torsocks allows yous to usage around applications inwards a prophylactic way alongside TOR. It ensures that DNS requests are handled safely in addition to explicitly rejects whatever traffic other than TCP from the application you’re using. In this post nosotros volition cover IP spoofing inwards Kali Linux alongside torsocks which volition allow users to connect to certainly services that is banned to them. torsocks is an ELF shared library that is loaded earlier all others. The library overrides every needed Internet communication libc usage calls such every bit connect() or gethostbyname().
This procedure is transparent to the user in addition to if torsocks detects whatever communication that can’t become through the Tor network such every bit UDP traffic, for instance, the connectedness is denied. If, for whatever reason, at that spot is no way for torsocks to supply the Tor anonymity guarantee to your application, torsocks volition strength the application to quit in addition to halt everything. In this article I volition take away yous to IP spoofing inwards Kali using torsocks.
Many applications exercise non straight back upwards the usage of SOCKS proxy. torsocks enables such applications to usage the tor SOCKS proxy.
torsocks library to transparently allow an application to usage a SOCKS proxy.Installation
torsocks gets installed along alongside the tor bundle on Kali Linux or Ubuntu for example:
root@kali: # apt-get install tor
(or)
user@ubuntu: $ apt-get install tor
Building from source code
Requirements
- autoconf
- automake
- libtool
- gcc
Installation
./configure
make
sudo brand install
If yous are compiling it from the git repository, run ./autogen.sh earlier the configure script.
Using torsocks
Now all network connections s made past times the telnet programs shall endure routed through the tor proxy. There was many ways to get Public IP from Linux Terminal. To encounter the proxy consequence endeavour opening the the URL http://icanhazip.com/ through curl. The URL echos earth IP of the requesting user. Without proxy it would hold back something similar this:
root@kali: # whorl icanhazip.com
123.123.93.36
root@kali: #
That agency my Public IP address is 123.123.93.36. Now using it alongside torsocks.
root@kali: # torsocks whorl icanhazip.com
[Dec 28 20:20:26] PERROR torsocks[2979]: socks5 libc connect: Connection refused (in socks5_connect() at socks5.c:185)
curl: (6) Could non resolve host: icanhazip.com
root@kali: #
Opps, that simply agency I forgot to outset tor service. Start tor application using the next command:
root@kali: # service tor start
root@kali: #
Now endeavour again:
root@kali: # torsocks whorl icanhazip.com
197.231.221.211
root@kali: #
Sweet as, instantly my Public IP changed to 197.231.221.211 because the URL was opened through the TOR proxy.
You should endure able to usage unlike application via torsocks using the next command:
root@kali: # torsocks [application]
For instance nosotros desire to usage telnet in addition to ssh command to connect through a SOCKS proxy. This tin endure done past times wrapping the telnet command alongside torify/usewithtor.
root@kali: # torsocks ssh username@some.ssh.com
root@kali: # torify telnet google.com 80
root@kali: # usewithtor telnet google.com 80
root@kali: # torsocks iceweasel
For to a greater extent than details, delight encounter the torsocks.1, torsocks.8 in addition to torsocks.conf.5 homo pages. Also, yous tin usage -h, --help for all the possible options of the torsocks script.
A configuration file named torsocks.conf is also provided for the user to command to a greater extent than or less parameters.
You tin also usage the torsocks library without the script provided:
LD_PRELOAD=/full/path/to/libtorsocks.so your_app
Security
The tables below listing applications that usewithtor /torsocks volition transportation through Tor. At the minute a 100% guarantee of prophylactic interoperability alongside Tor tin entirely endure given for a few of them. This is because the performance of the applications in addition to the information they transmit has non been fully researched, thence it is possible that a given application tin leak user/system information at a degree that neither Tor nor torsocks tin control.
The next administrative applications are known to endure compatible alongside usewithtor:
| Application | 100% Safe | DNS | Comments |
| ssh | M | Y | Potential for identity leaks through login. |
| telnet | M | Y | Potential for identity leaks through login in addition to password. |
| svn | M | Y | |
| gpg | M | Y | gpg --refresh-keys industrial plant good enough. |
The next messaging applications are known to endure compatible alongside usewithtor:
| Application | 100% Safe | DNS | Comments |
| pidgin | M | Y | Potential for identity leaks through login in addition to password. |
| kopete | M | Y | Potential for identity leaks through login in addition to password. |
| konversation | M | Y | Potential for identity leaks through login in addition to password. |
| irssi | M | Y | Potential for identity leaks through login in addition to password. |
| silc | M | Y | Potential for identity leaks through login in addition to password. |
The next email applications are known to endure compatible alongside usewithtor:
| Application | 100% Safe | DNS | Comments |
| claws-mail | * | * | Use TorBirdy (Tor Button for Thunderbird) instead! |
| thunderbird | * | * | Use TorBirdy (Tor Button for Thunderbird) instead! |
The next file transfer applications are known to endure compatible alongside usewithtor:
| Application | 100% Safe | DNS | Comments |
| wget | N | N | Probable identity leaks through http headers. Leaks DNS in addition to connects straight inwards certainly cases when used alongside polipo in addition to torsocks. http://pastebin.com/iTHbjfqM http://pastebin.com/akbRifQX |
| ftp | M | Y | Passive way industrial plant good generally. |
Table legend:
DNS: DNS requests prophylactic for Tor?
due north - The application is known to leak DNS requests when used alongside torsocks.
Y - Testing has shown that application does non leak DNS requests.
100% Safe: Fully verified to convey no interoperability issues alongside Tor?
due north - Anonymity issues suspected, encounter comments column.
chiliad - Safe plenty inwards theory, but either non fully researched or anonymity tin endure compromised
through indiscreet usage (e.g. electronic mail address, login, passwords).
Y - Application has been researched in addition to documented to endure prophylactic alongside Tor.
Check the project homepage to unwrap out what applications travel good alongside torsocks . For instance pidgin industrial plant alongside torsocks . Just launch it alongside the usewithtor command
usewithtor pidgin
Conclusion
TOR or torsocks is free, somewhat secure, allows yous to bypass proxies, Firewall, monitoring in addition to content filtering. Though, it tin endure natively blocked inwards Firewalls in addition to Proxies. Its former is ho-hum in addition to former is non that secure you’d think. If yous unwrap that using torsocks or tor is simply besides ho-hum for you, thence yous tin ever usage VPN services similar PrivateInternetAccess which is deemed 1 of the best in addition to around secured. Find a slap-up in addition to lengthy article on setting upwards VPN services which I recommend for serious users. If yous can’t afford paid VPN services, yous mightiness desire to endeavour Anonsurf which is slow to setup in addition to industrial plant pretty well.
Users from Iran, Pakistan, Egypt, China, Bangladesh, Democratic People's South Korea etc. where content filtering is done inwards National Level perhaps it’s a way to larn the vocalism out. I exercise non desire to beak over the legality of that in addition to volition larn out that to you. Using proxy is to a greater extent than or less other way for spoofing IP addresses.
On a similar note, I’ve previously covered issues where yous tin DoS using spoofed IP Address, install in addition to usage TOR, creating hidden services inwards TOR similar DarkNet or SilkRoad etc.
