socat

Listen to a port, wait for an incoming connection and transfer data to STDIO

$ sudo socat - TCP-LISTEN:8080,fork

$ sudo socat OPENSSL-LISTEN:4433,reuseaddr,cert=./cert.pem,cafile=./ca.cert.pem,key=./key.pem,verify=0 STDOUT

$ sudo socat - TCP4:www.example.com:80

$ sudo socat TCP-LISTEN:80,fork TCP4:www.example.com:80

$ [echo "Hello Multicast"] | socat - UDP4-DATAGRAM:[224.0.0.1]:[5000]

$ socat - UDP4-RECVFROM:[5000]

socat [options]

-d[d[d]]
    Increases the debug level. More 'd's produce more verbose output, useful for troubleshooting.

-v
    Be verbose. Prints details about data transfer and connection status.

-u
    Unidirectional mode. Data flow is only from to .

-L
    Loop forever. After a connection ends, restart the listening process for server addresses. Useful for continuously serving clients.

-t
    Sets a timeout for inactivity. If no data is transferred for seconds, the connection is closed.

-T
    Sets a total timeout. The connection is closed after seconds, regardless of activity.

-r
    If a child process (from fork option) terminates, the parent will restart it after seconds.

-s
    Semiclose. After EOF from a peer, shutdown the write direction of the socket rather than closing it completely.

-a
    Applies specific options to the subsequent address. E.g., -a fork makes a new process for each connection; -a reuseaddr allows immediate reuse of local addresses.

socat (SOcket CAT) is a powerful command-line utility that establishes two bidirectional byte streams and transfers data between them. It can connect almost any kind of data channel (file, pipe, device, a client or server socket, SSL, proxy connections, etc.) to another data channel.

It functions as a highly flexible 'swiss army knife' for networking, enabling users to create intricate network setups, perform port forwarding, establish simple proxies, debug network services, or even wrap insecure services with SSL/TLS encryption. Its capabilities far exceed those of simpler tools like netcat, offering a comprehensive suite of options for fine-grained control over connections and data flow.

Security Risk: Misconfigured socat instances can create severe security vulnerabilities, exposing services or systems to unauthorized access.
Complexity: The vast number of options and address types can make socat challenging to master, leading to a steep learning curve.
Error Handling: Some errors can be cryptic, requiring detailed debugging (with -d options) to diagnose.

socat's power comes from its flexible address types:

• TCP:host:port: Connects to a TCP server.
• TCP-LISTEN:port: Listens for incoming TCP connections.
• UDP:host:port: Sends UDP packets to a host.
• UDP-LISTEN:port: Listens for incoming UDP packets.
• UNIX:path: Connects to a Unix domain socket.
• UNIX-LISTEN:path: Listens on a Unix domain socket.
• FILE:path: Reads from or writes to a file.
• STDIO: Standard input/output.
• EXEC:command: Executes a command and connects to its stdin/stdout.
• SSL:host:port: Establishes an SSL/TLS connection.

Port Forwarding: socat TCP-LISTEN:8080 TCP:127.0.0.1:80 (forwards local 8080 to local 80).
Simple Proxy: socat TCP-LISTEN:8888,fork TCP:www.example.com:80 (simple HTTP proxy).
SSL Wrapper: socat SSL-LISTEN:443,cert=server.pem TCP:127.0.0.1:80 (adds SSL to an insecure service).
Reverse Shell: socat TCP-LISTEN:4444 EXEC:/bin/bash,pty,stderr,setsid,sigint,sane (advanced reverse shell setup).

Developed by Gerhard Rieger, socat was first released around 2000. It was designed to address the limitations of simpler tools like netcat, providing a more robust, flexible, and feature-rich solution for connecting diverse data streams, including support for modern protocols like IPv6 and SSL/TLS. It has since become a staple in network administration and security toolkits.

nc(1), netcat(1), ncat(1), ssh(1), openssl(1), xinetd(8)