Kali Linux Tutorial: Setting Up ProxyChains + Tor For Anonymity And Security

Hack anonymously is one of the important aspect of Information Security, if you want to conduct penetration testing on a remote computer then active connection is required which surely reveal your identity, sometimes you need to hide your identity while doing vulnerability assessment because of your anonymity and security. Proxy Chaining is a concept which is very helpful to hide an identity on the Internet.

The worst thing that can happen to any hacker is being detected by a security admin, the security technologies (IDS, firewall, etc.), or a forensic investigator.

Every time we send a packet to our intended target, that packet contains our IP address in the IP header. When we make a TCP connection, the target system will log our IP address as it logs all connections. If we set off any security alarms or alerts, our IP address will be logged. All of these events increase the possibility of detection.

In order to hack anonymously with the least chance of detection, we need to use an intermediary machine whose IP address will be left on the target system. This can be done by using proxies.

These systems are designed to accept our traffic and then forward it on to the intended target. Of course, the proxy will likely log our traffic, but an investigator would have to get a subpoena or search warrant to obtain the logs.
If we string multiple proxies in a chain, we make it harder and harder to detect our original IP address. If one of those proxies is outside the jurisdiction of the victim, it makes it very unlikely that any traffic can be attributed to our IP address.

In Kali Linux we have an excellent tool for proxying our traffic called proxychains. In this tutorial, I will show how to use this simple, but powerful tool.

Normal Proxy Vs Proxy Chaining

Normal Proxy Concept: Your Computer →Proxy Server → Target Computer

This is the concept of simple proxy, when a user uses one proxy server to hide his/her identity.

Read my previous post to know more about Proxies: Top Ten Free Proxy Websites For Anonymous Surfing

Proxy Chaining Concept: Your Computer → Proxy Server 1 +.......+ Proxy Server N → Target Computer

Now the usage of multiple proxies at a time is called Proxy Chaining, it is reliable in-terms to hide the identity. In simple words Proxy Chaning is the process to use multiple proxies in chain.

What is Proxy Chains?

The basic concept of proxy chaining is discussed now in this section we will discuss the practical aspect of Proxy Chaining, Proxy Chains (ProxyChains) is an open source program which allows you to make TCP and DNS connection by using proxy for example TOR.

TOR is not necessary for proxychains, you may use any SOCKS 4, SOCKS 5 and HTTPS proxy. There are so many advantages of Proxy Chains for example:

• Hide identity
• It can bypass Firewall (If you are behind a firewall or local proxy server)
• And many more

In Kali Linux proxychains is already configured but if you are using any other version of Linux you may download it from official website. Follow the command mentioned below to get proxychains via terminal.

root@Kali:~# apt-get install proxychains

Let's start,

Step 1: Finding proxychains in Kali Linux

Type the following command in Kali:

root@Kali:~# locate proxychains

As we can see in the screenshot below, proxychains is in the /usr/bindirectory. Since /usr/bin is in our PATH variable, we can use it from any directory. This is just as we would want since we use proxychains with other commands, which may NOT likely be in the PATH variable.

Step 2: Proxychains Syntax

The syntax for the proxycahins command is simple and straightforward.

root@Kali:~# proxychains <the command you want proxied> <any arguments>

So, if I wanted to use proxychains to scan a site with nmap anonymously, I could type:

root@Kali:~# proxychains nmap -sS <IP address>

Step 3: Set Up the Config File

Now it is time to configure proxychains, there are two options that can be used whether use nano to edit config file on terminal and the other option is to use your favorite editor, both commands are mentioned below.

root@kali:~# nano /etc/proxychains.conf 

--OR--

root@kali:~# sudo gedit /etc/proxychains.conf

When we do so, we will see a file like that displayed below. If we scroll down this file a bit, we will see a section that I have highlighted labeled "add proxy list here...".

To get proxychains to use intermediary proxies, we simply need to add the IP addresses of the proxies we want to use here. It's important to note that proxychains defaults to use Tor.

Notice the last line in the screenshot above. It directs proxychains to send the traffic first through our host at 127.0.0.1 on port 9050 (the default Tor configuration). If you are using Tor, leaves this as it is. If you are not using Tor, you will need to comment out this line.

Step 4: Let's Test It

Now that we have put a proxy between us and any traffic we send, let's test it out. In this case, I am simply going to do an nmap scan mytestsite.com anonymously by sending the scan through a proxy. The command would be as follows:

root@kali:~# proxychains nmap -sS 8.26.65.101

As you can see in the screenshot above, I have successfully scanned
mytestsite.com through my chosen proxy and returned the results back to me. In this way, it appears that my proxy scanned mytestsite.com and not my IP address.

Step 5: Add More Proxies

First, let's add some more proxies to our list.  

Type the following command:

root@kali:~# sudo gedit /etc/proxychains.conf

Then add more proxy IPs like I've done below.

Step 6: Proxychaining

Now that we have multiple IPs in our proxychain.conf we can set up dynamic chaining. Dynamic chaining will enable us to run our traffic through every proxy on our list, and if one of the proxies is down or not responding, it will automatically go to the next proxy in the list without throwing an error.

To do so, let's first open the proxychains configuration file again.

root@kali:~# sudo gedit /etc/proxychains.conf

With this file open, uncomment out the "dynamic_chains" line. This will enable dynamic chaining of our proxies allowing for greater anonymity and trouble-free hacking.

Step 7: Random Chaining

Finally, we can also use "random chaining". With this option, proxychains will randomly choose IP addresses from our list and use them for creating our proxychain. This means that each time we use proxychains, the chain of proxy will look different to the target, making it harder to track our traffic from its source.

To do so, open the /etc/proxychains.conf file and comment out "dynamic chains" and uncomment "random chain". Since we can only use one of these options at a time, make certain that you comment out the other options in this section before using proxychains.

In addition; you may want to uncomment the line with "chain_len". This will determine how many of the IP addresses in your chain will be used in creating your random proxy chain.

Now that you know how to use proxychains, you can do your hacking with relative anonymity. I say relative, because there is no surefire way to remain anonymous with the NSA spying on all our activity. All we can do is make detection MUCH harder, and proxychains can help do this for us.



Recommended article: How To Setup Free VPN Service On Kali Linux For Anonymity

Top Ten Free Proxy Websites For Anonymous Surfing

Proxy sites are very handy when it comes to enabling you to surf all those websites that are blocked in your area/country due to whatsoever reasons without changing your place or Internet connection. There are a lot of Proxy Websites out there on the internet but We have compiled list of top 10 good proxies.

Sometimes, due to cyber rules, nation security or for for other many reasons some websites are made blocked for certain area, country or region. Blocking a website for certain area can have a lot of reasons.

But it is really very frustrating if you favorite gaming, social networking or software downloading websites are blocked at your area. Like, my college’s WiFi don’t let me visit Facebook, Mediafire and many other Torrent & File Sharing websites.

The best way to still visit those sites is from Proxy server. These Proxy sites are very handy which enables you to surf those websites without changing your place or Internet connection. There are a lot of Proxy Websites are available on the internet which provides you this service to visit any website anonymously without any hassle.

But generally, most of these websites are Malicious, Having Suspicious Programs on their servers which can steal your personal information while browsing internet from them. Other secure Proxy servers charges you for providing their services.

There are hundreds of free web proxies out there that provide anonymous surfing. Of these, most will even unblock MySpace, Gmail, FaceBook or any other no-no when surfing from school or work. Some have taken this a step further and allow for signing into your MSN, AIM or Yahoo! messaging accounts - conveniently through an anonymized (and secure) SSL version of eBuddy.com. Others allow for sending anonymous emails and newsgroup postings, even YouTube viewing. But is there really a “best” web proxy? We’re not sure about that; there’s pro’s and con’s to each one. Either way, here’s our picks for the Top Ten best free web proxies on the Internet, and why.

Pros

• Cheap (and often free)
• Will hide your IP from basic checks, and is therefore ok for accessing some geo-restricted websites and for account creation

Cons

• Only useful for accessing websites*
• Clever use of Flash or JavaScript allows many websites to detect your true IP
• HTTP traffic is not encrypted, so government surveillance systems and your ISP can see what you are doing. If connected through HTTPS (SSL) then traffic cannot be monitored, but the IP of the HTTPS website can be logged. SSL encryption is roughly equivalent to 128-bit key length.
• Each web browser must be configured individually to use the proxy server. However, the good news is that this is well supported by all browsers

1. VTunnel.com

http://vtunnel.com — VTunnel is more than just a web proxy; much more. Since secure SSL encryption (https://) is exceptionally harder to block than conventional http browsing, they’ve incorporated it as an option. Their SSL proxy can even be used to log into your MSN, AIM, Yahoo!, ICQ, GTalk, MySpace, FaceBook and eBuddy accounts, all within the browser. VTunnel even unblocks YouTube.com, without any noticeable lag in video streaming playback.
As with most free web proxies, VTunnel incorporates advertisements into the service (including pop-unders), although they are easily blocked by using the AdBlock Plus addon for Firefox.

Why VTunnel is #1 — Browsing is very speedy; you’ll hardly even notice you’re surfing anonymously, even on their SSL version. The anonymous web messaging is a huge plus, as well. Below is a look at MSN through VTunnel (in silent mode).

