Skip to content

Update the SOCKS proxy to use the new RelayManager#21048

Merged
dledda-r7 merged 5 commits intorapid7:masterfrom
zeroSteiner:feat/mod/socks-proxy/fiber-update
Apr 2, 2026
Merged

Update the SOCKS proxy to use the new RelayManager#21048
dledda-r7 merged 5 commits intorapid7:masterfrom
zeroSteiner:feat/mod/socks-proxy/fiber-update

Conversation

@zeroSteiner
Copy link
Copy Markdown
Contributor

@zeroSteiner zeroSteiner commented Mar 3, 2026
edited by dledda-r7
Loading

This updates the SOCKS5 proxy module to use the newish RelayManager added in #20677 . The result is a net reduction in code and some performance improvements.

Requires rapid7/rex-core#45

Verification

List the steps needed to make sure this thing works

  • Start msfconsole
  • use auxiliary/server/socks_proxy
  • Use the proxy, make sure it's working correctly

Simple Benchmarking

This simple benchmark at least showed that when making repeated GET requests to a local server that is listening, the operation finished in about half the time.

smcintyre@fedora:~/Repositories/metasploit-framework$  for i in $(seq 1 100); do
    curl --socks5 127.0.0.1:1080 http://127.0.0.1:8000/ -o /dev/null -s -w "%{time_connect} %{time_total}\n"
  done | awk '{sum+=$2; n++} END {print "avg:", sum/n}'
avg: 0.0104874
smcintyre@fedora:~/Repositories/metasploit-framework$  for i in $(seq 1 100); do
    curl --socks5 127.0.0.1:1080 http://127.0.0.1:8000/ -o /dev/null -s -w "%{time_connect} %{time_total}\n"
  done | awk '{sum+=$2; n++} END {print "avg:", sum/n}'
avg: 0.014277
smcintyre@fedora:~/Repositories/metasploit-framework$  for i in $(seq 1 100); do
    curl --socks5 127.0.0.1:1080 http://127.0.0.1:8000/ -o /dev/null -s -w "%{time_connect} %{time_total}\n"
  done | awk '{sum+=$2; n++} END {print "avg:", sum/n}'
avg: 0.0125423

smcintyre@fedora:~/Repositories/metasploit-framework$ # new code tests start here

smcintyre@fedora:~/Repositories/metasploit-framework$  for i in $(seq 1 100); do
    curl --socks5 127.0.0.1:1080 http://127.0.0.1:8000/ -o /dev/null -s -w "%{time_connect} %{time_total}\n"
  done | awk '{sum+=$2; n++} END {print "avg:", sum/n}'
avg: 0.00496531
smcintyre@fedora:~/Repositories/metasploit-framework$ 
smcintyre@fedora:~/Repositories/metasploit-framework$  for i in $(seq 1 100); do
    curl --socks5 127.0.0.1:1080 http://127.0.0.1:8000/ -o /dev/null -s -w "%{time_connect} %{time_total}\n"
  done | awk '{sum+=$2; n++} END {print "avg:", sum/n}'
avg: 0.00502326
smcintyre@fedora:~/Repositories/metasploit-framework$  for i in $(seq 1 100); do
    curl --socks5 127.0.0.1:1080 http://127.0.0.1:8000/ -o /dev/null -s -w "%{time_connect} %{time_total}\n"
  done | awk '{sum+=$2; n++} END {print "avg:", sum/n}'
avg: 0.00545381
smcintyre@fedora:~/Repositories/metasploit-framework$

@zeroSteiner zeroSteiner force-pushed the feat/mod/socks-proxy/fiber-update branch from cbd1f60 to ee24da5 Compare March 3, 2026 22:47
@smcintyre-r7 smcintyre-r7 requested a review from Copilot March 12, 2026 21:28
Copilot AI reviewed Mar 12, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR refactors the SOCKS5 proxy implementation to use Rex::IO::RelayManager for TCP relaying instead of the local per-socket relay mixin, and updates the rex-core dependency to a git-based version that provides the needed relay manager behavior.

Changes:

  • Replace the custom SOCKS5 TcpRelay implementation with Rex::IO::RelayManager-based relays.
  • Add a relay_manager to the SOCKS5 server and use it from ServerClient.
  • Switch rex-core dependency to a specific git branch/revision in Bundler.

Reviewed changes

Copilot reviewed 3 out of 4 changed files in this pull request and generated 2 comments.

