Introduction
HTTP Tunneling
HTTP is a text-based protocol to retrieve Web pages through a Web browser. Mostly, if you are on a LAN connection, you are behind a proxy server; this proxy server has one HTTP proxy running on some defined port. In your Internet Explorer's Connection option, you specify LAN settings as required. This proxy server is definitely running on a text-based protocol, and you can only get HTTP-related data from the outside network, right!! Well, there is a small loophole from which you can go through HTTP and connect to the outside world and get any data you want in binary protocol, or even your own protocol. It's through HTTPS.
HTTPS Explanation
In HTTPS, data is transferred from browser to server and server to browser in a secure manner. It's a binary protocol; when it goes through a proxy, the proxy doesn't understand anything. The proxy just allows a binary stream to open and lets both server and client exchange the data. Now, we can fool the proxy server and connect to any server and exchange data. The proxy server will think that we are doing some secure HTTP session.
For HTTPS, your browser connects to a proxy server and sends a command:
<FONT color=#000080><FONT color=#ff0000>CONNECT</FONT></FONT> neurospeech.com:443 <FONT color=#ff0000>HTTP/1.0</FONT> <CR><LF>
<FONT color=#ff0000>HOST</FONT> neurospeech.com:443<CR><LF>
[... other HTTP header lines ending with <CR><LF> if required].
<CR><LF>
Then, the proxy server treats this as some HTTP Secure Session, and opens a binary stream to the required server and port as defined. If a connection is established, the proxy server returns the following response:
<FONT color=#ff0000>HTTP/1.0</FONT> 200 Connection Established<CR><LF>
[.... other HTTP header lines ending with <CR><LF>..
ignore all of them].<CR><LF>
Now, the browser is connected to the end server and can exchange data in both a binary and secure form.
How to Do This
Now, it's your program's turn to fool the proxy server and behave as Internet Explorer behaves for Secure HTTP.
- Connect to Proxy Server first.
- Issue CONNECT Host:Port HTTP/1.1<CR><LF>.
- Issue <CR><LF>.
- Wait for a line of response. If it contains HTTP/1.X 200, the connection is successful.
- Read further lines of response until you receive an empty line.
- Now, you are connected to the outside world through a proxy. Do any data exchange you want.
Sample Source Code
try
{
CString Request,Response;
CSocketClient Client;
Client.ConnectTo(<FONT color=#ff0000>"192.0.1.1"</FONT>,4480);
Request = <FONT color=#ff0000>"CONNECT mail.yahoo.com:25 HTTP/1.0"</FONT>;
Client<<Request;
Request = <FONT color=#ff0000>""</FONT>;
Client<<Request;
Client>>Response;
int n = Response.Find(<FONT color=#ff00ff>' '</FONT>);
Response = Response.Mid(n+1);
if(Response.Left(3)!=<FONT color=#ff0000>"200"</FONT>)
{
AfxMessageBox(Response);
}
do
{
Client>>Response;
if (Response.IsEmpty())
break;
}while (true);
}
catch (CSocketException * pE)
{
pE->ReportError();
}
Library Source Code
The Dns.h file contains all DNS-related source code. It uses other libraries, as SocketEx.h, SocketClient.h, and NeuroBuffer.h.
CSocketEx
Socket functions as a wrapper class. (CSocket is very heavy and unreliable if you don't have the exact idea of how it works.) All the functions are of the same name as CSocket. You can use this class directly.
CSocketClient
Derived from CSocketEx and throws proper exceptions with details of Winsock errors. It defines two operators, >> and <<, for easy sending and receiving; it also changes network to host and host to network order of bytes if required.
CHttpProxySocketClient
Derived from CSocketClient, you can call the SetProxySettings(ProxyServer,Port) method and set proxy settings. Then, you can connect to the desired host and port as you need. The ConnectTo method is overridden, and it automatically implements an HTTP proxy protocol and gives you a connection without any hassle.
How to Use CHttpProxySocketClient
try
{
CHttpProxySocketClient Client;
Client.SetProxySettings(<FONT color=#ff0000>"192.0.1.1"</FONT>,1979);
Client.ConnectTo(<FONT color=#ff0000>"mail.yahoo.com"</FONT>,25);
}
catch(CSocketException * pE) {
pE->ReportError();
}
Note: I usually don't program in the form of .h and .cpp different files, because using them the next time somewhere else is a big problem because you must move both files here and there. So, I put all the code in my .h file only; I don't write to the .cpp file unless it's required. You need to copy only the SocketEx.h, SocketClient.h, and HttpProxySocket.h files into your project's directory, and add line:
#include "<FONT color=#ff0000>HttpProxySocket.h</FONT>"
after your:
#if !defined(.....
and so forth code of your Visual Studio-generated file. If you put anything above this, you will get n number of errors.
More about me.
General 
News 
Suggestion 
Question 
Bug 
Answer 
Joke 
Praise 
Rant 
Admin 
Submit an article or tip
( I have read your HTTP Tunneling's source code as study. I found some function don't be implemented, such as Auto Detection and Http Proxy Authentication. So I very hope you could send me a complete code. I will very appreciate your kindly. 