2. HideMyAss.com

http://hidemyass.com — HideMyAss! offers quite a selection of anonymizing features, including disposable anonymous email accounts (for receiving only); free proxy lists (for importing into browsers as manual proxies); file and image hosting (up to 400 MB filesize); link anonymizer; anonymous Google searching; and, of course, an anonymous web proxy that supports YouTube, YouPorn.com, RedTube.com (yes… anonymous 18+ browsing), and social sites (Myspace - do people still really use this?; Gmail.com; Facebook.com, etc.).

Why HideMyAss is #2 — Comes with a complete repertoire of options! If we were to choose a “best” feature, it would be the ability to filter working proxies from selected countries in the free proxy list. This is great for using (even temporarily) to sign up for services that aren’t available in your region (such as Spotify.com for U.S./Canadians).

3. Proxy.org

http://proxy.org — While Proxy.org isn’t in itself a web proxy, it contains the most complete and up-to-date listings of proxies found anywhere on the ‘Net. Proxies can be sorted by country, IP, ISP, software (PHProxy, CGI, Glyph, Surrogafier, cURL, etc.), SSL proxies, even [Tor](/2007/12/14/internet-tunneling-traffic-routing/#tor “Internet Tunneling & Traffic Routing - TOR”) servers.

Why Proxy.org is #3 — If you’re a fan of huge proxy lists, Proxy.org currently has 6,742 working proxies indexed. The best part is, users can enter in a URL of an intended site, and then click one of the proxies in which to surf anonymously with - this is great for anyone who needs to use a specific country proxy.

4. Anonymouse.org

http://anonymouse.org - Anonymouse has been around for over 10 years, and has become one of the most trusted sources for anonymous browsing. What sets Anonymouse apart from the rest is the ability to send anonymous emails and Usenet message posting - both of which when sent are randomly delayed up to 12 hours to maximize privacy.

Why Anonymouse is #4 — They’ve recently launched a Toolbar which supports both Explorer & Firefox. No longer do you need to visit the Anonymouse website to enjoy their services - just type in the URL of a site you wish to visit in the toolbar URL field, and that’s it! Also, Anonymouse doesn’t hijack or change the webpages it’s displaying; instead, there’s just a tiny closable advert. Here’s a look at the Toolbar in Firefox:

5. XRoxy.com

www.xroxy.com — XROXY allows users to browse through proxy criteria by using dropdown boxes, in order to filter between SSL, free & paid, cookie/scripts management - from their list of 525 proxies (509 of which are free). Additionally, “elite” users can subscribe to hand-picked proxy lists. Registered members (it’s free) are able to join in the Xorum (XROXY Forum) and browse the daily-updated lists of free, working proxies.

NOTE: If you want to view sites such as YouTube.com, you’ll first need to register at XROXY. Video playback at YouTube was almost perfect, with just a tiny bit of lag from time to time - as tested during peak Internet hours using XROXY’s own SSL proxy.

6. Proxify.com

http://proxify.com — Proxify.com has some very impressive features for anonymous browsing; including SSL surfing, removing ads, cookies, scripts (including java, of course), hiding referrer info, and even the ability to view sites as text-only.

We’re not fond of the ads that are embedded into the proxied webpages; however, it’s a small price to pay for Proxify’s blazing speed and functionality.

7. EvadeFilters.com

http://evadefilters.com — EvadeFilters is a brand-new startup that’s really taking off as of late. With a cool easy-to-use Web2.0 interface, browsing your favorite video or social bookmarking site is a breeze! Similar to VTunnel, it also supports messaging services (MSN, AIM, Yahoo, GTalk) in the browser.

In our tests, YouTube streaming is perfect, not to mention catch-free. You won’t need to sign up - just click and go! Look for EvadeFilters.com to really take off.

8. UnBlockAll.net

www.unblockall.net — UnBlockAll is a regular CGI proxy, but it’s mainly marketed towards the unblocking of social bookmarking sites. Simply drag n’ drop a social bookmarking icon into the URL window, and click GO! - then just login to your account as usual.

Similar to VTunnel, it also supports messaging services (MSN, AIM, Yahoo, GTalk) in the browser. One drawback to UnBlockAll is it doesn’t support SSL (yet?), so many users are still being blocked by aggressive work restrictions.

9. The-Cloak.com

www.the-cloak.com — the Cloak comes with a good array of features, although they really push towards the paid (subscribed) service. YouTube video streaming worked perfectly the first time; however, when leaving YouTube and trying to go back to it, we were blocked for 6 hours from accessing ANY sites through The Cloak. While fast, and free - it’s not for heavy proxy users.

10. ProxyBoxOnline.com

www.proxyboxonline.com — ProxyBoxOnline doesn’t offer any frills, but if you’re looking to unblock YouTube (with perfect playback), MySpace, Facebook and whatever else, then here’s a simple solution. It makes the list because it’s totally free, and offers SSL as an option.



Recommended article: How To Setup Free VPN Service On Kali Linux For Anonymity