Setting up Tor on BackTrack

I was playing around with getting wpscan to run through the Tor network so I needed to setup Tor (from source) and Privoxy on BackTrack. These are the steps I took to setup Tor and Privoxy on Backtrack 5 R1. (wpscan does not yet support scanning through the Tor network)

I am no Tor expert and there are probably easier/better ways of doing this.

Installing Tor (Anonymous SOCKS proxy):

$apt-get install libssl-dev
$wget https://www.torproject.org/dist/tor-0.2.2.32.tar.gz
$tar -xzvf tor-0.2.2.32.tar.gz
$cd tor-0.2.2.32
$chmod +x configure
$./configure && make && src/or/tor

To check that Tor has been setup properly, add the following settings to your Firefox browser and then visit; https://check.torproject.org/

Installing Privoxy (HTTP proxy):

$apt-get install privoxy
$vim /etc/privoxy/config (uncomment line 1257, see comments[1] below)
$kill -9 (privoxy pid, there is probably a much nicer/easier way to do this)
$/usr/sbin/privoxy –pidfile /var/run/privoxy.pid –user privoxy /etc/privoxy/config

To check that Privoxy has been setup properly, add the following settings to your Firefox browser and then visit; http://config.privoxy.org/show-status/

Now all you have to do is point your applications to Privoxy on “127.0.0.1:8118″.

For example, to setup Nikto to use Tor/Privoxy, edit the nikto.conf file, lines 52-53:

# Proxy settings — still must be enabled by -useproxy
PROXYHOST=127.0.0.1
PROXYPORT=8118

And then run Nikto with the following command:

./nikto.pl -host 192.168.1.112 -useproxy

Please read the Tor warning before using Tor:
https://www.torproject.org/download/download.html.en#warning

References:
https://trac.torproject.org/projects/tor/wiki
https://trac.torproject.org/projects/tor/wiki/doc/TorifyHOWTO
http://www.privoxy.org/faq/misc.html#TOR

Comments:

[1] Also uncomment the following lines to use tor/privoxy when connecting to machines on your LAN:

# forward 192.168.*.*/ .
# forward 10.*.*.*/ .
# forward 127.*.*.*/ .

15 thoughts on “Setting up Tor on BackTrack

  1. Kinjo

    Add a note for TOR, it will not support tools that use UDP or ICMP packets and you will not be anonymous.

  2. Kelvin Lomboy

    Thanks for the Tor on BT tutorial. At the beginning I was having problems installing libssl-dev on my BT 5r2 Gome 64 bit VM. This is what I was getting:

    Reading package lists… Done
    Building dependency tree
    Reading state information… Done
    Some packages could not be installed. This may mean that you have
    requested an impossible situation or if you are using the unstable
    distribution that some required packages have not yet been created
    or been moved out of Incoming.
    The following information may help to resolve the situation:

    The following packages have unmet dependencies:
    libssl-dev: Depends: libssl0.9.8 (= 0.9.8k-7ubuntu8.6) but 0.9.8k-7ubuntu8.8 is to be installed
    E: Broken packages

    So I did the following to get around this issue:

    root@bt:~# wget http://security.ubuntu.com/ubuntu/pool/main/o/openssl/libssl-dev_0.9.8k-7ubuntu8.8_amd64.deb
    root@bt:~# dpkg -i libssl-dev_0.9.8k-7ubuntu8.8_amd64.deb
    root@bt:~# wget https://www.torproject.org/dist/tor-0.2.2.35.tar.gz
    root@bt:~# tar -xzvf tor-0.2.2.35.tar.gz
    root@bt:~# cd tor-0.2.2.35
    root@bt:~# ./configure && make && src/or/tor

    Hope this helps for anybody that is having this same issue as I had.

    I had no issues installing Privoxy. Thanks again!!

  3. CaptainBanjax

    I personally use Tor coupled with tsocks. Works like a charm. Tsocks is a nice little app that allows you to use a socks proxy with pretty much any app…whether or not proxies are natively supported.

    On an Ubuntu based OS just follow these steps:

    1. Install vidalia.

    sudo apt-get install vidalia

    when requested, allow ‘permanent takeover’ should you wish Vidalia to be your main frontend for Tor.

    This will also install Tor and all of its requisite packages.

    I generally opt to use Vidalia because it’s just easy.

    2. Install tsocks (if it isn’t already present).

    sudo apt-get install tsocks

    3. Update the tsocks config file to use Tor as it’s proxy.

    sudo nano /etc/tsocks.conf

    In the file if you scroll down you’ll see a line with a ‘server’ parameter. Change that to 127.0.0.1 then further down you’ll see a ‘port’ parameter. Change this to 9050.

    4. Run the wpscan script from the directory you have it in as follows:

    tsocks ./wpscan

    Easy!

  4. Robin

    You can just add the official Tor repo then install using apt.

    Add these lines to /etc/apt/sources.l

    deb http://deb.torproject.org/torproject.org lucid main
    deb-src http://deb.torproject.org/torproject.org lucid main

    Then you need to add the gpg key to your repo keychain (all one line)

    gpg –keyserver keys.gnupg.net –recv 886DDD89 && gpg –export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -

    Now update the package lists

    apt-get update

    And finally install tor

    apt-get install tor

Comments are closed.