The Wormhole (or just Woole) is an Open-Source reverse-proxy, sniffing, and tunneling tool developed in Go
The Woole provide two modules, the server and the client. The server is responsible to setup a HTTP Tunnel and send requests to the client and wait for his response. The client get the request using the configured tunnel, use reverse-proxy to perform the request, store the information and send back the response to the server. Also, the client provides a dashboard using the configured port where the requests can be analysed.
./woole -proxy localhost:80 -tunnel https://woole.me:8001
===============
HTTP URL: http://x5ck9p8e.woole.me
Proxying: http://localhost:80
Dashboard: http://localhost:8000
===============
To log on console every request and response handled, set the -log-level to INFO.
| Option | Description |
|---|---|
-proxy |
URL to Proxy (Internal or External Network) (default :80) |
-tunnel |
Server Tunnel URL. TODO: If no one is set, the sniffer will run locally (default :8001) |
-name |
An unique key used to identify the client on server |
-dashboard |
Dashboard Port (default 8000) |
-records |
Max Requests to Record (default 16) |
-log-level |
Log Level (default OFF) |
-allow-insecure-tls |
Allow Insecure TLS |
The -proxy and the -tunnel can be defined using:
proto://host:port;proto://host;host:port, (default protoHTTP);host, (default port80);- :
port, where the colon is important (default hostlocalhost).
Note that if the server has configured the TLS, the tunnel URL MUST be explicitly HTTPS. The HTTP tunnel is only available on servers where the TLS is not used.
The -name is optional, but note that when creating the URL, the provided name will be prioritized. The name will be used for the first attached tunnel and the subsequents will be appended with a 5 digits hash. The name will become available again once the tunnel dettach.
If no name is provided, an 8 digits hash will be returned instead.
On the server called https://woole.me, if the name test is used the server will return:
- https://test.woole.me, if the name test is not in use right now OR
- https://test-3ld8f.woole.me, with a 5 digits hash.
Otherwise, if the name is not provided, an 8 digits hash will be used instead:
With Woole, you can create YOUR own server. But before setup your Woole Server, be sure that your server port is open and the firewall (if configurable) has the HTTP, HTTPS and Tunnel port configured. Consult the server provider documentation to know how to configure that. Domains and hostings are not provided by Woole Server.
The https://woole.me website was created to provide a free-to-use Woole Server. Just use the tunnel URL https://woole.me:8001. The virtual machine is not so powerful so use with moderation. Note that the website disponibility can change without further advise.
./woole-server
===============
HTTP listening on http://{client}
Tunnel listening on http://{client}:8001
===============To log on console every request and response handled, set the -log-level to INFO.
| Option | Description |
|---|---|
-pattern |
Set the host pattern. The '{client}' MUST be present (default {client}) |
-http |
HTTP Port (default 80) |
-https |
HTTPS Port (default 443) |
-tunnel |
Tunnel Port (default 8001) |
-timeout |
Timeout for receive a response from Client (default 10000) |
-tls-cert |
TLS cert/fullchain file path |
-tls-key |
TLS key/privkey file path |
-log-level |
Log Level (default OFF) |
The pattern is used to define the host format and where the client name will be displayed on URL. Example, {client}.woole.me will generate URLs as:
- client-name-here.woole.me;
- test.woole.me
- l2rhwi87aira.woole.me;
The HTTPS URL will only be provided if the -tls-cert and the -tls-key is provided. The HTTPS port can be changed using -https.
Manually:
git clone --depth 1 https://github.com/ecromaneli/woole.git
# to build the client
cd woole/cmd/client
go build
chmod +x woole
# to build the server
cd woole/cmd/server
go build
chmod +x woole-server
Now, just run the executable using the options above. You can also use -help to see the available options.
- Created by Emerson Capuchi Romaneli (@ECRomaneli).
- @ofabricio and the Capture repository where the sniffing tool was originally based.
The Woole project, the woole.me website and all its contributors are not responsible for and do not encourage the use of this tool for any illegal activity. You as the user are solely responsible for its use. Report cybercrimes.