File Description
lib/rex/proto/proxy/socks5/server.rb Initializes and exposes a RelayManager instance for use by SOCKS5 clients.
lib/rex/proto/proxy/socks5/server_client.rb Removes bespoke relay threading and wires sockets through the shared RelayManager; updates error logging and stop behavior.
Gemfile Pins rex-core to a git branch to pick up RelayManager changes.
Gemfile.lock Locks Bundler to the git-sourced rex-core revision.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

You can also share your feedback on Copilot code review. Take the survey.

cgranleese-r7
cgranleese-r7 approved these changes Mar 19, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@cgranleese-r7 cgranleese-r7 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe if we have the cycles add some tests for this would be nice!

@github-project-automation github-project-automation bot moved this from Todo to In Progress in Metasploit Kanban Mar 19, 2026
@zeroSteiner zeroSteiner force-pushed the feat/mod/socks-proxy/fiber-update branch from a96aa49 to 4a5b5dc Compare March 30, 2026 17:52
@dledda-r7 dledda-r7 self-assigned this Mar 31, 2026
@zeroSteiner zeroSteiner force-pushed the feat/mod/socks-proxy/fiber-update branch from aa49005 to 2d4df73 Compare March 31, 2026 15:14
dledda-r7
dledda-r7 approved these changes Apr 1, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@dledda-r7 dledda-r7 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

msf payload(windows/meterpreter_reverse_tcp) > use auxiliary/server/socks_proxy
msf auxiliary(server/socks_proxy) > info

       Name: SOCKS Proxy Server
     Module: auxiliary/server/socks_proxy
    License: Metasploit Framework License (BSD)
       Rank: Normal

Provided by:
  sf <stephen_fewer@harmonysecurity.com>
  Spencer McIntyre
  surefire

Available actions:
    Name   Description
    ----   -----------
=>  Proxy  Run a SOCKS proxy server

Check supported:
  No

Basic options:
  Name     Current Setting  Required  Description
  ----     ---------------  --------  -----------
  SRVHOST  0.0.0.0          yes       The local host or network interface to listen on. This must be an address on the local machine or 0.0.0.0 to listen
                                      on all addresses.
  SRVPORT  1080             yes       The port to listen on
  SRVSSL   false            no        Negotiate SSL/TLS for local server connections
  VERSION  5                yes       The SOCKS version to use (Accepted: 4a, 5)


  When VERSION is 5:

  Name      Current Setting  Required  Description
  ----      ---------------  --------  -----------
  PASSWORD                   no        Proxy password for SOCKS5 listener
  USERNAME                   no        Proxy username for SOCKS5 listener

Description:
  This module provides a SOCKS proxy server that uses the builtin Metasploit routing to relay connections.


View the full module info with the info -d command.

msf auxiliary(server/socks_proxy) > run
[*] Auxiliary module running as background job 0.
msf auxiliary(server/socks_proxy) > 
[*] Starting the SOCKS proxy server

msf auxiliary(server/socks_proxy) > jobs

Jobs
====

  Id  Name                           Payload  Payload opts
  --  ----                           -------  ------------
  0   Auxiliary: server/socks_proxy

msf auxiliary(server/socks_proxy) > 


┌──(kali㉿kali)-[~/Documents/github/metasploit-framework]
└─$ curl --proxy socks5://127.0.0.1:1080 https://www.google.com | wc -c
  % Total    % Received % Xferd  Average Speed  Time    Time    Time   Current
                                 Dload  Upload  Total   Spent   Left   Speed
100  79421   0  79421   0      0 195.4k      0                              0
79421
                                                                                                                                                            
┌──(kali㉿kali)-[~/Documents/github/metasploit-framework]
└─$

@zeroSteiner zeroSteiner force-pushed the feat/mod/socks-proxy/fiber-update branch from f5fc7dc to e88bc5d Compare April 1, 2026 16:45
@dledda-r7 dledda-r7 merged commit 5e3789d into rapid7:master Apr 2, 2026
61 checks passed
@github-project-automation github-project-automation bot moved this from In Progress to Done in Metasploit Kanban Apr 2, 2026
@smcintyre-r7 smcintyre-r7 added the rn-enhancement release notes enhancement label Apr 3, 2026
@smcintyre-r7
Copy link
Copy Markdown
Contributor

smcintyre-r7 commented Apr 3, 2026

Release Notes

This updates the SOCKS proxy module to use the new fiber-based relay manager internally. The result is a reduction in code and improved performance.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@cgranleese-r7 cgranleese-r7 cgranleese-r7 approved these changes

@dledda-r7 dledda-r7 dledda-r7 approved these changes

Assignees

@dledda-r7 dledda-r7

Labels

rn-enhancement release notes enhancement

Projects

Metasploit Kanban
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@zeroSteiner @smcintyre-r7 @cgranleese-r7 @dledda-r7