Kali Linux Tutorial: Setting Up ProxyChains + Tor For Anonymity And Security

Setting Up ProxyChains + Tor For Anonymity- picateshackz.com


Hack anonymously is one of the important aspect of Information Security, if you want to conduct penetration testing on a remote computer then active connection is required which surely reveal your identity, sometimes you need to hide your identity while doing vulnerability assessment because of your anonymity and security. Proxy Chaining is a concept which is very helpful to hide an identity on the Internet.


The worst thing that can happen to any hacker is being detected by a security admin, the security technologies (IDS, firewall, etc.), or a forensic investigator.

Every time we send a packet to our intended target, that packet contains our IP address in the IP header. When we make a TCP connection, the target system will log our IP address as it logs all connections. If we set off any security alarms or alerts, our IP address will be logged. All of these events increase the possibility of detection.

In order to hack anonymously with the least chance of detection, we need to use an intermediary machine whose IP address will be left on the target system. This can be done by using proxies.

These systems are designed to accept our traffic and then forward it on to the intended target. Of course, the proxy will likely log our traffic, but an investigator would have to get a subpoena or search warrant to obtain the logs.
If we string multiple proxies in a chain, we make it harder and harder to detect our original IP address. If one of those proxies is outside the jurisdiction of the victim, it makes it very unlikely that any traffic can be attributed to our IP address.

In Kali Linux we have an excellent tool for proxying our traffic called proxychains. In this tutorial, I will show how to use this simple, but powerful tool.

Normal Proxy Vs Proxy Chaining


Normal Proxy Concept: Your Computer →Proxy Server → Target Computer

This is the concept of simple proxy, when a user uses one proxy server to hide his/her identity.

Read my previous post to know more about Proxies: Top Ten Free Proxy Websites For Anonymous Surfing


Proxy Chaining Concept: Your Computer → Proxy Server 1 +…….+ Proxy Server N → Target Computer

Now the usage of multiple proxies at a time is called Proxy Chaining, it is reliable in-terms to hide the identity. In simple words Proxy Chaning is the process to use multiple proxies in chain.

What is Proxy Chains?

The basic concept of proxy chaining is discussed now in this section we will discuss the practical aspect of Proxy Chaining, Proxy Chains (ProxyChains) is an open source program which allows you to make TCP and DNS connection by using proxy for example TOR.

TOR is not necessary for proxychains, you may use any SOCKS 4, SOCKS 5 and HTTPS proxy. There are so many advantages of Proxy Chains for example:

  • Hide identity
  • It can bypass Firewall (If you are behind a firewall or local proxy server)
  • And many more

In Kali Linux proxychains is already configured but if you are using any other version of Linux you may download it from official website. Follow the command mentioned below to get proxychains via terminal.


root@Kali:~# apt-get install proxychains


Let’s start,


Step 1: Finding proxychains in Kali Linux


Type the following command in Kali:

root@Kali:~# locate proxychains


As we can see in the screenshot below, proxychains is in the /usr/bindirectory. Since /usr/bin is in our PATH variable, we can use it from any directory. This is just as we would want since we use proxychains with other commands, which may NOT likely be in the PATH variable.



Step 2: Proxychains Syntax


The syntax for the proxycahins command is simple and straightforward.


root@Kali:~# proxychains <the command you want proxied> <any arguments>


So, if I wanted to use proxychains to scan a site with nmap anonymously, I could type:


root@Kali:~# proxychains nmap -sS <IP address>

Step 3: Set Up the Config File


Now it is time to configure proxychains, there are two options that can be used whether use nano to edit config file on terminal and the other option is to use your favorite editor, both commands are mentioned below.

root@kali:~# nano /etc/proxychains.conf 

–OR–

root@kali:~# sudo gedit /etc/proxychains.conf

When we do so, we will see a file like that displayed below. If we scroll down this file a bit, we will see a section that I have highlighted labeled “add proxy list here…”.


To get proxychains to use intermediary proxies, we simply need to add the IP addresses of the proxies we want to use here. It’s important to note that proxychains defaults to use Tor.

Notice the last line in the screenshot above. It directs proxychains to send the traffic first through our host at 127.0.0.1 on port 9050 (the default Tor configuration). If you are using Tor, leaves this as it is. If you are not using Tor, you will need to comment out this line.


