port of PatternFly @skateman on GitHub 💓💎💓
ManageIQ Control all the things Infrastructure Middleware Containers Networking Automation C&U Metrics ...
VM Remote Consoles Hypervisors usually provide a remote desktop server VNC SPICE Traffic encapsulated into WebSocket frames by a proxy Websockify (used by OpenStack) ManageIQ WebSocket Worker In-browser clients implemented using JavaScript and <canvas> noVNC
How the proxy is implemented? Client sends an HTTP Request with an Upgrade: websocket header The proxy performs a Socket Hijacking Access to the TCP connection under the HTTP request The proxy opens the remote endpoint Based on the request’s URL An HTTP 101 answer is sent back to the client The two endpoints are connected Encode/Decode the WebSocket traffic Browser noVNC Web Server VNC Server
How the proxy is implemented? Client sends an HTTP Request with an Upgrade: websocket header The proxy performs a Socket Hijacking Access to the TCP connection under the HTTP request The proxy opens the remote endpoint Based on the request’s URL An HTTP 101 answer is sent back to the client The two endpoints are connected Encode/Decode the WebSocket traffic Browser noVNC Web Server VNC Server HTTP Upgrade
How the proxy is implemented? Client sends an HTTP Request with an Upgrade: websocket header The proxy performs a Socket Hijacking Access to the TCP connection under the HTTP request The proxy opens the remote endpoint Based on the request’s URL An HTTP 101 answer is sent back to the client The two endpoints are connected Encode/Decode the WebSocket traffic Browser noVNC Web Server VNC Server HTTP Upgrade Socket Hijacking
How the proxy is implemented? Client sends an HTTP Request with an Upgrade: websocket header The proxy performs a Socket Hijacking Access to the TCP connection under the HTTP request The proxy opens the remote endpoint Based on the request’s URL An HTTP 101 answer is sent back to the client The two endpoints are connected Encode/Decode the WebSocket traffic Browser noVNC Web Server VNC Server HTTP UpgradeTCP Open
How the proxy is implemented? Client sends an HTTP Request with an Upgrade: websocket header The proxy performs a Socket Hijacking Access to the TCP connection under the HTTP request The proxy opens the remote endpoint Based on the request’s URL An HTTP 101 answer is sent back to the client The two endpoints are connected Encode/Decode the WebSocket traffic Browser noVNC Web Server VNC Server TCP HTTP 101
How the proxy is implemented? Client sends an HTTP Request with an Upgrade: websocket header The proxy performs a Socket Hijacking Access to the TCP connection under the HTTP request The proxy opens the remote endpoint Based on the request’s URL An HTTP 101 answer is sent back to the client The two endpoints are connected Encode/Decode the WebSocket traffic Browser noVNC Web Server VNC Server TCP WebSocket Proxying
HTTP Upgrade Introduced in HTTP/1.1 Upgrade from older versions of HTTP Upgrade to HTTPS Upgrade to anything based on TCP VNC SPICE SSH … Request: GET / HTTP/1.1 Upgrade: websocket Connection: Upgrade Host: example.com Origin: http://example.com Sec-WebSocket-Version: 13 Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ== Response: HTTP/1.1 101 Switching Protocols Upgrade: websocket Connection: Upgrade Sec-WebSocket-Accept: s3pPLMBiTxaQ9kYGzzhZRbK+xOo=
Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client
Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client Request
Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client Response
Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client
Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client TCP Open
Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client TCP OpenHTTP Upgrade
Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client TCP OpenHTTP Upgrade Socket Hijacking
Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client TCP OpenHTTP UpgradeTCP Open
Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client TCP OpenTCP HTTP 101
Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client TCP OpenTCP Proxying “TCP”
Why don’t we upgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client TCP Proxying “TCP” TCP Proxying
Purr An (incomplete) implementation of the TCP “smuggling” Server implemented in Ruby using Rack Client-side proxy The scary part implemented in Go Controlled by a browser extension using the Native Messaging API Extension accessible from Web Applications using a JS library (TODO) It can “smuggle” anything TCP-based through HTTP It has a nice logo of a purring cat
Thank you for your attention! Find the project on GitHub: http://github.com/skateman/purr Reach out if you are interested in integrating it in your product Feel free to contribute, there is a lot to do: Distribution of the client JS frontend library HTTPS support Tests for the Go code Integration tests

