important aspect of Information Security, if you want to conduct
penetration testing on a remote computer then active connection is
required which surely reveal your identity, sometimes you need to
hide your identity while doing vulnerability assessment because of
your anonymity and security. Proxy Chaning is a concept which is very
helpful to hide an identity on the Internet.
What is Proxy Chaining?
Your Computer →
Proxy Server → Target Computer
Proxy Server → Target Computer
 |
| Proxy Concept |
The concept mentioned
above is the concept of simple proxy, when a user uses one proxy
server to hide his/her identity.
above is the concept of simple proxy, when a user uses one proxy
server to hide his/her identity.
Your Computer →
Proxy Server 1 +.......+ Proxy Server N → Target Computer
Proxy Server 1 +.......+ Proxy Server N → Target Computer
 |
| Proxy Chains |
Now the usage of
multiple proxies at a time is called Proxy Chaining, it is reliable
in-terms to hide the identity. In simple words
multiple proxies at a time is called Proxy Chaining, it is reliable
in-terms to hide the identity. In simple words
“Proxy Chaning is the
process to use multiple proxies in chain.”
What is Proxy Chains?
The
basic concept of proxy chaining is discussed now in this section we
will discuss the practical aspect of Proxy Chaining, Proxy Chains
(ProxyChains) is an open source program which allows you to make TCP
and DNS connection by using proxy for example TOR.
basic concept of proxy chaining is discussed now in this section we
will discuss the practical aspect of Proxy Chaining, Proxy Chains
(ProxyChains) is an open source program which allows you to make TCP
and DNS connection by using proxy for example TOR.
TOR
is not necessary for proxychains, you may use any SOCKS 4, SOCKS 5
and HTTPS proxy. There are so many advantages of Proxy Chains for
example:
is not necessary for proxychains, you may use any SOCKS 4, SOCKS 5
and HTTPS proxy. There are so many advantages of Proxy Chains for
example:
- Hide identity
- It can bypass
Firewall (If you are behind a firewall or local proxy server) - And many more
Proxy Chains Tutorial
Proxy
Chaining can be achieved on Windows OS too but in this section I will
discuss Linux Backtrack, you may use any Linux distribution including
Ubuntu.
Chaining can be achieved on Windows OS too but in this section I will
discuss Linux Backtrack, you may use any Linux distribution including
Ubuntu.
In
Backtrack 5 R3 proxychains is already configured but if you are using
any other version of Linux you may download it from official website.
Follow the command mentioned below to get proxychains via terminal.
Backtrack 5 R3 proxychains is already configured but if you are using
any other version of Linux you may download it from official website.
Follow the command mentioned below to get proxychains via terminal.
root@bt:~#
apt-get install proxychains
Now the second step is to configure proxychains, there
are two options that can be used whether use nano to edit config file
on terminal and the other option is to use your favorite editor, both
commands are mentioned below.
are two options that can be used whether use nano to edit config file
on terminal and the other option is to use your favorite editor, both
commands are mentioned below.
root@bt:~# nano /etc/proxychains.conf
--OR--
root@bt:~# sudo gedit /etc/proxychains.conf
The second option has been used to discuss this
tutorial, you may see that there are three options along with there
definitions and usage.
tutorial, you may see that there are three options along with there
definitions and usage.
- Dynamic
Chain - Strict
Chain - Random
Chain
 |
| ProxyChains Configuration |
Delete
# from the front of technique that you want to use, its time to get
some proxies. Private and highly anonymous proxies work best (if you
can afford) otherwise use the publicly available proxies.
# from the front of technique that you want to use, its time to get
some proxies. Private and highly anonymous proxies work best (if you
can afford) otherwise use the publicly available proxies.
Do
not delete the last line, add your proxy list after this line.
not delete the last line, add your proxy list after this line.
 |
| Proxy Chains Configuration |
Dynamic
chain is very good if you are using publicly available proxies.
chain is very good if you are using publicly available proxies.
Proxy Chains usage is very simple (proxychains <prog> [args])
Example:
This tutorial completely demonstrate the basic concept and usage of Proxy Chaining and Proxy Chains, if you have any question then feel free to ask on the comment box.
root@bt:~# proxychains nmap ehacking.net
root@bt:~# proxychains firefox
root@bt:~# proxychains msfconsole
root@bt:~# proxychains telnet 192.168.1.1
Example:
 |
| Proxy Chaining |
Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription or become our Facebook fan! You will get all the latest updates at both the places.
*
No comments:
Post a Comment