├── README.md ├── LICENSE └── RTT-Tunnel-Helper.sh /README.md: -------------------------------------------------------------------------------- 1 | 2 | # Reverse Tcp Tunnel Installer For Debian and Ubuntu 3 | 4 | Reverse Tcp Tunnel with custom sni handshake 5 | 6 | ## OS Supported: 7 | 8 | 9 | ```bash 10 | Ubuntu 22.04 11 | Ubuntu 20.04 12 | Debian 12 13 | Debian 11 14 | ``` 15 | 16 | 17 | 18 | 19 | 20 | ## Install 21 | 22 | Clone the project 23 | 24 | ```bash 25 | bash -c "$(curl -L https://raw.githubusercontent.com/azadrahorg/RTT-Tunnel-Helper/main/RTT-Tunnel-Helper.sh)" 26 | ``` 27 | 28 | ### How to Manage 29 | Stop the service. 30 | ```bash 31 | systemctl stop tunnel.service 32 | ``` 33 | View the status of the service. 34 | ```bash 35 | systemctl status tunnel.service 36 | ``` 37 | Restart the service. 38 | ```bash 39 | systemctl restart tunnel.service 40 | ``` 41 | 42 | 43 | ## Related 44 | 45 | Thanks to 46 | 47 | https://github.com/radkesvat/ReverseTlsTunnel/tree/master 48 | 49 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2023 azadrahorg 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /RTT-Tunnel-Helper.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -e 2 | 3 | echo 4 | echo "=== azadrah.org ===" 5 | echo "=== https://github.com/azadrahorg ===" 6 | echo "=== RTT-Tunnel-Helper ===" 7 | echo 8 | sleep 1 9 | 10 | function exit_badly { 11 | echo "$1" 12 | exit 1 13 | } 14 | 15 | error() { 16 | echo -e " \n $red Something Bad Happen $none \n " 17 | } 18 | 19 | if [ "$EUID" -ne 0 ] 20 | then echo "Please run as root." 21 | exit 22 | fi 23 | 24 | if pgrep -x "RTT" > /dev/null; then 25 | echo "Tunnel is running!. you must stop the tunnel before update. (pkill RTT)" 26 | echo "Kiling RTT..." 27 | sleep 5 28 | pkill RTT 29 | echo "Done" 30 | fi 31 | 32 | DISTRO="$(awk -F= '/^NAME/{print tolower($2)}' /etc/os-release|awk 'gsub(/[" ]/,x) + 1')" 33 | DISTROVER="$(awk -F= '/^VERSION_ID/{print tolower($2)}' /etc/os-release|awk 'gsub(/[" ]/,x) + 1')" 34 | 35 | valid_os() 36 | { 37 | case "$DISTRO" in 38 | "debiangnu/linux"|"ubuntu") 39 | return 0;; 40 | *) 41 | echo "OS $DISTRO is not supported" 42 | return 1;; 43 | esac 44 | } 45 | if ! valid_os "$DISTRO"; then 46 | echo "Bye." 47 | exit 1 48 | else 49 | [[ $(id -u) -eq 0 ]] || exit_badly "Please re-run as root (e.g. sudo ./path/to/this/script)" 50 | fi 51 | 52 | update_os() { 53 | apt-get -o Acquire::ForceIPv4=true update 54 | apt-get -o Acquire::ForceIPv4=true install -y software-properties-common 55 | add-apt-repository --yes universe 56 | add-apt-repository --yes restricted 57 | add-apt-repository --yes multiverse 58 | apt-get -o Acquire::ForceIPv4=true install -y moreutils dnsutils tmux screen nano wget curl socat jq qrencode unzip lsof 59 | } 60 | 61 | rtt_instller() { 62 | 63 | case $(uname -m) in 64 | x86_64) URL="https://github.com/radkesvat/ReverseTlsTunnel/releases/download/V5.0/v5.0_linux_amd64.zip" ;; 65 | arm) URL="https://github.com/radkesvat/ReverseTlsTunnel/releases/download/V5.0/v5.0_linux_arm64.zip" ;; 66 | aarch64) URL="https://github.com/radkesvat/ReverseTlsTunnel/releases/download/V5.0/v5.0_linux_arm64.zip" ;; 