During the black-box penetration testing sometimes we need to hide our identity and stay anonymous, sometimes some firewalls and IDPS detect us while we are testing the machine, and might block our IP address. In this manner we need to keep changing the IP. So if the firewall blocks the companies IP so, then even if you change the local IP you may not have access to the website again. So the best way to hide the identity, is to you Tor and proxychain.
Install tor:
Apt-get install tor
Then you just need to run tor service.
Service tor start
So then you need to modify your proxychain configuration and polish it a little bit. So open the proxychain and uncomment the dynamic, comment the static, and at the end of the file you may find the socks4 127.0.0.1 9050.0.
You need to add the following code as well.
socks5 127.0.0.1 9050
************************Notice:*******************************
The file should be look like bellow after editing.
# proxychains.conf VER 3.1
#
# HTTP, SOCKS4, SOCKS5 tunneling proxifier with DNS.
#
# The option below identifies how the ProxyList is treated.
# only one option should be uncommented at time,
# otherwise the last appearing option will be accepted
#
dynamic_chain
#
# Dynamic – Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# at least one proxy must be online to play in chain
# (dead proxies are skipped)
# otherwise EINTR is returned to the app
#
#strict_chain
#
# Strict – Each connection will be done via chained proxies
# all proxies chained in the order as they appear in the list
# all proxies must be online to play in chain
# otherwise EINTR is returned to the app
#
#random_chain
#
# Random – Each connection will be done via random proxy
# (or proxy chain, see chain_len) from the list.
# this option is good to test your IDS 🙂
# Make sense only if random_chain
#chain_len = 2
# Quiet mode (no output from library)
#quiet_mode
# Proxy DNS requests – no leak for DNS data
proxy_dns
# Some timeouts in milliseconds
tcp_read_time_out 15000
tcp_connect_time_out 8000
# ProxyList format
# type host port [user pass]
# (values separated by ‘tab’ or ‘blank’)
#
#
# Examples:
#
# socks5 192.168.67.78 1080 lamer secret
# http 192.168.89.3 8080 justu hidden
# socks4 192.168.1.49 1080
# http 192.168.39.93 8080
#
#
# proxy types: http, socks4, socks5
# ( auth types supported: “basic”-http “user/pass”-socks )
#
[ProxyList]
# add proxy here …
# meanwile
# defaults set to “tor”
socks4 127.0.0.1 9050
socks5 127.0.0.1 9050
And the restart your tor service:
Service tor restart
Now you can open any application or browser using proxychain with the following command:
proxychains iceweasel www.ipchicken.com
Or
Proxychain nmap yourtargetip
Enjoy the anonymous surfing and penetration testing
Please let me know how do you keep your identity anonymous during penetration testing.
Enjoy the anonymous surfing and penetration testing
The adventures of an Information Security Consultant 