How To Proxy Any Linux Command With Tor and increase your anonymity.

Posted on:September 25, 2023 at 01:00 AM

Introduction

Hey, In this article we will get through how you can hide your identity in Linux while working with the terminal.

We will make use of the Tor network in order to proxy literally any command you want to execute, this makes sure that your identity is hidden and your IP address is not exposed to the internet.

Tor Network

What is Even Tor?



The Tor (The Onion Router) network, is a remarkable technology that provides a high degree of online anonymity and privacy. It’s a critical tool for those seeking to protect their digital identities and communicate without the risk of surveillance or censorship.

Tor’s core principle lies in onion routing, a concept that enables multi-layered encryption to conceal both the source and destination of internet traffic, as example if you wanted to send a simple HTTP request to some server without Tor it would look like this:

# request
Your IP -> Server IP

# response
Your IP <- Server IP

And so your IP address is exposed to the server, it will have information about you in general, even it is not a big deal for some people, but for others it is, and that’s why Tor comes in handy, it will make the request look like this:

# request
Your IP -> Relay 1 -> Relay 2 -> Relay 3 -> Server IP

# response
Your IP <- Relay 1 <- Relay 2 <- Relay 3 <- Server IP

And now, the server will only see the IP address of the last relay, and it will not be able to trace back the request to you, and your IP address will be hidden from it.

How does Tor work?

The core principle of Tor can be summarized with this:

Multiple Relays: Tor traffic is routed through a series of volunteer-operated servers known as “relays.” Each relay peels off a layer of encryption, much like the layers of an onion, before passing the data to the next relay. This way, no single relay can trace the complete path of your data.

Entry Node: Your data enters the Tor network through an “entry node.” At this point, the first layer of encryption is removed, revealing the IP address of the entry node. Importantly, Tor doesn’t reveal your true IP address to the websites you visit.

Middle Nodes: The data then passes through several “middle nodes,” with each node decrypting one layer of the encryption. This makes it extremely difficult for anyone monitoring the network to trace the traffic back to its source.

Exit Node: Finally, your data exits the Tor network through an “exit node.” The last layer of encryption is removed at this point, allowing your data to reach its destination. The website you visit sees the IP address of the exit node, not your real IP address.



How to install Tor on Linux?

Linux distributions usually have Tor in their repositories, so you can install it using your package manager, for example in Ubuntu you can install it using this command:

sudo apt install tor

Fedora:

sudo dnf install tor

debian:

sudo apt-get install tor

Arch Linux:

sudo pacman -S tor

You really need only to install it using your package manager, but if you want to compile it from source, you can do it by following the instructions in the official website.

How to start & ensure that Tor is running?

After installing Tor, you can start it using this command:

sudo systemctl start tor

or

sudo service tor start

And you can confirm that it is running using this command:

sudo systemctl status tor

or

sudo service tor status

you should see n activated status like this:

 tor.service - Anonymizing overlay network for TCP (multi-instance-master)
     Loaded: loaded (/lib/systemd/system/tor.service; enabled; vendor preset: enabled)
     Active: active (exited) since Mon 2023-09-25 20:34:41 +01; 55min ago
    Process: 7742 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
   Main PID: 7742 (code=exited, status=0/SUCCESS)
        CPU: 1ms

Sep 25 20:34:41 GWhyyy systemd[1]: Starting Anonymizing overlay network for TCP (multi-instance-master)...
Sep 25 20:34:41 GWhyyy systemd[1]: Finished Anonymizing overlay network for TCP (multi-instance-master).

The line:

     Active: active (exited) since Mon 2023-09-25 20:34:41 +01; 55min ago

means that Tor is activated running successfully, and now we can use it as a proxy for our commands.

Proxychains

What is proxychains?

Proxychains is a tool that forces any TCP connection made by any given application to follow through proxy like TOR or any other SOCKS4, SOCKS5 or HTTP(S) proxy.

How to proxy any command with Tor?

