Socat, a powerful tools you should have in you arsenal. Some say socat is another swiss army knife beside netcat. It is a command line based utility that establishes two bidirectional byte streams and transfer data between them. Socat has been long used for creating a simple forwarder. But, did you know that we can do more than that?

Basic Knowledge

Basically socat is a tool to manipulate sockets. To give you a hint, socat comes from socket and cat.

The idea of sockets is too restrictive. Speaking socat we should speaks in the level of “data channel”. It can be combinations of:

  • a file
  • a pipe
  • a device (ex: a serial line)
  • a socket (IPv4, IPv6, raw, TCP, UDP, SSL)
  • a program or script

Now socat has a different syntax on what you are used to with netcat or other standard unix tools. Here is the simple syntax:

both channel should be provided. The channel should be like this:

All you need to remember is: socat is bidirectional. It is like a pipe so there is no strict definition of which one should be source or destination. Both address can have src/dst role.

Tips and Trick

Now, come to our actual topic. For the sake of simplicity, we will pretend there are two distinct hosts namely HOST-L and HOST-R.These hosts can be anywhere with any IP. In most case HOST-L is our local machine while HOST-R is remote machine. On most case we will use port 13510 and 18210 as example.

Let’s see our catalog:

  • Basic network connection
    • Connect to remote machine
    • Listening to a socket
    • UDP traffic
    • Execute program when connection come
    • SSLify connection
    • Make a tunnel
    • Make a tunnel via proxy
  • File transfer
    • Display content of file to standard output
    • Create and write to a file
    • Transfer file
  • UDP tunneling through SSH connection
  • Local serial line
  • Get HTTP content without browser

For example, shell.

for multiple connection

we also have SYSTEM address, which uses the system() call rather than a call to exec(). We can do something like this (something netcat can’t do).

In short, strip incoming SSL to plain traffic.

– Make a tunnel

– Make a tunnel via proxy

address can be a file. Thus directive FILE: is used to read content of file.txt and then pipe it.

– Transfer file

and as you might expect, pipe a file to remote host.

– UDP tunneling through SSH connection

see this article.

– Local serial line

Use as a local serial line. For example, to configure a network device, modem, or embedded device without a terminal emulator.

READLINE data channel use GNU readline to allow editing and reusing input lines like a classic shell.

– Grab some HTTP content without a browser

GET to EOF is something we need to type in.


Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code class="" title="" data-url=""> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong> <pre class="" title="" data-url=""> <span class="" title="" data-url="">