Search the Community

Hi! This will be the discussion/support thread for TORtle module. I sent the pull request several days ago but as I don't know when it will pushed I decided to open the thread already and attach the file just in case anyone wants to try it. First, what is TORtle? It's bassically a module that combines TOR and LAN Turtle in an automatic convenient way. It does two main things: 1- TORShell: Sets up a hidden service inside TOR network. By default it is a TORShell (SSH within TOR), that is a redirection to local port 22 (ssh)... but you can configure to offer any service you want. This offers another possibility of remote shell WITHOUT requiring any sort of proxy/host pivoting or reverse connection to your machine. LAN Turtle has lots of reverse shell options, which is cool, but having the possibility of direct/arbitrary/anonymous direct shells might be handy in some usage cases. TORShell offers just another one of those options. Also you can use it to host an httpd server (or any other service) inside TOR if you want. For example: My Turtle has a web server at: securityfrod4xaa.onion (or https://securityfrod4xaa.onion.to if connecting from "regular" internet). Of course all of this is provided by the openwrt 'tor' client, TORtle just takes care of automagically setting it all up for you. 2- TORGateway: If enabled, automatically and conveniently forwards all ETH0 traffic through a TOR Transparent Proxy. It's a very simple way make all the connectivity for the USB connected PC go through TOR, simply starting the service with that configuration and not having to do anything else on the PC. TORtle will take care of all the necessary redirections for you. Also, another option is to just run the regular TOR Proxy, for which you can also enable/disable turtle's IP forwarding for added prevention against unintentional leaks. All of this you can choose in the simple configuration screen. I also think that this could be a good place to discuss what are the best/more secure ways to access the TOR network. Ie: The risks of DNS leaking, other spyware inadvertently leaking when forwarding ALL traffic, if it is prefereable to use torified applications with a regular TOR proxy instead a full gateway, etc... And also, any bugs or ideas to improve TORtle are very much welcome. I *really* need your feedback. Thanks! P.D.: I don't see the file I attached to my post... anyway, you can download it from https://securityfrod4xaa.onion.to/tortle Just place it on /etc/turtle/modules and you are all set to use it from 'turtle' menu. - Shad.