Anonymity First – Tor & Metasploit

Anonymity First
Tor protects your anonymity by bouncing your communications around a distributed network of relays, run by volunteers all around the world. The primary purpose of Tor is to protect communications and improve privacy and security on the Internet. To remain anonymous we should launch our attacks through the TOR network using the Socat program. Socat is a command line utility that establishes two bidirectional byte streams and transfers data between them. Let us assume that the IP address of our target machine
is 192.168.1.5. We run Socat in this way:

socat TCP4-LISTEN:3333,fork SOCKS4a:127.0.0.1:192.168.1.5:80,socksport=9050

The above command sets up a local Socat proxy listening on port 3333. Socat will forward all TCP traffic for 192.168.1.5:80 via the SOCKS TOR proxy that is listening on 127.0.0.1 on port 9050.

Launch attacks via Tor
Now, to launch your attacks via tor and socat and exploit your target machine at IP address 192.168.1.5, you have to set the target IP to 127.0.0.1 (RHOSTS) and remote port to 3333 (RPORT).

 
This post is part of my article about metasploit which was originally published in PenTest Magazine, August issue.

%d bloggers like this: