SOCKS5 Proxy Tunneling with Earthworm on Windows: Forward and Reverse Configuration

Overview

Earthworm is a lightweight network penetration utility designed for creating SOCKS v5 proxies and TCP port forwarding tunnels across complex network topologies. This guide demonstrates how to establish both forward and reverse SOCKS5 proxy tunnels on Windows, enabling clients to route traffic through intermediary hosts using stanadrd proxy tools.

Environment Setup

The test environment consists of three systems within a private network:

  • Gateway Node: Windows Server (10.0.1.50) - hosts Earthworm services
  • Windows Client: Windows 10 (10.0.1.100) - runs Proxifier
  • Linux Client: Kali Linux (10.0.1.150) - runs Proxychains

Forward Proxy Implementation

In forward proxy mode, the Earthworm instance listens on a local port and directly forwards client connections to destination hosts.

Server Configuration

On the Windows gateway (10.0.1.50), execute the following command to launch a SOCKS5 server listening on port 3128:

tunnel.exe --mode socks5d --bind-port 3128

This command initializes the socks5d service, which creates a standard SOCKS5 proxy interface accessible to network clients.

Client Verification with Proxifier

On the Windows 10 workstation (10.0.1.100):

  1. Launch Proxifier and navigate to Profile > Proxy Servers
  2. Add a new proxy entry:
    • Address: 10.0.1.50
    • Port: 3128
    • Type: SOCKS Version 5
  3. Click Check to verify connectivity
  4. Configure traffic forwarding rules as needed

Client Verification with Proxychains

On the Kali Linux system (10.0.1.150), first install the proxychains utility:

sudo apt-get update
sudo apt-get install -y proxychains4

Edit the configuration file to specify the SOCKS5 proxy:

sudo nano /etc/proxychains4.conf

Append the following line to the [ProxyList] section:

socks5 10.0.1.50 3128

Test the tunnel by executing:

proxychains4 curl -I http://example.com

Successful output indicates that HTTP requests are properly routed through the Earthworm proxy.

Reverse Proxy Implementation

Reverse proxy mode is useful when the target network is behind NAT or firewall restrictions. The architecture involves two components: a listener on the gateway and a connector on the internal host.

Gateway Listener Setup

On the Windows gateway (10.0.1.50), configure the reverse SOCKS client to listen on port 8080 and forward to port 9090:

tunnel.exe --mode reverse-client --listen 8080 --forward 9090

This establishes a waiting endpoint for incoming reverse tunnel connections.

Internal Host Connector

On the internal Windows host (10.0.1.100), initiate the reverse SOCKS server to connect back to the gateway:

connector.exe --mode reverse-server --gateway 10.0.1.50 --tunnel-port 9090

This creates an outbound tunnel to the gateway, effectively punching through restrictive network policies.

Reverse Tunnel Verification

Configure Proxifier or Proxychains to use 127.0.0.1:8080 as the SOCKS5 proxy. Traffic sent to this local port will traverse the reverse tunnel and exit through the internal host (10.0.1.100).

Command Parameter Reference

Earthworm supports multiple operational modes:

  • --mode socks5d: Standard SOCKS5 proxy server (forward)
  • --mode reverse-client: Reverse tunnel listener component
  • --mode reverse-server: Reverse tunnel initiator component
  • --mode port-forward: TCP port forwarding

Common options:

  • --bind-port: Local listening port
  • --listen: Alternative listening port specification
  • --forward: Target port for tunnel termination
  • --gateway: Remote host address for reverse connections
  • --tunnel-port: Remote port for reverse tunnel establishment

For comprehensive syntax details, execute tunnel.exe --help or refer to the official documentation.

Tags: earthworm socks5-proxy proxifier proxychains network-tunneling

Posted on Thu, 02 Jul 2026 17:08:02 +0000 by frozen.cell