A proof of concept for tunnelling HTTP over a permissive/open TURN server. This will connect to the server, setting up any TCP channels required. A local HTTP proxy is created on 8080, which can be used to "tunnel" the traffic to a target host, for example 169.254.169.254, which the TURN server has access to but you might not have direct access to.
More info: https://www.rtcsec.com/2020/04/01-slack-webrtc-turn-compromise/
If using GO Modules:
git clone https://github.com/staaldraad/turner
cd turner
go build
This assumes you already have a TURN server to connect to or are running your own. If you need to run your own checkout: https://github.com/coturn/coturn/wiki/turnserver
./turner -server turn.server:3478
You can also supply the username/password if the server requires these:
./turner -server turn.server:3478 -u username -p password -http
The HTTP proxy listens on 127.0.0.1:8080 by default.
Testing that the proxy works:
# should return your external IP
curl http://ifconf.co/ip
# should return the IP of the TURN server
curl -x http://localhost:8080 http://ifconf.co/ip
There is basic SOCKS5 support built-in. The SOCKS5 server can be toggled on via the -socks5 argument. The proxy listens on port 127.0.0.1:8000 by default.
./turner -server turn.server:3478 -u username -p password -socks5
It is also possible to enable both SOCKS5 and HTTP proxy-ing at the same time. Simply supply both arguments -http and -socks5.
Turner is licensed under a MIT License (https://choosealicense.com/licenses/mit/)