Synopsys Software Integrity Group is now operating as Black Duck Software, Inc., a subsidiary of Synopsys. Click to learn more.

close search bar

Sorry, not available in this language yet

close language selection
SOCKS Client Test Suite Data Sheet
Test Suite:
SOCKS Client Test Suite
Direction:
Client

SOCKS is a general-purpose proxy protocol for relaying messages between application client and application server via SOCKS proxy server. The SOCKS protocol is used between SOCKS client and SOCKS proxy server. SOCKS V4 supports only TCP CONNECT and TCP BIND commands, while in SOCKS V5 also UDP relaying is supported. Additionally, SOCKS V5 supports IPv6 addressing scheme and different authentication methods. This test suite can be used for testing security flaws and robustness of SOCKS client implementations. The suite acts as a SOCKS proxy server. The test suite supports username-password authentication defined in RFC1929 and GSS-API authentication method defined in RFC1961. GSS-API authentication uses Kerberos v5 method.

Used specifications

Specification
Title
SOCKS 4

SOCKS: A protocol for TCP proxy across firewalls

SOCKS 4a

SOCKS 4A: A Simple Extension to SOCKS 4 Protocol

RFC1928

SOCKS Protocol Version 5

RFC1929

Username/Password Authentication for SOCKS V5

RFC1961

GSS-API Authentication Method for SOCKS Version 5

Tool-specific information

Tested messages
Specifications
Notes
SOCKS 4 Command Reply
SOCKS 4
SOCKS 5 Authentication Method Reply
RFC1928
SOCKS 5 Command Reply
RFC1928
Username-Password Reply
RFC1929
Security Context Reply
RFC1961
Message Protection Subneg Reply
RFC1961
Wrapped Command Reply
RFC1961

Supported protocol features
Specifications
Notes
SOCKS 4
SOCKS 4
SOCKS 4A
SOCKS 4A
SOCKS 5 IPv4 addressing scheme
RFC1928
SOCKS 5 Domain name addressing scheme
RFC1928
SOCKS 5 IPv6 addressing scheme
RFC1928
SOCKS 5 Username-Password authentication
RFC1929
SOCKS 5 GSS-API Authentication
RFC1961
Also NEC reference implementation supported. Kerberos 5 Utilized. Tested with AES128-CTS encryption.
Test tool general features
  • Fully automated black-box negative testing
  • Ready-made test cases
  • Written in Java(tm)
  • GUI command line remote interface modes
  • Instrumentation (health-check) capability
  • Support and maintenance
  • Comprehensive user documentation
  • Results reporting and analysis