Saturday, September 17, 2011

Tor Proxy and Proxychains = Anonymous Internet Operations

The Tor network is an onion routing project that allows users to send traffic through the network, thus making your Internet traffic appear to come from the Tor exit node, not your real IP.

This article will show you how to use torproxy to tunnel to a Tor exit node, bypassing the rest of the s-l-o-w Tor network, and then use proxychains so that your applications can use this tunnel, and your public IP will appear to be that of the Tor exit node. 

First we need to get the required applications installed.


I will be using Ubuntu 11.04. You will also need to install:
tortunnel (contains torproxy, requires boost libraries)
Boost C++ Libraries

From terminal:
sudo apt-get install proxychains privoxy libboost-all-dev

See notes below if you cant get Boost libraries installed.

Next, download and save tortunnel:
Back to terminal, then extract and install...

tar -xf tortunnel-0.2.tar.gz
 cd tortunnel-0.2

./configure; make;

Watch the install screen and make sure it all goes well. To confirm torproxy is working type: 


You should get a response:

Usage: ./torproxy <ExitNodeIP>


Now that everything is installed, we need to configure privoxy and proxychains so that they work with torproxy.

Configure proxychains.

sudo gedit /etc/proxychains.conf 

Comment out the last line with a # and add the line below:

# defaults set to "tor"
#socks4 9050
socks5 5060

Configure privoxy

sudo gedit /etc/privoxy/config

Find the line that says "forward-socks5" and change it to look like this (including the period):

#      To chain Privoxy and Tor, both running on the same system,
#      you would use something like:
        forward-socks5   /      .

Configure torproxy

To connect to an exit node we first need to find exit node IP.
From the tortunnel website they provide a directory of Tor routers. Look in the directory for a router that has the properties:  "Fast" "Exit" and "Valid"

A directory of Tor routers is located here:

Once you find an exit node IP, run torproxy using that IP, and put an & at the end of the command to start it as a backround job.
./torproxy <ExitNodeIP> &

You should see a result like this: 
torproxy 0.2 by Moxie Marlinspike.
Retrieving directory listing...
Connecting to exit node:
SSL Connection to node complete.  Setting up circuit.
Connected to Exit Node.  SOCKS proxy ready on 5060.

Use tunnel

Once  you see the line "Connected to Exit Node. SOCKS proxy ready on 5060" we can start pushing traffic through that socket.

We configured proxychains to forward traffic to port 5060. To use command line tools use the following syntax:

proxychains telnet 80

proxychains ssh

proxychains nmap

Or you can configure Firefox to run through the Tor exit proxy. Click
Edit > Preferences > Network > Settings

Set proxy to "Manual proxy configuration" and specify 5060 as Firefox's SOCKS proxy - this will push all firefox traffic trough the Tor exit node. Confirm this by checking - it should be the same IP as the exit node you chose.

You may need to download the Boost C++ libraries directly from their website or SourceForge and install it manually. The release package will have detailed install instructions.

Computer Biology