How to stay anonymous during a penetration test (with Tor and ProxyChains)

Have you ever wondered how you can remain anonymous during a penetration test? Or, how you can stay undetected while you interact with a remote machine? This video goes through the steps needed to install and setup the two tools that will allow you to do that: Tor and Privoxy.

Before we start, let’s spend few words to introduce Tor and Privoxy/ProxyChains. Tor is a free and opensource software that allows you to anonymously communicate over the Internet. In some cases, people use the term Tor to refer to either the Tor project or the Tor network, but in this article, we will use it to refer to the tor program. The second tool that we will use to access the internet anonymously is Privoxy, a non-caching web proxy that uses advanced filtering to enhance privacy, remove ads, and filter Internet junk.

In a default setup, Privoxy sits right between the application that wants to access the Internet and the Internet. So, with that being said. Let’s see how to install and setup Tor and Privoxy on Kali Linux.

First, we must update the list of available packages and upgrade the packages we have installed on our machine.

apt-get update
apt-get upgrade

Then, we can install Tor with the following command:

apt-get install tor

With the Tor package installed on our system, the next step is to edit the Proxychains config file and make sure we have the right settings to connect to the Tor network.

vim /etc/proxychains.conf

In most cases, this just means choosing the right type of chain and adding the right IP addresses to the proxy list. The type of chain can either be dynamic, strict, or random.

Assuming we have several proxies on our list, the dynamic chaining will skip any proxy that is either down or not responding without throwing an error, while strict chaining will go through the list and return an error if one proxy is down. Typically, strict chaining is used when you have to have an IP from a particular location or country.

The third type of chain is random chaining, where basically Proxychains randomly chooses the proxies from our list and makes it harder for the target to track our traffic.

In this demo, we will use dynamic chaining, so let’s uncomment dynamic_chain and comment strict_chain.

And last but not least, let’s add the following line to our proxy list.

socks5 127.0.0.1 9050

Excellent, now we can start the Tor service.

service tor start

And just make sure it’s running with the following command.

service tor status

At this point, if everything went well, the IP we get when we surf the internet with and without proxychains should be different. So, let’s test our theory.

 Here is how we can get our IP outside of the Tor network.

firefox www.whatismyip.com

In my case, the IP address is X.Y.Z.55. Now, let’s see our IP with tor.

proxychains firefox www.whatismyip.com

The IP is 185.104.120.60. Which means our setup works and we now have a way to anonymously connect to the Internet, and hide our tracks during a penetration test.

 If you any question about Tor or proxychains, do not hesitate to ask me in the comment section down below. 😉