Recent

Setting up Tor on BackTrack

I was playing around with getting wpscan to run through the Tor network so I needed to setup Tor (from source) and Privoxy on BackTrack. These are the steps I took to setup Tor and Privoxy on Backtrack 5 R1. (wpscan does not yet support scanning through the Tor network)

I am no Tor expert and there are probably easier/better ways of doing this.

Installing Tor (Anonymous SOCKS proxy):

$apt-get install libssl-dev
$wget https://www.torproject.org/dist/tor-0.2.2.32.tar.gz
$tar -xzvf tor-0.2.2.32.tar.gz
$cd tor-0.2.2.32
$chmod +x configure
$./configure && make && src/or/tor

To check that Tor has been setup properly, add the following settings to your Firefox browser and then visit; https://check.torproject.org/

Installing Privoxy (HTTP proxy):

$apt-get install privoxy
$vim /etc/privoxy/config (uncomment line 1257, see comments[1] below)
$kill -9 (privoxy pid, there is probably a much nicer/easier way to do this)
$/usr/sbin/privoxy –pidfile /var/run/privoxy.pid –user privoxy /etc/privoxy/config

To check that Privoxy has been setup properly, add the following settings to your Firefox browser and then visit; http://config.privoxy.org/show-status/

Now all you have to do is point your applications to Privoxy on “127.0.0.1:8118″.

For example, to setup Nikto to use Tor/Privoxy, edit the nikto.conf file, lines 52-53:

# Proxy settings — still must be enabled by -useproxy
PROXYHOST=127.0.0.1
PROXYPORT=8118

And then run Nikto with the following command:

./nikto.pl -host 192.168.1.112 -useproxy

Please read the Tor warning before using Tor:
https://www.torproject.org/download/download.html.en#warning

References:
https://trac.torproject.org/projects/tor/wiki
https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO
http://www.privoxy.org/faq/misc.html#TOR

Comments:

[1] Also uncomment the following lines to use tor/privoxy when connecting to machines on your LAN:

# forward 192.168.*.*/ .
# forward 10.*.*.*/ .
# forward 127.*.*.*/ .

Posted on 8 September, 2011 by ethicalhack3r

7 Responses to “Setting up Tor on BackTrack”


  1. nameless


    root@bt:~# wget https://www.torproject.org/dist/torbrowser/linux/tor-browser-gnu-linux-i686-2.2.32-4-dev-en-US.tar.gz

    this is the new link


    Comment posted on September 28, 2011 at 18:18:15 BST

  2. Rahul Tyagi


    Yaa great man waiting for wpscan to support TOR too :)


    Comment posted on November 7, 2011 at 19:22:52 BST

  3. Kinjo


    Add a note for TOR, it will not support tools that use UDP or ICMP packets and you will not be anonymous.


    Comment posted on December 19, 2011 at 03:51:17 BST

  4. anonymous


    https://www.torproject.org/dist/torbrowser/linux/tor-browser-gnu-linux-i686-2.2.35-6-dev-en-US.tar.gz
    this is the newest link for the second command: wget (the link^^^)


    Comment posted on February 16, 2012 at 21:25:48 BST

  5. Kelvin Lomboy


    Thanks for the Tor on BT tutorial. At the beginning I was having problems installing libssl-dev on my BT 5r2 Gome 64 bit VM. This is what I was getting:

    Reading package lists… Done
    Building dependency tree
    Reading state information… Done
    Some packages could not be installed. This may mean that you have
    requested an impossible situation or if you are using the unstable
    distribution that some required packages have not yet been created
    or been moved out of Incoming.
    The following information may help to resolve the situation:

    The following packages have unmet dependencies:
    libssl-dev: Depends: libssl0.9.8 (= 0.9.8k-7ubuntu8.6) but 0.9.8k-7ubuntu8.8 is to be installed
    E: Broken packages

    So I did the following to get around this issue:

    root@bt:~# wget http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8k-7ubuntu8.8_amd64.deb
    root@bt:~# dpkg -i libssl-dev_0.9.8k-7ubuntu8.8_amd64.deb
    root@bt:~# wget https://www.torproject.org/dist/tor-0.2.2.35.tar.gz
    root@bt:~# tar -xzvf tor-0.2.2.35.tar.gz
    root@bt:~# cd tor-0.2.2.35
    root@bt:~# ./configure && make && src/or/tor

    Hope this helps for anybody that is having this same issue as I had.

    I had no issues installing Privoxy. Thanks again!!


    Comment posted on March 24, 2012 at 03:59:11 BST

  6. CaptainBanjax


    I personally use Tor coupled with tsocks. Works like a charm. Tsocks is a nice little app that allows you to use a socks proxy with pretty much any app…whether or not proxies are natively supported.

    On an Ubuntu based OS just follow these steps:

    1. Install vidalia.

    sudo apt-get install vidalia

    when requested, allow ‘permanent takeover’ should you wish Vidalia to be your main frontend for Tor.

    This will also install Tor and all of its requisite packages.

    I generally opt to use Vidalia because it’s just easy.

    2. Install tsocks (if it isn’t already present).

    sudo apt-get install tsocks

    3. Update the tsocks config file to use Tor as it’s proxy.

    sudo nano /etc/tsocks.conf

    In the file if you scroll down you’ll see a line with a ‘server’ parameter. Change that to 127.0.0.1 then further down you’ll see a ‘port’ parameter. Change this to 9050.

    4. Run the wpscan script from the directory you have it in as follows:

    tsocks ./wpscan

    Easy!


    Comment posted on April 19, 2012 at 14:39:10 BST

  7. sh


    Thanks bro,reallly helped


    Comment posted on May 8, 2012 at 10:25:36 BST

Leave a Reply