Step 4: Let’s Test It


Now that we have put a proxy between us and any traffic we send, let’s test it out. In this case, I am simply going to do an nmap scan mytestsite.com anonymously by sending the scan through a proxy. The command would be as follows:

root@kali:~# proxychains nmap -sS 8.26.65.101



As you can see in the screenshot above, I have successfully scanned
mytestsite.com through my chosen proxy and returned the results back to me. In this way, it appears that my proxy scanned mytestsite.com and not my IP address.

Step 5: Add More Proxies


First, let’s add some more proxies to our list.  

Type the following command:

root@kali:~# sudo gedit /etc/proxychains.conf


Then add more proxy IPs like I’ve done below.

Step 6: Proxychaining


Now that we have multiple IPs in our proxychain.conf we can set up dynamic chaining. Dynamic chaining will enable us to run our traffic through every proxy on our list, and if one of the proxies is down or not responding, it will automatically go to the next proxy in the list without throwing an error.

To do so, let’s first open the proxychains configuration file again.

root@kali:~# sudo gedit /etc/proxychains.conf


With this file open, uncomment out the “dynamic_chains” line. This will enable dynamic chaining of our proxies allowing for greater anonymity and trouble-free hacking.


Step 7: Random Chaining


Finally, we can also use “random chaining”. With this option, proxychains will randomly choose IP addresses from our list and use them for creating our proxychain. This means that each time we use proxychains, the chain of proxy will look different to the target, making it harder to track our traffic from its source.

To do so, open the /etc/proxychains.conf file and comment out “dynamic chains” and uncomment “random chain”. Since we can only use one of these options at a time, make certain that you comment out the other options in this section before using proxychains.

In addition; you may want to uncomment the line with “chain_len”. This will determine how many of the IP addresses in your chain will be used in creating your random proxy chain.


Now that you know how to use proxychains, you can do your hacking with relative anonymity. I say relative, because there is no surefire way to remain anonymous with the NSA spying on all our activity. All we can do is make detection MUCH harder, and proxychains can help do this for us.




Recommended article: How To Setup Free VPN Service On Kali Linux For Anonymity

You may also like...

14 Responses

  1. I love reading such type of blogs that impart great knowledge to people. This one is really like that. http://incognitoline.com/how-to-change-ip-address-windows-7/

  2. Jenny David says:

    I was reading through some of your blog posts on this internet site and I believe this site is rattling informative! Keep on posting.
    access New Album Releases in UK

  3. Arnold says:

    Thanks to you for this very important information.One question, If Kali Linux is already using TOR, do I need to add additional proxy's ?

  4. Anonymous says:

    I've been wondering the same as Arnold. What is the better option? using just tor, or setting up many custom proxies?

  5. proxy chaining is far better, and kali linux has already its default tor so you should add additional proxies for more better anonymity

  6. yours9 says:

    dear sir,
    as per your guidance i tried to put random proxy chain
    my vpn is already ON
    SO should i use the above method ??
    request to give list of proxy addresses to put in – proxychains.conf

    thanking you.

  7. Anonymous says:

    Great tutorial. I managed to get something to work on a test VPS I use to practice attack.

    The issue however is that the auth.log file shows my Home IP even when using proxychains.

    My command run is:

    "proxychains hydra -s 22 -v -V -l root -P /usr/share/wordlists/testlist.txt -t 4 -w 60 SERVERIP ssh"

    Howerver iit said in the auth.log file:

    "reverse mapping checking getaddrinfo for MYHOMEIP failed – POSSIBLE BREAK-IN ATTEMPT!"

    Can you explain why it has my home IP some how via "reverse mapping? My proxychains list has about 15 proxies in it using dynamic_chain. Im very confused.

  8. Ram Niwas says:

    is any way to configure kali linux 2.25.2 as proxy server, if yes please publish steps for configuration

  9. Anonymous says:

    did you ever get this issue resolved?? if so can you please share how.. thank you so much in advance!

  10. I like your article it wordpress installation service is very nice would like to
    access Mp3Juices in UK

  11. Anonymous says:

    First let me thank you for all the information here! it is allowing me to fill in some gaps in my learning!
    Is proxy chaining through a VPN just too much?(loss in bandwidth for little gain?) or is it still a good idea?

  12. Defcon 2 says:

    All of my proxies 'timeout' or are 'denied'

  13. Anonymous says:

    Excelent tut and well explain, but when I use proxychains with nmap, scan is completed ok, and in the log files vistim system (I´m the victim and attacker at the same) see recorded my own IP attacker. I dont see proxychains works with nmap, why?.

    Anyone can confirm that?

    Regards.

Close