More Related Content

PPTX
dotNetConf2019
byAndrea Tosato
 
PDF
Using Communication and Messaging API in the HTML5 World
byGil Fink
 
PPTX
Http/2
byAdrian Cardenas
 
PDF
HTTP/2 standard for video streaming
byHung Thai Le
 
PDF
HTTP by Hand: Exploring HTTP/1.0, 1.1 and 2.0
byCory Forsyth
 
PPTX
Codecamp iasi-26 nov 2011-web sockets
byCodecamp Romania
 
PDF
What HTTP/2.0 Will Do For You
byMark Nottingham
 
PDF
cPanel conf 2017 - How to Speak cPanel
bycPanel
 
dotNetConf2019
byAndrea Tosato
 
Using Communication and Messaging API in the HTML5 World
byGil Fink
 
Http/2
byAdrian Cardenas
 
HTTP/2 standard for video streaming
byHung Thai Le
 
HTTP by Hand: Exploring HTTP/1.0, 1.1 and 2.0
byCory Forsyth
 
Codecamp iasi-26 nov 2011-web sockets
byCodecamp Romania
 
What HTTP/2.0 Will Do For You
byMark Nottingham
 
cPanel conf 2017 - How to Speak cPanel
bycPanel
 

What's hot

PPTX
WebSockets On Fire
byJef Claes
 
PDF
SPDY and HTTP/2
byFabian Frank
 
PDF
Alex carcea, radu macovei a story of how java script joined the big league
byCodecamp Romania
 
PDF
Dataservices - Data Processing mit Microservices
byQAware GmbH
 
PPTX
HTTP/2 Changes Everything
byLori MacVittie
 
PDF
O'Reilly Fluent Conference: HTTP/1.1 vs. HTTP/2
byLoad Impact
 
PPTX
HTML5, HTTP2, and You 1.1
byDaniel Austin
 
PDF
Cfg Mgmtcamp 2015 - Releases
byCFEngine
 
PPTX
HTTP/2 : why upgrading the web? - apidays Paris
byQuentin Adam
 
PDF
Config Management Camp 2015 - How to Deploy CFEngine in the Open Internet
byCFEngine
 
PPTX
Introduction to HTTP/2
byIdo Flatow
 
PDF
HTTP2 is Here!
byAndy Davies
 
PDF
11.Open Data Protocol(ODATA)
byNguyen Tuan
 
PPTX
Debugging with Fiddler
byIdo Flatow
 
PDF
Introduction to Web Sockets
byJumping Bean
 
PDF
Cowboy rabbit-websockets
byWade Mealing
 
PDF
Websocket 101 in Python
byJuti Noppornpitak
 
PPTX
Web Sockets
byPaul Fryer
 
PDF
Web Sockets - HTML5
byMatheus Marabesi
 
PDF
DIY Async Message Pump: Lessons from the trenches
byParticular Software
 
WebSockets On Fire
byJef Claes
 
SPDY and HTTP/2
byFabian Frank
 
Alex carcea, radu macovei a story of how java script joined the big league
byCodecamp Romania
 
Dataservices - Data Processing mit Microservices
byQAware GmbH
 
HTTP/2 Changes Everything
byLori MacVittie
 
O'Reilly Fluent Conference: HTTP/1.1 vs. HTTP/2
byLoad Impact
 
HTML5, HTTP2, and You 1.1
byDaniel Austin
 
Cfg Mgmtcamp 2015 - Releases
byCFEngine
 
HTTP/2 : why upgrading the web? - apidays Paris
byQuentin Adam
 
Config Management Camp 2015 - How to Deploy CFEngine in the Open Internet
byCFEngine
 
