Learn Ethical Hacking Episode #17: Staying Anonymous with ProxyChains (Part 1)


If you find yourself needing assistance at any point throughout the tutorial series, feel free to enroll in The Complete Ethical Hacking Course Bundle for 1 on 1 help!


Below is a list of the courses included in the bundle:

The Complete Ethical Hacking Course for 2018!
Certified Ethical Hacker Boot Camp for 2018!
The Complete Ethical Hacker Course: Beginner to Advanced!
Build an Advanced Keylogger for Ethical Hacking!

Hello everybody and welcome to this tutorial. Today, I will be talking about how you can configure proxychains to work in combination with tor in order to anonymize traffic. Not only web browsing traffic, but rather instead, all network related traffic generated by pretty much all of your applications. Now there are a few applications which will not work in combination with proxychains. Namely, one such application is Metasploit. Now Metasploit is practically a hacking framework, and it is of crucial importance for pretty much any sort of hacking activity in today’s world. It allows automated generation of the code needed to break certain systems, and it also contains a list of vulnerabilities as well. However, what I want to do here today is show you how you can anonymize pretty much all footprinting traffic, or traffic generated by nmap when you’re gathering information, or even when you are web browsing, and how you can cover your tracks in general.

One of the first things that you do need to do, in Kali Linux they come pre-installed, is download tor and proxychains. You may need to install these two software packages on other systems. Tor can be difficult. I have seen systems where tor is not installed by default, and I have shown in the previous tutorial how to install tor without any problems. What we will need to do here on Kali Linux is simply configure the software, and not install anything. So, let’s just navigate over to the etc proxychains configuration file, nano/etc/proxychains.conf, press ENTER, and there we go, we are in the configuration file. What is proxychains? Well, it gives you the ability to route your traffic through a series of proxy servers and stay anonymous by hiding behind them, or by having them forward your request so that it looks as if your requests are coming from them, as opposed to from you. Surprisingly enough, there is a large number of free proxy servers available that you can use, but they’re not very stable, they tend to go up and down, and they’re not very fast. So, for specific targets they can be useful, but not for any form of brute forcing attack. If you are doing something to a certain target, if you’re trying to log in or you’re already logged in, you can definitely do it through proxychains, and it will be reasonably fast and stable. If you’re performing some sort of mass scanning, or you’re brute forcing a password, proxychains with a list of proxies selected from the internet, free proxies that is, will not be very stable. I mean, it’s going to work eventually in a technical sense, but it will consume more time than you can spare. And by more time than you can spare, I mean a month or two to do a simple scan. For the time being, I want to show you how to use proxychains, how to configure them, because they are really useful useful. I use them fairly often, many people do, and it’s a fantastic piece of software.

First off, you have different types of proxies here which you can use. You have HTTP, socks4, and socks5. Now there are fundamental differences between these protocols. You always want to find yourselves a socks5 proxy, as that is the most advanced protocol, and it has the ability to anonymize all sorts of traffic. HTTP, well as the name itself says, it’s for HTTP traffic, and socks4 is very similar to socks5 but it does not support the ipv6 protocol, and it does not support the UDP protocol. So, socks4 can be rather problematic. You always want to make sure that you’re using sock5 whenever possible. Anyway, down below you have these options which we will go over. To enable these options you don’t need to type in any complex lines of code, or anything of a kind, you just delete the hash and that’s it. Save the file, the option is enabled. This hash presents a commented out line, meaning that the system reading this file will ignore it if there is a hash. If there isn’t a hash it will take it into consideration and interpret it accordingly. Anyway, what we have here are statements which allow us to specify how we want our traffic to be routed. So, first off, we have dynamic chain. Dynamic chain is an option which you will find people using the most. It is the most commonly used option, a preferable one, and I honestly think it’s the best one because it’s the most stable one. Here’s why. Suppose you have ABCD proxies, so those are some servers with IP addresses with open ports. If you have a strict chain policy like we have here, you will only be able to access any site by going through ABCD. So, you have to go through all of them, and you have to go through them in that specific order, ABCD. I am sure you can already see how that could present problems. I mean, if you’re paying for five proxies that’s not a problem because they will always be operational, they will always be up. That’s not a bad option at all. However, most people use free proxies, and they don’t tend to pay for them. Why would you pay for 5-10 proxies for a simple scan? They’re not free, they cost money, they’re not that expensive either, but still, the act of paying itself identifies you, and it diminishes the amount of anonymity you have on the net. There are some complex payment methods with which you can use to anonymize yourself, such as cryptocurrency, but still, it’s far simpler to use dynamic chains. So I’m going to go ahead and un-comment this line of code. Strict chains will no longer be used. I will be using dynamic chains. One more thing to note here is that if you want to use proxychains in combination with tor, so if you want to route all of your traffic through the Tor network, not just web traffic, you must enable dynamic chains. I mean there is a chance that it will work with strict chains, but due to the instability of tor nodes it is highly unlikely. Anyway, if you are using dynamic chains it gives you the ability to go from ABCD, to your desired destination, by not having to adhere to any order. So let’s say that C is down. You would go through ABD and it would work without any problems. If B was down you would go through AD, and you would still reach your destination. So, as long as one single proxy is functional it’s going to work, and it doesn’t require a specific order.

Down below you have random chain. Now random chains are, in effect, basically the same thing as resetting your services. If you’re resetting tor you will be assigned a new IP address, I mean tor assigns you a new IP address every 10 minutes or so, but with the random chain option you can specify a list of IPs. And then you can tell your computer, OK, I want you to connect to this point, and every time you connect, every time you transmit a packet, I want you to use a different proxy. We can do that as well, that’s definitely a viable option. You can say, OK, use this one five times and then change it to another one, or something like that. There are a lot of options to specify here, primarily the chain length. If we go ahead down below there’s the quiet mode, and you don’t really need that. Proxy DNS requests – no leak for DNS data, this is very important. You cannot have any DNS leaks. Let me explain to you what DNS leaks are. Even though somebody cannot get your particular IP address, they can get the IP address of the DNS server that you are using. What DNS servers do is resolve the domains to IP addresses, and vice-versa. So, for example, if you typed in youtube.com, the DNS server of your local ISP provider will resolve that into some sort of an IP address that YouTube has, and it will make a request. You do not want that happening because your local DNS server will be discovered, and that information can be used in order to figure out your personal IP address, and then your physical location is pretty much compromised. You definitely need proxy DNS here. It might slow you down a bit, but without it you won’t be anonymous. It is just a matter of time before somebody finds you. If you go down below we have some other options here, but we’re not really interested in them at the moment. What we got here are formats for entering proxies, and I’m going leave it at that. We will cover the rest in the follow-up tutorial. But, just a key note before you go onto the next tutorial, have a look at these. You don’t need to go on the internet and read anything about it, just have a look at the format here, how they are written. This is an example of proxychains and how you can write them down. So you have a type of proxy, you have an IP address, figure out what this number is, what this name is, and what this word here is. I will of course explain all of this in the next tutorial, but just try to figure it out on your own. It’s pretty simple. In any case, I bid you farewell, and I’ll see you in the next tutorial.

The remainder of the tutorial videos can be found in this YouTube playlist:


You can also enroll in the course and download the videos for offline viewing:


Subscribe on YouTube – https://www.youtube.com/c/JosephDelgadillo?sub_confirmation=1

Follow on Steemit – https://steemit.com/@jo3potato