Stay Annoumoys while Black-box Penetration Testing (Tor and Proxychain)

During the black-box penetration testing sometimes we need  to hide our identity and stay anonymous, sometimes some firewalls and IDPS detect us while we are testing the machine, and might block our IP address. In this manner we need to keep changing the IP. So if the firewall blocks the companies IP so, then even if you change the local IP you may not have access to the website again. So the best way to hide the identity, is to you Tor and proxychain.

Install tor:

Apt-get install tor

 Then you just need to run tor service.

 Service tor start

So then you need to modify your proxychain configuration and polish it a little bit. So open the proxychain and uncomment the dynamic, comment the static, and at the end of the file you may find the socks4 127.0.0.1 9050.0.

You need to add the following code as well.

socks5 127.0.0.1 9050

************************Notice:*******************************

The file should be look like bellow after editing.

# proxychains.conf  VER 3.1

#

#        HTTP, SOCKS4, SOCKS5 tunneling proxifier with DNS.

#

# The option below identifies how the ProxyList is treated.

# only one option should be uncommented at time,

# otherwise the last appearing option will be accepted

#

dynamic_chain

#

# Dynamic – Each connection will be done via chained proxies

# all proxies chained in the order as they appear in the list

# at least one proxy must be online to play in chain

# (dead proxies are skipped)

# otherwise EINTR is returned to the app

#

#strict_chain

#

# Strict – Each connection will be done via chained proxies

# all proxies chained in the order as they appear in the list

# all proxies must be online to play in chain

# otherwise EINTR is returned to the app

#

#random_chain

#

# Random – Each connection will be done via random proxy

# (or proxy chain, see  chain_len) from the list.

# this option is good to test your IDS 🙂

# Make sense only if random_chain

#chain_len = 2

# Quiet mode (no output from library)

#quiet_mode

# Proxy DNS requests – no leak for DNS data

proxy_dns

# Some timeouts in milliseconds

tcp_read_time_out 15000

tcp_connect_time_out 8000

# ProxyList format

#       type  host  port [user pass]

#       (values separated by ‘tab’ or ‘blank’)

#

#

#        Examples:

#

#                    socks5        192.168.67.78        1080        lamer        secret

#                http        192.168.89.3        8080        justu        hidden

#                 socks4        192.168.1.49        1080

#                http        192.168.39.93        8080

#

#

#       proxy types: http, socks4, socks5

#        ( auth types supported: “basic”-http  “user/pass”-socks )

#

[ProxyList]

# add proxy here

# meanwile

# defaults set to “tor”

socks4         127.0.0.1 9050

socks5 127.0.0.1 9050

And the restart your tor service:

Service tor restart

Now you can open any application or browser using proxychain with the following command:

proxychains iceweasel www.ipchicken.com

Or

Proxychain nmap yourtargetip

Enjoy the anonymous surfing and penetration testing

Please let me know how do you keep your identity anonymous during penetration testing.

Enjoy the anonymous surfing and penetration testing

Advertisements