Introduction to HTTP/2
byIdo Flatow
 
HTTP2 is Here!
byAndy Davies
 
11.Open Data Protocol(ODATA)
byNguyen Tuan
 
Debugging with Fiddler
byIdo Flatow
 
Introduction to Web Sockets
byJumping Bean
 
Cowboy rabbit-websockets
byWade Mealing
 
Websocket 101 in Python
byJuti Noppornpitak
 
Web Sockets
byPaul Fryer
 
Web Sockets - HTML5
byMatheus Marabesi
 
DIY Async Message Pump: Lessons from the trenches
byParticular Software
 

Viewers also liked

PPTX
Introduction to router
byFarhan Galib
 
PPTX
Switching seminar ppt
byAshish Kushwah
 
PPT
Presentation on router
byIqra university islamabad
 
PPTX
difference between hub, bridge, switch and router
byAkmal Cikmat
 
PPT
5. icmp
bySwati Arora
 
PPSX
ICMP
byselvakumar_b1985
 
PPT
Icmp
byAbhishek Kesharwani
 
PPT
Network protocol
byOnline
 
PPTX
Routers.ppt
bykirbadh
 
PPT
Internet control message protocol
byasimnawaz54
 
Introduction to router
byFarhan Galib
 
Switching seminar ppt
byAshish Kushwah
 
Presentation on router
byIqra university islamabad
 
difference between hub, bridge, switch and router
byAkmal Cikmat
 
5. icmp
bySwati Arora
 
ICMP
byselvakumar_b1985
 
Icmp
byAbhishek Kesharwani
 
Network protocol
byOnline
 
Routers.ppt
bykirbadh
 
Internet control message protocol
byasimnawaz54
 

Similar to Smuggling TCP traffic through HTTP

PPTX
Building WebSocket and Server Side Events Applications using Atmosphere
byjfarcand
 
PPTX
Web proxy server
byVikas Merugu
 
PPTX
Web proxy server
byVikas Merugu
 
PDF
HTTP In-depth
byVinayak Hegde
 
PPTX
WebSocket protocol
byKensaku Komatsu
 
PPTX
Web technologies: HTTP
byPiero Fraternali
 
PPTX
Writing Portable WebSockets in Java
byjfarcand
 
PPT
Juglouvain http revisited
bymarctritschler
 
PPTX
Ws
bySunghan Kim
 
KEY
Pushing the web — WebSockets
byRoland M
 
PDF
HTTP colon slash slash: end of the road? @ CakeFest 2013 in San Francisco
byAlessandro Nadalin
 
PPTX
Http - All you need to know
byGökhan Şengün
 
PDF
SPDY & HTTP2.0 & QUIC - #bpstudy 2013-08-28
byJxck Jxck
 
PDF
Pushing a camel through the eye of a needle
bySensePost
 
PDF
Web Architectures - Web Technologies (1019888BNR)
byBeat Signer
 
DOCX
May proxy be_with_you
byHimani Singh
 
PDF
thesis
byVenkata Jaswanth U
 
PPT
Ds
byMa Kik
 
PPT
Web Services 2009
byCathie101
 
PPT
Web Services 2009
byCathie101
 
Building WebSocket and Server Side Events Applications using Atmosphere
byjfarcand
 
Web proxy server
byVikas Merugu
 
Web proxy server
byVikas Merugu
 
HTTP In-depth
byVinayak Hegde
 
WebSocket protocol
byKensaku Komatsu
 
Web technologies: HTTP
byPiero Fraternali
 
Writing Portable WebSockets in Java
byjfarcand
 
Juglouvain http revisited
bymarctritschler
 
Ws
bySunghan Kim
 
Pushing the web — WebSockets
byRoland M
 
HTTP colon slash slash: end of the road? @ CakeFest 2013 in San Francisco
byAlessandro Nadalin
 
Http - All you need to know
byGökhan Şengün
 
SPDY & HTTP2.0 & QUIC - #bpstudy 2013-08-28
byJxck Jxck
 
Pushing a camel through the eye of a needle
bySensePost
 
Web Architectures - Web Technologies (1019888BNR)
byBeat Signer
 
May proxy be_with_you
byHimani Singh
 
thesis
byVenkata Jaswanth U
 
Ds
byMa Kik
 
Web Services 2009
byCathie101
 
Web Services 2009
byCathie101
 

Recently uploaded

PDF
Oracle Cloud Infrastructure 2025 Architect Professional (1Z0-1127-25) Master ...
byExamCert App
 
PDF
Digital Twin in IBM for Accelerated Discovery of Climate & Sustainability, K...
byMichiaki Tatsubori
 
PDF
February 2026 Patch Tuesday hosted by Chris Goettl and Todd Schell
byIvanti
 
PDF
shayk.online - Anonymous chat with Sinatra and WebSockets
byEleanor McHugh
 
PPTX
PPTX game guess the logo with a twistppt
byAdrianAnig
 
PPTX
Spacecraft Guidance Quick Research Guide by Arthur Morgan
byArthur Morgan
 
PDF
AI Vector Search Best Practices Multicloud Feb 2026
bySandesh Rao
 
PDF
Escape from the Forbidden Zone: Smuggling green and inclusive tech past the g...
byBookNet Canada
 
