Converting SOCKS to HTTP/HTTPs – Study case: Tunneling Mobile phone through SSH.

Not all application can benefit from a SOCKS proxy (e.g. Internet Download manager), but most can do of a HTTP/HTTPS proxies (e.g. Internet Download manager as well). Usually, in case we opened a SSH tunnel to some server, we can put our data to the tunnel through a SOCKS proxy, but what about our mobile phone devices that can’t accept a SOCKS proxy? We then need to convert SOCKS to HTTP/HTTPS.

 

Introduction:

In a previous post, our discussion was about how to get Skype tunneled through an SSH tunnel in case Skype got censored or blocked by any ISP. After this, some concern was raised about how to get Skype Mobile tunneled through SSH, so I decided to give this post about this.

 

Note that, in this post, we will discuss how we are going to tunnel the mobile phone traffic in general through SSH. That doesn’t mean in any way, that we will certainly oblige “Skype Mobile” to take into consideration, the configurations we are going to do. If Skype Mobile isn’t programmed to take the settings we are about to configure, into consideration, we will not have the required results. For me, the easiest way to know that is to try. For that purpose, our discussion would be more general than Skype Mobile, and we will discuss tunneling a mobile phone device’s traffic into an SSH tunnel in general.

 

First of all, I want to define our resources, our requirements and our strategies.

Resources:

1. A “modern” mobile phone device with WiFi.
2. A computer with network card (WiFi our Cable)
3. A WiFi Router: we will depend on a WiFi router in our post now… however, that doesn’t mean that there isn’t a way to do it with only a WiFi computer and a WiFi mobile phone and without a router. It’s just that it would need more networking skills acquired and I am not teaching a Computer Networking course here.
4. SSH subscription : our example here will be a “www.Shellmix.com” account.
5. SSH client : our example here will be “Putty” :
6. Skills of working with SSH : can be acquired from the previous post.
7. http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html
8. Polipo : a web cache proxy, http://freehaven.net/~chrisd/polipo/ (we will use the Win32).
9. 0.5 Kg Patience, 0.5 Kg Focus.

Note: in case you’ve read the previous post, then you’d have already got some of the resources and achieved some requirements and got familiar to them.

Requirements:

We are required to let all internet access request from the mobile phone device to pass to the computer, then through the SSH tunnel to the SSH server then to the internet, thus, passing undetected by the ISP.

Strategy:

First, I want to say that a thorough explanation of how to make an account on Shellmix have been put in the previous post, along with how we can connect to Shellmix with Putty tool.

Supposing that I already have a Shellmix account, and that I’ve already downloaded “Putty” … I now want to start configuring and setting up the ingredients.

The setup we want to build is as the following:

 

First, I want to have the Router running, and the PC connected to the router. In our context, we are talking about a small home or office router that usually have a DHCP server, with NAT and Internet access (e.g. DSL modem). When the mobile phone and the computer are both connected to the router, each should have been assigned an IP address:

As shown in the figure, we are only interested in the IP address of the computer, due to his role as a “proxy” in our setup, whereas the mobile phone can carelessly take any IP address.

---

Now we move to the computer.

Computer Setup:

Putty:

First we want to run “Putty”. In the main screen we enter the Shellmix address:

Now, in the “Category” tree on the right, we go to “Connection –> SSH –> Tunnels”, select “Dynamic”, and in the “Source port” we type “9090” and we click “Add”:

 

Now, we click “Open” and login to Shellmix.

To test the Shellmix connection, we can use a web browser. Simply, configure the browser to use the SOCKS proxy, an example of setting up Firefox is here:

try to open any webpage (e.g. Google) and if appears successfully, then the SSH connection is fine and we’re good to go.

 

Polipo:

The second step, is to setup “Polipo”.

– Configuring Polipo:

After we have downloaded the package, we extract the contents of the Polipo archive somewhere (e.g. C:\ ), and we head to a file called “config.sample” … this is a sample configuration file. We will make a copy of it in the same location and named it “polipo.conf”.

The configuration file has plenty of settings that we can play with, but for now, only few are those we want to enter. I‘ve summed up the settings that needs to be entered, and I am listing them here, you copy these as they are to the end of the “polipo.conf” file:

proxyAddress = "172.16.1.8"
proxyPort = 8080
allowedClients = "0.0.0.0/0"
proxyName = "polipo.example.org"
cacheIsShared = false
socksParentProxy = "localhost:9090"
socksProxyType = socks4a
localDocumentRoot = ""
disableVia=false
censoredHeaders = from, accept-language
censorReferer = maybe

 

Now, we need to shed light on some of those settings because of their importance to us.
proxyAddress is set to “172.16.1.8” because we want “Polipo” to listen on the network card connected to the route. the IP address “172.16.1.8” we used was just for example, in real life, you should use the IP address of the network card that connects to the router.
allowedClients is set to “0.0.0.0/0”, meaning that service is available to ANY device with ANY IP address in the whole world, now, someone would ask, why not providing the service only for the mobile phone we have?! I say, yes you can, if you replace the “0.0.0.0” with the phone IP address, but in this case we won’t be able to test Polipo except from the mobile device which we haven’t yet configured in the first place, so for testing purposes, we are going to keep it “0.0.0.0/0”.
proxyPort is the port on which Polipo will be listening, and we should be sure that this port is Free (i.e. not taken by another application).
socksParentProxy and socksProxyType, are related to the settings we put in Putty (remember?!), I set the proxy type to socks4a, whereas I could put it to socks5, because I have read previously that socks4a is faster than socks5.

– Lunching Polipo:

Now we are ready to lunch Polipo.

To make things simple, create a new text file and put it in the folder of Polipo. Open that file and type the following line in it:

polipo.exe –c polipo.conf

this line says “Run polipo with the configuration file called polipo.conf”. To let the computer execute this line as a command, rename the file to “any_name.bat”, and now you can now run Polipo by double-clicking this file.

My successful setup would show me this screen after running Polipo:

Supposing that Shellmix connection is still established, and that Polipo have just been lunched. We need to test our setup till now, so we go to Firefox again, and we set the proxy settings according to what we configured in Polipo:

NOTE: Even though you see SOCKS v5 selected, it has no effect, since we don’t provide Firefox with a SOCKS proxy address … so we are using (in Firefox) only HTTP/HTTPS proxy here, we are using only Polipo proxy NOT Putty proxy.

Try to open a website, and if you see the page, then we are good to go.

---

Configuring the Mobile Phone:

Now that we have installed, configured and ran the applications we want on the PC, it’s time to go to the mobile phone device, and configure it in a way that it uses the Polipo proxy we’ve just ran on the PC.

Unfortunately, I can’t show the configurations of all mobile phone models in the world, but I think that a vast number of mobile phone models has the Symbian S60 OS on them, and it’s easy for me to configure a Symbian S60 OS since I have Symbian-enabled phone, so we are going with that.

The mobile phone I am using here is a Sony Ericsson Satio that has a Symbian S60 5th Edition on it, same as Nokia Xpress 5800 and other new models.

I made some screenshots in the mobile phone that shows how we can reach the “Proxy Settings” of the device.

First we go to the “Settings”:

Then to the “Connectivity” settings:

Now, we go to the “Destinations” where all of our saved connections are stored, among them I have the WiFi connection that connects to my router. I organized my connections in categories, and put the one we want in “Internet”:

Now, the one we want is “H-WiFi”, I click it:

Now, I press “Options” on the bottom left of the screen, and I choose “Advanced Options” – Now you are Advanced 😉 – :

You can clearly see where you need to put the options:

 

And we are finished!!!!!

Now, every time an application in the mobile tries to generate HTTP traffic, it will pass through our computer then through the SSH tunnel and finally to the internet.

Now you go for a test ride by opening your mobile web browser and connect through the connection we’ve just configured.

You can use : www.whatismyip.com to know the IP address that the internet recognize you with.

You can use : www.dawhois.com to lookup the Geographic location of the IP address. Shellmix is in Poland, so you should be appearing with a Polish IP address.

NOTE: even if Shellmix connection crashed in the middle of browsing, you can establish a new connection and continue working without restarting Polipo.

NOTE: the IP address “172.16.1.8” we used was just for example, in real life, you should use the IP address of the network card that connects to the router.

 

I hope you enjoyed and took advantage of the tutorial.

Feel free to contact on : hassoon3@msn.com

Thanks.

Read Full Post »