Now that we have Tor running successfully on our Linux machine, we still didn’t use it as a proxy for anything, in order to demonstrate that we will proxy a simple HTTP request to some server later.

what will actually proxy our commands is a tool called proxychains, it is a tool that forces any TCP connection made by any given application to follow through proxy like TOR or any other SOCKS4, SOCKS5 or HTTP(S) proxy.

you need to install it by running:

ubuntu:

sudo apt install proxychains

Fedora:

sudo dnf install proxychains

debian:

sudo apt-get install proxychains

Arch Linux:

sudo pacman -S proxychains

Basically, you can install it with your distribution package manager.

How to configure proxychains?

After installing proxychains, you need to configure it, you can do that by editing the configuration file located in /etc/proxychains.conf using your favorite text editor, I will be using the simple nano editor:

sudo nano /etc/proxychains.conf

this will open the configuration file in the terminal, be careful while editing it, you can mess up the configuration, so make sure to follow the instructions.

Navigate to the bottom of the file, you will find the [ProxyList] section, where you can manage your proxies and add new ones, following its syntax, you can add a new proxy by adding a new line with the following syntax:

<ProxyType> <ProxyIP> <ProxyPort>

for example, if you want to add a new proxy with the type socks5 and the example IP 0.0.0.0 and the port 8080, you will add this line under the [ProxyList] section:

socks5 0.0.0.0 8080

After editing the configuration file, you need to save it, in nano you can do that by pressing ctrl + o and then enter, and then exit by pressing ctrl + x.

How to configure proxychains to use Tor?

As of the date of writing this article, Tor is using the port 9050 by default, and proxychains is configured by default to use the Tor port, by default the [ProxyList] section in the configuration file looks like this:

[ProxyList]
# add proxy here ...
# meanwhile
# defaults set to "tor"
socks4 127.0.0.1 9050

if by default you don’t have it like this, you can add it manually and save that file.

You just configured proxychains to use Tor to proxy your commands, now let’s see how to use it.

Usage & Real World Demonstration

We will try running a simple cURL command directly in the terminal, which will not be proxied, and then we will proxy it using proxychains and see the difference.

I will be sending the request to a website that takes the request IP and provide some information about it, like the country, the city, the location coordinates, the ISP, etc… like ipinfo.io which provides a free JSON API for that, which is very useful for demonstration purposes.

so let’s send that request with cURL directly in the terminal:

curl ipinfo.io

it will return this response:

{
  "ip": "...",
  "city": "...",
  "region": "Casablanca-Settat",
  "country": "MA",
  "loc": "..., ...",
  "org": "...",
  "postal": "...",
  "timezone": "...",
  "readme": "https://ipinfo.io/missingauth"
}

Note: all sensitive information is replaced with ... for privacy reasons.

The response got from the server will literally take the requester IP address and provide information about it, which mean that it knows us, and that’s what we want to hide, we want to make the server think that the request is coming from another IP address that exists ins ome random other place/country, so now let’s proxy that request using proxychains:

proxychains curl ipinfo.io

it will return this response:

{
  "ip": "23.153.248.35",
  "city": "Kansas City",
  "region": "Missouri",
  "country": "US",
  "loc": "39.0997,-94.5786",
  "org": "AS400861 0x7c0 Labs LLC",
  "postal": "64106",
  "timezone": "America/Chicago",
  "readme": "https://ipinfo.io/missingauth"
}

As you can see, the response is different even I sent that request from the same machine, and that’s because the request is proxied through the Tor network, and the server thinks that the request is coming from another IP address, which is the IP address of the last relay in the Tor network.

You just hid your identity and your IP address from a target server, so you be more anonym and secure while working with the terminal.

This applies to any other command, you will need literally to add proxychains before the command you want to proxy, and it will be proxied through the Tor network.

Conclusion

In this article, we learned how to install Tor on Linux, how to use it, and how to proxy any command with it with proxychains, and we demonstrated that by proxying a simple HTTP request to a server.

I hope you enjoyed this article, and I hope you learned something new, if you have any questions or suggestions, feel free to reach me on LinkedIn, or by contacting me on my email.