PDF
Effortless Distributed Systems with Aspire.pdf
byParticular Software
 
PDF
Explaining the flow of purpose-specific BOM
byakipii ogaoga
 
PDF
Explaining specific examples of purpose-specific BOM
byakipii ogaoga
 
PDF
Bringing AI into R&D, Taking a Human-Centric Approach / Haim Yadid
byHaim Yadid
 
PDF
GTM-and-Sales-Plan for a cyber security product
byAshish Jangir
 
PDF
Logical Optimal Actions – Towards Knowledge-based Reinforcement Learning with...
byMichiaki Tatsubori
 
PPTX
Tech Trends 2026: AI Agents, Quantum Computing, Robotics & Cybersecurity
byridwansassman
 
PDF
From Artificial Intelligence to African Intelligence: Transforming Research &...
byMoses Kemibaro
 
PDF
TrustArc Webinar - From Trends to Action: Fitting AI Governance into Privacy Ops
byTrustArc
 
PDF
Spec-Driven Development with Kiro: Elevating Software Quality, Traceability, ...
byHaim Michael
 
PPTX
Workflow and decision Automation with Flowable
bychakib ch
 
PDF
Chapter 5 Security Mechanisms iin computer security.pdf
byGetnet Tigabie Askale -(GM)
 
Oracle Cloud Infrastructure 2025 Architect Professional (1Z0-1127-25) Master ...
byExamCert App
 
Digital Twin in IBM for Accelerated Discovery of Climate & Sustainability, K...
byMichiaki Tatsubori
 
February 2026 Patch Tuesday hosted by Chris Goettl and Todd Schell
byIvanti
 
shayk.online - Anonymous chat with Sinatra and WebSockets
byEleanor McHugh
 
PPTX game guess the logo with a twistppt
byAdrianAnig
 
Spacecraft Guidance Quick Research Guide by Arthur Morgan
byArthur Morgan
 
AI Vector Search Best Practices Multicloud Feb 2026
bySandesh Rao
 
Escape from the Forbidden Zone: Smuggling green and inclusive tech past the g...
byBookNet Canada
 
Effortless Distributed Systems with Aspire.pdf
byParticular Software
 
Explaining the flow of purpose-specific BOM
byakipii ogaoga
 
Explaining specific examples of purpose-specific BOM
byakipii ogaoga
 
Bringing AI into R&D, Taking a Human-Centric Approach / Haim Yadid
byHaim Yadid
 
GTM-and-Sales-Plan for a cyber security product
byAshish Jangir
 
Logical Optimal Actions – Towards Knowledge-based Reinforcement Learning with...
byMichiaki Tatsubori
 
Tech Trends 2026: AI Agents, Quantum Computing, Robotics & Cybersecurity
byridwansassman
 
From Artificial Intelligence to African Intelligence: Transforming Research &...
byMoses Kemibaro
 
TrustArc Webinar - From Trends to Action: Fitting AI Governance into Privacy Ops
byTrustArc
 
Spec-Driven Development with Kiro: Elevating Software Quality, Traceability, ...
byHaim Michael
 
Workflow and decision Automation with Flowable
bychakib ch
 
Chapter 5 Security Mechanisms iin computer security.pdf
byGetnet Tigabie Askale -(GM)
 

