How To Get Socks Proxy + SSH Tunneling To Work On A Jailbroken iPhone/iPod Touch/iPad

UPDATE: Under 5.0.1, only Safari bypasses locally-stored .pac rules… Please READ issue #6 of the following article to know more about this issue.

This article is for advanced users. Step by step instructions have been skipped. I’ll only provide the required files to use a SOCKS proxy on a jailbroken iPhone/iPod Touch/iPad device.

Be advised that some files may contain comments written in French (Google Translate should provide enough accuracy if you’d like these parts to be translated).

Download this archive:

9.6 KB -

You’ll find inside the archive, two folders:

  • mobile_folder

Contains files that need to be moved to your mobile folder on your device (~/ or "home" directory of the mobile user).


This script needs to be edited for your own configuration. This script can be launched using the Terminal application on your device after every reboot of your device (I personally don’t like to launch it automatically). This script will establish a connection using ssh to your server every time the device gets connected to a WiFi network (you can also request it to open a tunnel over 3G, please read the script source to activate this option). + null.gif:

These files are needed to get a black hole http server, this is where banned requests are sent for which they receive an HTTP 200 with the null.gif image reply. For example, banned ads will display this null.gif image. (This feature actually doesn’t work as intended… and I don’t know why, the first time the script is launched it works well and we can see the null.gif instead of ads, but after a while 404 responses are received)

  • server

The file contained in this folder needs to be hosted on a distant server and be accessible via HTTP or locally on the device.

proxy_rules.pac :

This file provides the rules whether the requests are sent to the black hole or via your SOCKS proxy (ssh tunnel). Unfortunately iOS 3 doesn’t allow the use of local pac files, so make sure you host this file somewhere. For 3G network you have to edit your network preferences.plist file and enter the URL pointing to this file manually.

Some screenshots:

![](https://blog.thireus ![](https://blog.thireus

The URL can be http:// or file:///private/var/root/ . (Unfortunately file:/// is bypassed by Safari under iOS 5.0.1)

Note: I don’t use socks over 3G anymore because every 10MB of downloaded data the tunnel is reset.

Note 2: You need to install perl, ssh, and other required tools for the scripts to work on your jailbroken device (they can be found on Cydia).

Note 3: More info can be found on my old blog.

Related terms:

Mobile Application Security Engineering Lead & SME | 0076 7E64 293A E3EC 542B 9C72 3A11 417C B43F DB1A