SOCKS

The SOCKS protocol is an Internet - protocol , the client-server applications allowed, protocol independent and transparent a the services of proxy server to use. SOCKS is an abbreviation for " SOCKetS ".

Clients behind a firewall that want to establish a connection to an external server connect to a SOCKS proxy instead. This proxy server checks the authorization of the client to contact the external server and forwards the request to the server.

The SOCKS protocol was originally developed by NEC (SOCKS 4). The current version 5 of the protocol, as described in RFC 1928 , extends the previous versions to include support for UDP , authentication , name resolution on the SOCKS server and IPv6 .

In the TCP / IP model , it is an intermediate layer between the application layer and the transport layer.

The SOCKS-4 protocol

inquiry

A typical SOCKS-4 connection is established via TCP as follows: The client connects to the server and sends such a packet:

length	description
1 byte	Version (for SOCKS4: 0x04)
1 byte	Command: 0x01= new TCP / IP connection 0x02 = binds a port
2 bytes	Port number
4 bytes	IPv4 address
indefinite	User ID (optional; if no authentication is required, skip this section)
1 byte	Termination with zero byte ( 0x00)

answer

length	description
1 byte	Zero byte ( 0x00)
1 byte	Response code: 0x5A = Request approved 0x5B = Request refused or failed 0x5C= Request failed because the client is not identdexecuting (or cannot be reached by the server) 0x5D= Request failed because identdthe ID could not confirm
2 bytes	Any data.
4 bytes	Any data.

example

Fred would like to connect to the IP 66.102.7.99on port 80 via SOCKS4 . To do this, it connects to the SOCKS4 proxy of its choice via TCP and sends the following request:

version	command	Port number	address	User ID	graduation
0x04	0x01	0x00 0x50	0x42 0x66 0x07 0x63	0x46 0x72 0x65 0x64	0x00

In the case of the user ID, "Fred" is formatted as a character string in ASCII .

The server replies with "OK":

Zero byte	Response code	Any data	Any data
0x00	0x5A	0xXX	0xXX

0xXX is a placeholder for any byte.

From then on, all data that the client (Fred) sends to the SOCKS proxy is 66.102.7.99forwarded to and vice versa.

The SOCKS-5 protocol

SOCKS-5 differs from SOCKS-4 mainly through better authentication, UDP and IPv6 support.

The structure now works like this:

1. The client connects to the server and welcomes it with authentication methods that it supports.
2. The server responds using one of the methods sent by the client.
3. A number of packages can be sent depending on the method.
4. The client sends a connection request similar to SOCKS-4
5. The server responds similarly to SOCKS-4

Authentication methods

byte	Surname	Explanation
0x00	NO AUTHENTICATION REQUIRED	No authentication required
0x01	GSSAPI	GSSAPI, see RFC 2743 . Used u. a. from Kerberos .
0x02	USERNAME / PASSWORD	Authentication with user name and password, see RFC 1929
0x03 to 0x7F	IANA ASSIGNED	Are from the IANA assigned
0x80 to 0xFE	RESERVED FOR PRIVATE METHODS	Reserved for non-public methods
0xFF	NO ACCEPTABLE METHODS	Not an acceptable method

The client sends its authentication methods first:

length	description
1 byte	Version (for SOCKS 5 0x05)
1 byte	Number of authentication methods supported ${\ displaystyle n}$
${\ displaystyle n}$ Bytes	Byte values ​​of the methods mentioned under 'Authentication methods', one byte per method

The server announces the selection of the method

length	description
1 byte	Version ( 0x05)
1 byte	Byte value of the authentication method; 0xFFif no acceptable method is found.

The connection request

This is what the connection request looks like at SOCKS5:

length	description
1 byte	Version (for SOCKS5: 0x05)
1 byte	Command: 0x01: Establish a TCP connection 0x02: Receive a TCP connection, i.e. H. open a server. 0x03: Set up a UDP forwarding
1 byte	Reserved: must 0x00be
1 byte	Address type (type of destination address): 0x01: IPv4 address 0x03: Domain name 0x04: IPv6 address
	Depending on the selected address type: IPv4: 4 bytes Domain name: 1 byte (length of the domain) + domain IPv6: 16 bytes
2 bytes	Port in byte order big-endian

The server response looks like this:

length	description
1 byte	Version ( 0x05)
1 byte	Response code (see table of response codes )
1 byte	Reserved: must 0x00be
1 byte	Address type: 0x01: IPv4 address 0x03: Domain name 0x04: IPv6 address
	Depending on the address type: IPv4: 4 bytes Domain name: 1 byte (length of the domain) + domain IPv6: 16 bytes
2 bytes	Port in byte order big-endian

Response codes

byte	Surname	Explanation
0x00	succeeded	Connection established successfully
0x01	general SOCKS server failure	Server failure
0x02	connection not allowed by ruleset	Connection not allowed due to server configuration.
0x03	Network unreachable	The target network cannot be reached
0x04	Host unreachable	The target host cannot be reached
0x05	Connection refused	connection denied
0x06	TTL expired	Target computer too far away
0x07	Command not supported	Request command is not supported
0x08	Address type not supported	ATYP of the request is not supported
0x09 to 0xFF	Not forgiven

SOCKS server

List of SOCKS servers:

• Delegate universal proxy server, including socks server, open source
• universal proxy server, including socks server, open source
• Dante Socks server
• Java Socks server, open source
• Socks4 server
• mocks
• CuteSocks
• SSH as a socks server

SOCKS clients / SOCKS wrappers

There are programs that allow other programs to reach external networks via SOCKS without having to bring special support with them:

List of SOCKS clients:

• Dante client
• FreeCap
• WideCap
• Open Text SOCKS Client (successor to "Hummingbird SOCKS")
• ProxyCap
• SocksCap (Google Link)
• tsocks
• socat
• redsocks
• proxychains
• proxifier
• tun2socks

Specifications

• RFC 3089 - A SOCKS-based IPv4 / IPv6 gateway mechanism
• RFC 1961 - GSS-API authentication method for SOCKS V5
• RFC 1929 - Username / Password Authentication for SOCKS V5
• RFC 1928 - SOCKS protocol version 5