Smuggling TCP traffic through HTTP

  • 1.
    Smuggling TCP traffic throughHTTP Dávid Halász dhalasz@redhat.com
  • 2.
    About me Software Engineerat Red Hat in Brno Working on the ManageIQ UI and remote consoles and notifications and many other stuff mostly in Ruby Maintaining the SASS port of PatternFly @skateman on GitHub 💓💎💓
  • 3.
    ManageIQ Control all thethings Infrastructure Middleware Containers Networking Automation C&U Metrics ...
  • 4.
    VM Remote Consoles Hypervisorsusually provide a remote desktop server VNC SPICE Traffic encapsulated into WebSocket frames by a proxy Websockify (used by OpenStack) ManageIQ WebSocket Worker In-browser clients implemented using JavaScript and <canvas> noVNC
  • 5.
    How the proxyis implemented? Client sends an HTTP Request with an Upgrade: websocket header The proxy performs a Socket Hijacking Access to the TCP connection under the HTTP request The proxy opens the remote endpoint Based on the request’s URL An HTTP 101 answer is sent back to the client The two endpoints are connected Encode/Decode the WebSocket traffic Browser noVNC Web Server VNC Server
  • 6.
    How the proxyis implemented? Client sends an HTTP Request with an Upgrade: websocket header The proxy performs a Socket Hijacking Access to the TCP connection under the HTTP request The proxy opens the remote endpoint Based on the request’s URL An HTTP 101 answer is sent back to the client The two endpoints are connected Encode/Decode the WebSocket traffic Browser noVNC Web Server VNC Server HTTP Upgrade
  • 7.
    How the proxyis implemented? Client sends an HTTP Request with an Upgrade: websocket header The proxy performs a Socket Hijacking Access to the TCP connection under the HTTP request The proxy opens the remote endpoint Based on the request’s URL An HTTP 101 answer is sent back to the client The two endpoints are connected Encode/Decode the WebSocket traffic Browser noVNC Web Server VNC Server HTTP Upgrade Socket Hijacking
  • 8.
    How the proxyis implemented? Client sends an HTTP Request with an Upgrade: websocket header The proxy performs a Socket Hijacking Access to the TCP connection under the HTTP request The proxy opens the remote endpoint Based on the request’s URL An HTTP 101 answer is sent back to the client The two endpoints are connected Encode/Decode the WebSocket traffic Browser noVNC Web Server VNC Server HTTP UpgradeTCP Open
  • 9.
    How the proxyis implemented? Client sends an HTTP Request with an Upgrade: websocket header The proxy performs a Socket Hijacking Access to the TCP connection under the HTTP request The proxy opens the remote endpoint Based on the request’s URL An HTTP 101 answer is sent back to the client The two endpoints are connected Encode/Decode the WebSocket traffic Browser noVNC Web Server VNC Server TCP HTTP 101
  • 10.
    How the proxyis implemented? Client sends an HTTP Request with an Upgrade: websocket header The proxy performs a Socket Hijacking Access to the TCP connection under the HTTP request The proxy opens the remote endpoint Based on the request’s URL An HTTP 101 answer is sent back to the client The two endpoints are connected Encode/Decode the WebSocket traffic Browser noVNC Web Server VNC Server TCP WebSocket Proxying
  • 11.
    HTTP Upgrade Introduced inHTTP/1.1 Upgrade from older versions of HTTP Upgrade to HTTPS Upgrade to anything based on TCP VNC SPICE SSH … Request: GET / HTTP/1.1 Upgrade: websocket Connection: Upgrade Host: example.com Origin: http://example.com Sec-WebSocket-Version: 13 Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ== Response: HTTP/1.1 101 Switching Protocols Upgrade: websocket Connection: Upgrade Sec-WebSocket-Accept: s3pPLMBiTxaQ9kYGzzhZRbK+xOo=
  • 12.
    Why don’t weupgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client
  • 13.
    Why don’t weupgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client Request
  • 14.
    Why don’t weupgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client Response
  • 15.
    Why don’t weupgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client
  • 16.
    Why don’t weupgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client TCP Open
  • 17.
    Why don’t weupgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client TCP OpenHTTP Upgrade
  • 18.
    Why don’t weupgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client TCP OpenHTTP Upgrade Socket Hijacking
  • 19.
    Why don’t weupgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client TCP OpenHTTP UpgradeTCP Open
  • 20.
    Why don’t weupgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client TCP OpenTCP HTTP 101
  • 21.
    Why don’t weupgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client TCP OpenTCP Proxying “TCP”
  • 22.
    Why don’t weupgrade to VNC/SPICE? Create a proxy/wrapper for the desktop Listen on localhost:randomport Open the remote endpoint as HTTP with an Upgrade header Wait for the HTTP response and do the client-side proxying Keep the WebSocket support as a fallback Enjoy the speed of the desktop client VNC Server Web Server Client Proxy VNC Client TCP Proxying “TCP” TCP Proxying
  • 23.
    Purr An (incomplete) implementationof the TCP “smuggling” Server implemented in Ruby using Rack Client-side proxy The scary part implemented in Go Controlled by a browser extension using the Native Messaging API Extension accessible from Web Applications using a JS library (TODO) It can “smuggle” anything TCP-based through HTTP It has a nice logo of a purring cat
  • 24.
    Thank you foryour attention! Find the project on GitHub: http://github.com/skateman/purr Reach out if you are interested in integrating it in your product Feel free to contribute, there is a lot to do: Distribution of the client JS frontend library HTTPS support Tests for the Go code Integration tests