NOT YET OPERATIVE
Warning: tntunne.htm page not yet 'consolidated'
You may ask the following question:

Is it possible to maintain a telnet session via a proxy? I am stuck behind a corporate firewall with no way out to the outside world (internet) except via a firewall proxy (it's not just a case of port 23 being killed, I've tried telnetting to a telnet server which supports port 80 and this fails too)
The idea would be to telnet on port 80 via the firewall proxy, so the proxy thinks it's http traffic and let's it through.

And get the following answer:

A SSH telnet session can be proxies through an SSL Tunnelling proxy. They don't check the protocol being proxied. A lot of port 8080 proxies are SSL tunnelling on port 8080.

Perl can be used. In Windows 9x, selects rather than forking is used. The Perl of choice for Win9x seeems to be Activestate's.

What needs to be done is to add a single CONNECT header and proxy out to an SSL Tunnelling proxy.

A script to do that is printed below (in blue)

It contains:
socket(INC, PF_INET, SOCK_STREAM, $protocol) || die "socket:$!";
setsockopt (INC, SOL_SOCKET, SO_REUSEADDR, pack ("l", 1)) || die "setsockopt:$!";
bind(INC,sockaddr_in($dport,INADDR_ANY)) || die "bind: $!";
listen(INC,1) || die "listen:$!";
accept(OUT,INC) || die "accept:$!";
$fhin = $fhout = \*OUT;
...
# Send a "CONNECT" command to proxy:
print PROXY "CONNECT $destination:$destport HTTP/1.0\r\n\r\n";

# Wait for HTTP status code, bail out if you don't get back a 2xx code.
($status) = (split(/\s+/,))[1];

die "Received a bad status code \"$status\" from proxy server."
    if ( int($status/100) != 2 );

# Skip through remaining part of HTTP header (until blank line)
1 until (  =~ /^[\r\n]+$/ );

# Start copying packets in both directions.
$s = IO::Select->new($fhin,\*PROXY);

while ( 1 ) {
    foreach $fh ( $s->can_read(10) ) {
        exit unless ( defined($num = sysread($fh,$_,4096)) );
        syswrite(( (fileno($fh)==fileno($fhin)) ? PROXY : $fhout), $_, $num);
    }
}     
Sysread attempts to read 4096 bytes from filehandle $fh ino string $_.
Syswrite writes that the data in $_, to the SSL Tunnelling proxy if the data came from the browser side connection ($fhin), otherwise if the data came from the proxy, it is written to the $fhout. $fhout is identical to $fhin


$s->can_read(10)

Activates when data is received from either $fhin (the browser side connection, outoging data) or \*PROXY (the proxy, incoming data)


can_read ( [ TIMEOUT ] )

Return an array of handles that are ready for reading. TIMEOUT is the maximum amount of time to wait before returning an empty list. If TIMEOUT is not given and any handles are registered then the call will block.


$ARG, $_

The default input and pattern-searching space.
This method might have problems if loaded or the select part might not run.
A perl script for maintaining a telnet session via a proxy
Since I didn't hear anything about a current SSH through SSL proxy "solution", (specifically for windows clients), I went ahead a whipped up a Perl script based on another script that I had sitting in the SSH mail directory.
It can either run as a UNIX or Windows tunnel script through a proxy server supporting the "CONNECT" command. (note that a properly setup proxy will only forward connections to the SSL ports (443 and 563)) The windows version was only tested with the ActiveState perl interpretter (www.activestate.com), the UNIX version works with the standard Perl interpretter.
It's fairly simple and works nicely from my tests.
Read the comments in the script for more info.
Content-Type: text/plain ; name="ssh-tunnel.pl"; charset=us-ascii
Content-Description: ssh-tunnel.pl
Content-Disposition: attachment; filename="ssh-tunnel.pl"#!/usr/local/bin/perl#
# Usage: ssh-tunnel.pl [daemon port] ssl-proxy port destination_host port#
# This script can be used by ssh to traverse a www-proxy/firewall that
# supports the http CONNECT command. (Note: Properly setup proxies that allow
# CONNECT will only allow a connection through to SSL ports (443 and 563
# according to squid.))#
# Example-- connect to host named "remote" outside of your firewall:#
# $ ssh remote -o'ProxyCommand ssh-tunnel.pl www-proxy 8080 remote 443'#
# Better yet, insert the ProxyCommand definition for host "remote" in 
# your $HOME/.ssh/config file:##      .#      .#    Host remote
#      ProxyCommand /usr/local/bin/ssh-tunnel.pl www-proxy 8080 %h %p#      .
#      .## Originally written by Urban Kaveus <urban@statt.ericsson.se>#
# Updated by Theo Van Dinter <tvd@chrysalis.com>,<felicity@kluge.net> 4/28/1999
#  I use TTSSH under Windows which doesn't support the proxycommand option.
#  I made some modifications to this script to help with that:
#   1- The script no longer forks to do IO.  Now uses IO::Select to deal with
#      multiple filehandles at once.
#   2- The script can optionally "daemonize" itself and sit on a port.  When
#      a connection is established, the tunnelling process will commence.
#      Add in the optional port # to listen to as the first commandline param.
#      Ex: "ssh-tunnel 2345 www-proxy 8080 remotehost 443", then start SSH:
#          "ssh localhost -p 2345".
#   3- Tested with ActivePerl (Win32)/TeraTerm/TTSSH and UNIX Perl/SSH client.#
use Socket;use IO::Select;$dport = shift if ( $#ARGV > 3 );
($sslproxy,$proxyport,$destination,$destport) = @ARGV;
die "Usage: $0 [daemon port] ssl-proxy port destination port\n"
	unless ( $sslproxy && $proxyport && $destination && $destport );
# Set up network communication$protocol = getprotobyname("tcp");
if ( $dport ) { # do "daemon" thing.
	socket(INC, PF_INET, SOCK_STREAM, $protocol) || die "socket:$!";
	setsockopt (INC, SOL_SOCKET, SO_REUSEADDR, pack ("l", 1)) || die "setsockopt:$!";
	bind(INC,sockaddr_in($dport,INADDR_ANY)) || die "bind: $!";
	listen(INC,1) || die "listen:$!";	accept(OUT,INC) || die "accept:$!";
	$fhin = $fhout = \*OUT;}else { # STDIN/STDOUT used ...	$fhin = \*STDIN;
	$fhout = \*STDOUT;}# connect to proxy server ...
socket (PROXY, PF_INET, SOCK_STREAM, $protocol) or
    die("Failed to create socket:$!");
connect (PROXY, sockaddr_in($proxyport,inet_aton($sslproxy))) or
    die("Failed to connect to $sslproxy port $proxyport:$!");
# Force flushing of socket buffersforeach ( \*PROXY, $fhin, $fhout ) {
	select($_); $|=1;}# Send a "CONNECT" command to proxy:
print PROXY "CONNECT $destination:$destport HTTP/1.0\r\n\r\n";
# Wait for HTTP status code, bail out if you don't get back a 2xx code.
($status) = (split(/\s+/,<PROXY>))[1];
die "Received a bad status code \"$status\" from proxy server."
    if ( int($status/100) != 2 );
# Skip through remaining part of HTTP header (until blank line)
1 until ( <PROXY> =~ /^[\r\n]+$/ );# Start copying packets in both directions.
$s = IO::Select->new($fhin,\*PROXY);while ( 1 ) {
	foreach $fh ( $s->can_read(10) ) {
		exit unless ( defined($num = sysread($fh,$_,4096)) );
		syswrite( ((fileno($fh)==fileno($fhin))?PROXY:$fhout),$_,$num);	}}