ProxyChains + Tor Backtrack 5 R3 Tutorial

-
To remain anonymous is one of the
important aspect of Information Security, if you want to conduct
penetration testing on a remote computer then active connection is
required which surely reveal your identity, sometimes you need to
hide your identity while doing vulnerability assessment because of
your anonymity and security. Proxy Chaning is a concept which is very
helpful to hide an identity on the Internet.




What is Proxy Chaining?







Your Computer →
Proxy Server → Target Computer

Proxy Concept


The concept mentioned
above is the concept of simple proxy, when a user uses one proxy
server to hide his/her identity.

Your Computer →
Proxy Server 1 +.......+ Proxy Server N → Target Computer



Proxy Chains


Now the usage of
multiple proxies at a time is called Proxy Chaining, it is reliable
in-terms to hide the identity. In simple words

Proxy Chaning is the
process to use multiple proxies in chain.”

What is Proxy Chains?


The
basic concept of proxy chaining is discussed now in this section we
will discuss the practical aspect of Proxy Chaining, Proxy Chains
(ProxyChains) is an open source program which allows you to make TCP
and DNS connection by using proxy for example TOR.

TOR
is not necessary for proxychains, you may use any SOCKS 4, SOCKS 5
and HTTPS proxy. There are so many advantages of Proxy Chains for
example:



    • Hide identity
    • It can bypass
      Firewall (If you are behind a firewall or local proxy server)
    • And many more

      Proxy Chains Tutorial


      Proxy
      Chaining can be achieved on Windows OS too but in this section I will
      discuss Linux Backtrack, you may use any Linux distribution including
      Ubuntu.

      In
      Backtrack 5 R3 proxychains is already configured but if you are using
      any other version of Linux you may download it from official website.
      Follow the command mentioned below to get proxychains via terminal.

      root@bt:~#
      apt-get install proxychains

      Now the second step is to configure proxychains, there
      are two options that can be used whether use nano to edit config file
      on terminal and the other option is to use your favorite editor, both
      commands are mentioned below.

      root@bt:~# nano /etc/proxychains.conf
      --OR--
      root@bt:~# sudo gedit /etc/proxychains.conf

      The second option has been used to discuss this
      tutorial, you may see that there are three options along with there
      definitions and usage.




      • Dynamic
        Chain
      • Strict
        Chain
      • Random
        Chain
      ProxyChains Configuration


      Delete
      # from the front of technique that you want to use, its time to get
      some proxies. Private and highly anonymous proxies work best (if you
      can afford) otherwise use the publicly available proxies.

      Do
      not delete the last line, add your proxy list after this line.


      Proxy Chains Configuration


      Dynamic
      chain is very good if you are using publicly available proxies.

      Proxy Chains usage is very simple (proxychains <prog> [args])

      root@bt:~# proxychains nmap ehacking.net

      root@bt:~# proxychains firefox

      root@bt:~# proxychains msfconsole

      root@bt:~# proxychains telnet 192.168.1.1


      Example:

      Proxy Chaining
       This tutorial completely demonstrate the basic concept and usage of Proxy Chaining and Proxy Chains, if you have any question then feel free to ask on the comment box. 








      Note: If you want to learn more about Linux and Windows based Penetration testing, you might want to subscribe our RSS feed and Email Subscription  or become our Facebook fan! You will get all the latest updates at both the places.


      *

      *

      Comments

      Post a Comment

      Popular posts from this blog

      Protopage a great iGoogle Alternative

      -
      Well if you haven't heard iGoogle will be shut down by Google in November of 2013, so it may be time to look at some alternatives. I recently came across Protopage you can find them here http://www.protopage.com/ Protopage launched in 2005 and is still going despite nearly every other start page shutting down or becoming derelict. Due to popular demand, they have released better support for tablets and larger smartphones, so that you have the choice between viewing the mobile version or the normal version of Protopage on your device. There isn't much to dislike about Protopage. It has a very nice Web 2.0-oriented design, and it is very solid in every area that you expect from a personalized start page. The ability to view multiple RSS feeds in a single module and the integrated podcasts puts this start page right up there among the best. What’s the business model? No idea. It’s totally free and sans-ads, at least for now. No registration at all is requir...
      Read more

      A simple Flex Builder contact form

      -
      Ok here is my simple flex builder contact form. It will validate fields then post form data to a backend page for processing. This Flex Builder Form does not use the httpservice to retrieve information its just a simple post form that keeps the bots from filling out the form on a standard web site   <?xml version="1.0" encoding="utf-8"?> <mx:Application xmlns:validators="validators.*" applicationComplete="validator()" xmlns:mx="http://www.adobe.com/2006/mxml" layout="absolute" width="480" height="500" backgroundGradientColors="[#ffffff, #ffffff]"> <mx:Script>                 <![CDATA[                                 private function ...
      Read more

      Designing a Better Contact Page

      -
      Image
      A good contact page is essential for maintaining relationships with your visitors. Whether we’re talking eCommerce, magazines, personal websites, online services, users will usually seek out a contact page as their first means of communication with you. Oddly enough, many web designers neglect the humble contact page, even considering it one of the least important aspects of a website. Let’s put that right. The Importance of a Good Contact Page A contact page is often overlooked. How many times have you visited a website, wanting to get in touch to complain about a product or service, or ask a question? And how often have you struggled with a contact form? A good contact page can benefit any type of business. It can improve customer satisfaction by helping users with their problems. It can also help a business improve its products and services by providing an avenue for valuable feedback. Other channels can be limited when it comes to user feedback. Television, radio, magazines, news...
      Read more