Consider the following scenario: There is a client behind a really strict firewa
ID: 653442 • Letter: C
Question
Consider the following scenario: There is a client behind a really strict firewall. There is nearly nothing available to 'connect to the internet'. Just DNS resolution and HTTP/HTTPS (some whitelisted sites like Google can be visited; others get redirected to the 'site was blocked' page).
So the idea was to to build some kind of proxy using only http get requests (using this service from google as proxy which works fine but lacks css/http post request support)
Do you think that's possible or are aware of software that's capable of doing this? Or maybe another way to accomplish unrestricted internet access under these cirumstances?
Many thanks in advance!
PS: Using DNS for tunneling all the traffic works but is of course really really slow.
Explanation / Answer
If you are in control of a server reachable by the service you mentioned then you could built your own tunnel, because
+ you can send data through the tunnel to the server (via the URL of the request)
+ and you can receive data through the tunnel from the server (via the response)
Which means all you have to do is write yourself the appropriate local and remote handlers to translate between your tunnel protocol and HTTP request/response.
I'm not aware of any existing software working within your specific restrictions (httptunnel is probably outside your restrictions), but it is possible to write something like this and to help you to actually circumvent specific security policies would be outside the scope of this forum anyway.
And always remember that security policies are often there to protect something and that you might get into trouble when you try to circumvent these policies, like loosing the job or maybe even get charged for hacking attempts. And such tunnels can be detected because they show abnormal usage behavior.