As a Certified Ethical Hacker, their’s always a need to test for vulnerabilities on remote servers where it’s extremely important to hide our IP address and Mac address.

90% of my time goes on testing vulnerabilities, finding the best solution and implementing IDS and IPS on LINUX server (Cent OS and RHEL) but hiding your identity is the first step towards penetrating servers and websites.

Best OS to use is Back Track 5 R3/Black Hat Edition, so let’s start with the below point and latter down will post article of Macchanger.

  • Tor
  • polipo

TorTor is an open source implementation of 2nd generation onion routing that provides free access to an anonymous proxy network. Its primary goal is to enable online anonymity by protecting against traffic analysis attacks.

How to Install on Backtrack 5 R3 (Black Hat Edition)?

Step 1: vim /etc/apt/sources.list and add below line and save the file,

deb http://deb.torproject.org/torproject.org lucid main

Step 2: gpg –keyserver keys.gnupg.net –recv 886DDD89

step 3: gpg –export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DD89 | sudo apt-key add –

step 4: apt-get update

step 5: apt-get install tor tor-geoip

step 6: Download the Tor Browser Bundle for Linux

http://www.torproject.org.in/download/download-easy.html.en#linux

step 7: tar -xzvf tor-browser-gnu-linux-i686-2.3.25-2-dev-en-US.tar.gz

step 8: cd tor–browser_en-US

step 9: vi start-tor-browser

and change below, [-eq 0 to -eq 1]

if [ “`id -u`” -eq 0 ]; then
complain “The Tor Browser Bundle should not be run as root.  Exiting.”
exit 1
fi

to

if [ “`id -u`” -eq 1 ]; then
complain “The Tor Browser Bundle should not be run as root.  Exiting.”
exit 1
fi

PolipoInstalling a http proxy cache like Polipo can be advantageous in several ways. It makes internet access faster and has a filtering utility. As Polipo is only accessible from the machine on which it is installed, there is less security risk.

step 10: Install polipo service (easy HTTP proxy cache)

apt-get install polipo

step 11: cd /etc/polipo

step 12: mv config config-backup.txt

step 13: copy all the text from http://pastebin.com/p86qy8qx

step 14: touch config (will create a file under /etc/polipo)

step 15: paste the txt copied from step 13 in the config file.

step 16: service polipo start

step 17: service tor start

step 18: run the tor script,

cd /root/tor-browser_en-US

step 19: and you have installed Tor,

https://check.torproject.org/ to check and you’ll get something like this,

tor

when you browse any website the IP address will be spoofed.

Example –> http://www.example.com

Server Side Logs:

77.244.254.228 – – [24/Jan/2013:16:47:08 +1100] “GET /css/example.css  HTTP/1.1” 200 103 “http://www.example.com/” “Mozilla/5.0 (Windows NT 6.1; rv:10.0) Gecko/20100101 Firefox/10.0”
77.244.254.228 – – [24/Jan/2013:16:47:06 +1100] “GET / HTTP/1.1” 200 67553 “-” “Mozilla/5.0 (Windows NT 6.1; rv:10.0) Gecko/20100101 Firefox/10.0”
77.244.254.228 – – [24/Jan/2013:16:47:09 +1100] “GET /images/example.jpg HTTP/1.1” 304 – “http://www.example.com/” “Mozilla/5.0 (Windows NT 6.1; rv:10.0) Gecko/20100101 Firefox/10.0”
77.244.254.228 – – [24/Jan/2013:16:47:09 +1100] “GET  /images/example1.jpg HTTP/1.1” 304 – “http://www.example.com/” “Mozilla/5.0 (Windows NT 6.1; rv:10.0) Gecko/20100101 Firefox/10.0”

Let’s check what our TOR browser says,

onion

Germany 🙂 🙂