Thursday, April 12, 2012

Tunneling the Applications you launched on your Terminal with Tsocks

With some of the applications that don't have proxy configurations or settings, how can we add anonymity to our information gathering, scanning, exploiting phases, etc. like nmapping, using theharvester to gather emails, and many more? It's bad leaving your footprints and logs right?

Well if we have tsocks application then it would be easier since it can send TCP connections automatically through a SOCKS server. If tsocks is not installed on your distro, you can just find it on the software repository. In my case, BackBox Linux has tsocks pre-installed. It can be used for TORifying or tunneling your applications that doesn't have proxy capabilities. Supposed I opened a certain SSH server then binded my localhost at 9191 TCP port, I need to configure /etc/tsocks.conf to:

local =

server =

server_type = 5

server_port = 9191
For TOR, you can just edit the server_port to 9050 because it opens a SOCKS local server at 9050 TCP port.

ssh -D 9191 user@hostname

After configuring tsocks, try to check if tsocks is working good by using the lynx web browser to connect to a website that tells you if you are tunneled or you could also tunnel to another ssh server and issue the command w/who. Be sure to put tsocks before the command. For example:

tsocks lynx

The IP of the SSH Server ;)

The image below is my original IP without using ssh tunneling:

See the difference ayt!

So if I want to launch theharvester (email harvester) anonymously, I need add tsocks before theharvester command:

tsocks theharvester -d -l 500 -b google

 Now you can run your pentesting tools with added anonymity :)

About the Contributor:
Shipcode is a prolific blogger of ROOTCON and at the same time an InfoSec enthusiast from Cebu. He was inspired to join ROOTCON as part of the core team to share his knowledge in information security.  He encourages other like minded individuals to come forward and share their knowledge through blogging right here at ROOTCON Blog section.

ROOTCON is managed by like minded InfoSec professionals across the Philippines.  All rights reserved. Designated trademarks, brands and articles are the property of their respective owners.