Welcome to this socat tutorial. Socat is a network utility similar to netcat. Socat supports ipv6 and ssl and is available for both windows and linux. The first thing you will notice with this tool is that it has a different syntax on what you are used to with netcat or other standard unix tools.
socat [options] <address> <address>
You have to provide both addresses in order for it to work, now these addresses look like this:
protocol:ip:port
Let’s get started with some examples. First I want to show you how you can get the same functionality as with netcat.
nc localhost 80 socat - TCP4:localhost:80 OR socat STDIN TCP4:localhost:80
nc -lp localhost 700 socat TCP4-LISTEN:700 STDOUT
nc -lp localhost 700 -e /bin/bash socat TCP4-LISTEN:700 EXEC:/bin/bash
Now we can go beyond netcat with some ssl examples, but first we need to generate a ssl cert for the server.
Generate a SSL cert
openssl req -new -x509 -days 365 -nodes -out cert.pem -keyout cert.key
SSL server
socat OPENSSL-LISTEN:443,cert=/cert.pem -
SSL client
socat - OPENSSL:localhost:443
Both addresses don’t have to use the same protocol, so you can do “ssl server -> non-ssl server”. You should also check out the options that you can apply, for example you can use fork to tell socat to listen and handle multiple clients.
socat TCP4-LISTEN:5000,fork OPENSSL:localhost:443
Finally if you are tunneling a connection between servers using socat you can use the -v option to print all the traffic to stdout.
I hope you enjoyed this quick socat tutorial. If you want to learn more, check out the socat man page, section “ADDRESS TYPES” or the online documentation.