Skip to content

Socat cheatsheet


Listen on port 8080

socat - tcp-listen:8080,reuseaddr

Port forwarding

Forward local port 8080 to port 80

socat tcp-listen:8080,fork TCP:

Execute commands

Bind on port, execute command on connection

socat tcp-listen:1234,fork,reuseaddr system:id

The same with exec

socat tcp-listen:1234,fork,reuseaddr exec:ls

Simple bind shell

socat tcp-listen:1234,fork,reuseaddr system:/bin/bash

exec version

socat tcp-listen:1234,fork,reuseaddr exec:/bin/sh

File operations

Read file

socat file:file_name -

Append contents of file1 to file2

socat file:file1 file:file2,append

Append output of the command to out.txt file

echo test123 | socat - file:out.txt,append

Change owner of the file

socat - file:test.txt,append,user=user_name

Create a file and write to it from stdin

socat -u stdin open:test.txt,creat,trunc

Redirect output of the command to a file

echo test | socat - OPEN:test.txt,creat,trunc


Plain-text to SSL

Tunnel plain-text data from local port 8080 to https on

socat -v tcp4-listen:8080,reuseaddr,fork ssl:,verify=0

SSL for non-https web server

Generate certificate with openssl

openssl req -new -x509 -keyout cert.pem -out server.pem -days 365 -nodes

Setup socat

socat openssl-listen:8443,reuseaddr,cert=cert.pem,verify=0,fork tcp:


UDP server and client

socat - udp-listen:1234
socat - udp:localhost:1234