Microsoft dropped some tunneling, er, goodness? on us today, so we'll cover it and two other tunneling setups you can use to exfiltrate data gain legitimate access to network-restricted services. Just make sure you know what you're doing; otherwise you're leaving a wide open door for folks on Santa’s naughty list.

I covered the ngrok — the tunneler's tunnel — back in April, and you likely already know how to tunnel with SSH, plus you're better off using WireGuard/Tailscale on systems you legitimately control, so only two drops in today's edition.

VS Code Remote Tunnels

I end up using vim, Sublime Text, RStudio and VS Code on a daily basis (yes, all four). I use each in (mostly) different contexts, but I have to say, Microsoft certainly got something right with VS Code (well, apart from their skeezy telemetry garbage). It's a veritable Swiss Army knife for all thing editor-y.

When they added the ability to auto-ssh into remote systems, it became a bit easier to use than the old rmate hack (that also works with Sublime Text) and sped up some tasks (at least for me). I think it also likely caused a resurgence of the bad practice of connecting directly to production systems, but I have no data to back up that intuition (but, don't do that if you can at all avoid it).

The latest update adds a tunnel command to the code CLI tool, and also provides the functionality right in the VS Code GUI as well. Just do something like:

$ code tunnel --accept-server-license-terms

and you'll be walked through how to enable the tunnel and start accessing your system right from any web browser.

The cyber-portion of me is terrified of this. The coder-portion of me 💙s it.

Microsoft's intro blog covers everything from start to finish in excruciating detail, so no need for a tutorial from me.

I tested it and it works scarily good (it got past Reid’s incredibly effective locked-down macOS config at work, too, so…o_O).

Share

frp

Frp is a f-ast r-everse p-roxy written in Golang that lets you expose any local network service that's behind a firewall or NAT to the big bad internets. It handles TCP, UDP, HTTP, and HTTPS, and even supports the use of FQDNs! Plus, one can also do some point-to-point tunneling.

You configure it via environment variables or configuration files, and it sports both a dashboard and admin (web) GUI for those who need such pleasantries.

All kinds of authentication support is baked in, as is encryption (which you knew, already, since I mentioned HTTPS in the first ❡), along with the ability to do TCP multiplexing.

It's also a great way to learn about and play with KCP — an implementation of the Automatic Repeat Request (ARQ) protocol [direct PDF].

The feature list is far too long to replicate here, so you can hit the GH page for more information as well as builds for every conceivable system. I feel pretty silly for not covering this before, as it's a very useful tool that has a ton of legitimate (as well as nefarious) uses.

FIN

Of course, the best tunnels are ones dug through 3 foot snow packs (like we had the first year we moved to Maine). ☮