What is TOR Network:
Tor is free software for enabling online anonymity. Tor directs Internet traffic through a free, worldwide volunteer network consisting of more than three thousand relays to conceal a user’s location or usage from anyone conducting network surveillance or traffic analysis. Using Tor makes it more difficult to trace your Internet activity.
How TOR works
the user’s software or client incrementally builds a circuit of encrypted connections through relays on the network. The circuit is extended one hop at a time, and each relay along the way knows only which relay gave it data and which relay it is giving data to. No individual relay ever knows the complete path that a data packet has taken. The client negotiates a separate set of encryption keys for each hop along the circuit to ensure that each hop can’t trace these connections as they pass through.
TOR starting steps
- Starting Vidalia (sudo tor) > then click on “Start Tor” button:
- Change the proxy settings in the browser into 127.0.0.1 port:9050
- Check that you are connected successfully through TOR network by the link: https://check.torproject.org/ the result should be as below
Using NMAP through TOR
make sure you do not use ICMPs or stealth mode in the nmap options to keep your anonymity
[user@linux ~]$ sudo proxychains nmap -n -PN -sT -p80 X.X.X.X
- -sT for full TCP connection (note: stealth mode “-sS” will not work through TOR)
- -n: no reverse DNS resolution
- -PN: no ping scan
- -p80,443 for specifying ports 80 and 443 to scan
- X.X.X.X is the target to scan
Using sqlmap through TOR
[user@linux ~]$ sudo /opt/backbox/sqlmap/sqlmap.py –tor –tor-type=SOCKS4 -u “https://www.yourtarget.com”
- Using TOR may not provide a complete anonymity and your identity my be revealed specially in the exit nodes
- some plugins in your browser may contact the site with your real identity and not through the TOR tunnels so it’s recommended to use the TOR bundle which has it’s own browser.
- there is some talks claiming that NSA invests a lot of money to to encourage hackers, journalists and activists use TOR !! don’t know their intentions but this makes it quite suspicious !