67 | 68 | *) echo "Unable to determine system architecture."; exit 1 ;; 69 | 70 | esac 71 | 72 | 73 | 74 | wget $URL -O v5.0_linux_amd64.zip 75 | unzip -o v5.0_linux_amd64.zip 76 | chmod +x RTT 77 | rm v5.0_linux_amd64.zip 78 | mkdir /usr/local/bin/rtt 79 | mv RTT /usr/local/bin/rtt 80 | } 81 | 82 | CHS=3 83 | IRIP=$(dig -4 +short myip.opendns.com @resolver1.opendns.com) 84 | EXIP=0.0.0.0 85 | IRPORT=23-65535 86 | IRPORTTT=443 87 | TOIP=127.0.0.1 88 | TOPORT=multiport 89 | 90 | 91 | iranserver() { 92 | cat >/etc/systemd/system/tunnel.service <<-EOF 93 | [Unit] 94 | Description=Reverse TLS Tunnel 95 | 96 | [Service] 97 | Type=idle 98 | User=root 99 | WorkingDirectory=/usr/local/bin/rtt 100 | ExecStart=/usr/local/bin/rtt/RTT --iran --lport:$IRPORT --sni:$SNI --password:$TOPASS 101 | Restart=always 102 | 103 | [Install] 104 | WantedBy=multi-user.target 105 | EOF 106 | systemctl daemon-reload 107 | systemctl --now enable tunnel.service 108 | systemctl start tunnel.service 109 | } 110 | 111 | externalserver() { 112 | cat >/etc/systemd/system/tunnel.service <<-EOF 113 | [Unit] 114 | Description=Reverse TLS Tunnel 115 | 116 | [Service] 117 | Type=idle 118 | User=root 119 | WorkingDirectory=/usr/local/bin/rtt 120 | ExecStart=/usr/local/bin/rtt/RTT --kharej --iran-ip:$EXIP --iran-port:$IRPORTTT --toip:$TOIP --toport:$TOPORT --password:$TOPASS --sni:$SNI --terminate:$TERM 121 | Restart=always 122 | 123 | [Install] 124 | WantedBy=multi-user.target 125 | EOF 126 | systemctl daemon-reload 127 | systemctl --now enable tunnel.service 128 | systemctl start tunnel.service 129 | } 130 | 131 | echo "Select Server Location:" 132 | echo "1.Iran(Internal)" 133 | echo "2.kharej(External)" 134 | echo "3.Exit" 135 | read -r -p "Select Number(Default is: 3):" CHS 136 | 137 | case $CHS in 138 | 1) echo "Be carefull SSH port must under 23" 139 | echo "Multiport is activated all ports above 22 were forwarded" 140 | read -r -p "RTT PASS(Default is: zzazza@@@zzazza): " TOPASS 141 | TOPASS=${TOPASS:-"zzazza@@@zzazza"} 142 | read -r -p "RTT SNI(Default is: parsianhospital.com): " SNI 143 | SNI=${SNI:-"parsianhospital.com"} 144 | read -r -p "RTT Restart Time(Default is: 24): " TERM 145 | TERM=${TERM:-"24"} 146 | sleep 3 147 | update_os 148 | rtt_instller 149 | iranserver 150 | echo 151 | echo "=== Finished ===" 152 | echo 153 | sleep 3 154 | exit ;; 155 | 2) echo "Be carefull SSH port must under 23" 156 | echo "Multiport is activated all ports above 22 were forwarded" 157 | read -r -p "RTT IP(Enter Iran IP): " EXIP 158 | read -r -p "RTT PASS(Default is: zzazza@@@zzazza): " TOPASS 159 | TOPASS=${TOPASS:-"zzazza@@@zzazza"} 160 | read -r -p "RTT SNI(Default is: parsianhospital.com): " SNI 161 | SNI=${SNI:-"parsianhospital.com"} 162 | read -r -p "RTT Restart Time(Default is: 24): " TERM 163 | TERM=${TERM:-"24"} 164 | sleep 3 165 | update_os 166 | rtt_instller 167 | externalserver 168 | echo 169 | echo "=== Finished ===" 170 | echo 171 | sleep 3 172 | exit ;; 173 | 3) exit_badly ;; 174 | 175 | *) echo "Done."; exit 1 ;; 176 | 177 | esac --------------------------------------------------------------------------------