PHANTUM: Project Web Hosting - Open Source Software

Punch Hole Access for NAT-Traversal of UDP in a Module

Welcome to the PHANTUM project ("phantum")

PHANTUM is Punch-Hole Access for NAT Traversal of UDP in a Module; Built on top of Samy Kamkar's 'chownat' script, PHANTUM allows for pure client-agnostic TCP services to be tunneled over UDP and hosted behind NAT infrastructures.

The only other tool comparable (and better!) is Samy's own 'pwnat', which was released just a few months later.

Download phantum.pl


This project was registered on SourceForge.net on Sep 13, 2009.

Cool enough... but WHAT IS PHANTUM!?

#!/usr/bin/perl
################################################################################
#        _                 _                           _                       #
#  _ __ | |__   __ _ _ __ | |_ _   _ _ __ ___    _ __ | |                      #
# | '_ \| '_ \ / _` | '_ \| __| | | | '_ ` _ \  | '_ \| |                      #
# | |_) | | | | (_| | | | | |_| |_| | | | | | |_| |_) | |                      #
# | .__/|_| |_|\__,_|_| |_|\__|\__,_|_| |_| |_(_) .__/|_|                      #
# |_|                                           |_|                            #
#     v0.02b-beta                                                              #
#                                                                              #
# Copyright (c) 2007-2008 Lucas McLane (phantum.pl)                            #
# Copyright (c) 2004-2005 Samy Kamkar (chownat.pl)                             #
# Portions Copyright (c) 2005 Matthew Balman                                   #
#                                                                              #
# Developed 07/07/07                                                           #
#                                                                              #
# PHANTUM (Punch Hole Access for NAT Traversal of UDP in a Module)             #
# Not really a perl module... yet...                                           #
#                                                                              #
# Description:                                                                 #
#                                                                              #
#   Built on top of  chownat, phantum provides a  novel  method of  tunneling  #
#   client programs  *not*  hindered by  NAT/PAT  to  server programs sitting  #
#   behind NAT/PAT devices.                                                    #
#                                                                              #
#   The neat thing about  phantum  is that it provides a  true  client/server  #
#   model where the server does not need to know any client  IP  addresses to  #
#   allow them to  connect.   The client will  only  need to know the server.  #
#                                                                              #
#   NOTE: This is  *not*  the same thing as a true client/server 'chownat'...  #
#         Completely  new  restrictions  are required  to run the client-side  #
#         script (e.g. root access, no NAT, etc.).   However, the server-side  #
#         is in essence a true client-agnostic chownat!                        #
#                                                                              #
#   This works transparently without requiring any changes to NAT/PAT devices  #
#   separating the server program from client peers attempting  access  (i.e.  #
#   NO port forwarding  and  NO DMZ in order to communicate with each other).  #
#   More importantly,  it opens a tunnel between the two machines so one peer  #
#   (the client) can access a service, such as ssh, on a machine (the server)  #
#   which is behind one or more NAT/PAT devices.   There is NO middle man, NO  #
#   proxy,  NO 3rd party, and the application runs as an unprivileged user on  #
#   the server end.                                                            #
#                                                                              #
#   This application runs within a true  client/server  model with the server  #
#   having no knowledge of clients prior to them connecting.    This provides  #
#   the benefit of deploying client-agnostic services behind cascaded NAT/PAT  #
#   infrastructures, with the  restriction  that the client itself  is  *not*  #
#   located behind any  NAT/PAT infrastructures.   This restriction is due to  #
#   the need for clients to spoof their own source address/ports.              #
#                                                                              #
# PHANTUM Server Usage:                                                        #
#                                                                              #
#   phantum.pl -s <local port> <beacon host> [comm port]                       #
#                                                                              #
#   Where  '-s'  specifies  server-mode operation,  'local port'  is the port  #
#   number on the local machine the phantum will provide  tunnel service for,  #
#   and  'beacon host'/'beacon port' are any valid  *internet*  hostname/port  #
#   pair that  will drop  the phantum server's  UDP  beacon packets it sends.  #
#                                                                              #
# PHANTUM Client Usage:                                                        #
#                                                                              #
#   phantum.pl -c <local port> <beacon host> <dest host> <ip> [comm port]      #
#                                                                              #
#   Where  '-c'  specifies  client-mode  operation,  'local port' is the port  #
#   number on  the  local  machine  the  phantum  will  use  for  tunnelling,  #
#   'beacon host'/'beacon port'  are  the  same valid internet  hostname/port  #
#   pair that the phantum server is already beaconing packets to, 'dest host'  #
#   is the  internet  address  of  the internet-facing PAT device the phantum  #
#   server is located behind, and 'ip' is your machine's current IP  address.  #
#                                                                              #
# Example Scenario:                                                            #
#                                                                              #
#   In the diagram below, a  client  program with  an internet-addressable IP  #
#   address running  on  'System A' connects to  a  server program running on  #
#   'System B' via a phantum tunnel traversing the internet, multiple NAT/PAT  #
#   devices, and an intranet.                                                  #
#                                                                              #
#                  .-=-._.-=-.                                                 #
#     System A -> ( Internet  ) -> PAT#1 -> PAT#2 -> intranet -> System B      #
#                  -._.-=-._.-                                                 #
# Example Usage:                                                               #
#                                                                              #
#   System B w/ssh server:                                                     #
#                                                                              #
#       $ ./phantum.pl -s 22 foo.site                                          #
#                                                                              #
#   System A w/ssh client (as root):                                           #
#                                                                              #
#       # ./phantum.pl -c 1234 foo.site pat.nat my.ip.addr                     #
#                                                                              #
#   'System A'  may  then  run  `ssh -p 1234 username@localhost`  to  ssh  as  #
#   'username' to  'System B'  located behind 'pat.nat' and communicate right  #
#   through any and  *all*  NAT/PAT devices  located between the Internet and  #
#   'System B'.                                                                #
#                                                                              #
#   NOTE: 'foo.site:12345' must be a valid  (maybe down)  internet  host/port  #
#         pair  that is garuanteed  to  drop  any  UDP  packets  sent  to it.  #
#                                                                              #
################################################################################
#                                                                              #
# Software License:                                                            #
#                                                                              #
#   This program is free software: you can redistribute it and/or modify       #
#   it under the terms of the GNU General Public License as published by       #
#   the Free Software Foundation, either version 3 of the License, or          #
#   (at your option) any later version.                                        #
#                                                                              #
#   This program is distributed in the hope that it will be useful,            #
#   but WITHOUT ANY WARRANTY; without even the implied warranty of             #
#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the              #
#   GNU General Public License for more details.                               #
#                                                                              #
#   You should have received a copy of the GNU General Public License          #
#   along with this program.  If not, see <http://www.gnu.org/licenses/>.      #
#                                                                              #
################################################################################
						

Get the source code:

Source code for this project is available as a download or through the repository, accessible from the project summary page.

Project detail and discuss

Get support

Not what you're looking for?

You may also want to consider these similar tools:

SourceForge.net hosts over 100,000 Open Source projects. You may find what you're looking for by searching the site or using the Software Map.

Punch Hole Access for NAT-Traversal of UDP in a Module

Project Web Hosted by SourceForge.net

©Copyright 1999-2008 - SourceForge, Inc., All Rights Reserved

About - Legal - Help