Jump to content

[Module] TORtle - TORShell + TORGateway


Shad

Recommended Posts

Hi!

This will be the discussion/support thread for TORtle module. I sent the pull request several days ago but as I don't know when it will pushed I decided to open the thread already and attach the file just in case anyone wants to try it.

First, what is TORtle?

It's bassically a module that combines TOR and LAN Turtle in an automatic convenient way. It does two main things:

1- TORShell: Sets up a hidden service inside TOR network. By default it is a TORShell (SSH within TOR), that is a redirection to local port 22 (ssh)... but you can configure to offer any service you want.

This offers another possibility of remote shell WITHOUT requiring any sort of proxy/host pivoting or reverse connection to your machine.

LAN Turtle has lots of reverse shell options, which is cool, but having the possibility of direct/arbitrary/anonymous direct shells might be handy in some usage cases. TORShell offers just another one of those options.

Also you can use it to host an httpd server (or any other service) inside TOR if you want. For example:

My Turtle has a web server at: securityfrod4xaa.onion (or https://securityfrod4xaa.onion.to if connecting from "regular" internet).

Of course all of this is provided by the openwrt 'tor' client, TORtle just takes care of automagically setting it all up for you.

2- TORGateway: If enabled, automatically and conveniently forwards all ETH0 traffic through a TOR Transparent Proxy. It's a very simple way make all the connectivity for the USB connected PC go through TOR, simply starting the service with that configuration and not having to do anything else on the PC. TORtle will take care of all the necessary redirections for you.

Also, another option is to just run the regular TOR Proxy, for which you can also enable/disable turtle's IP forwarding for added prevention against unintentional leaks.

All of this you can choose in the simple configuration screen.

I also think that this could be a good place to discuss what are the best/more secure ways to access the TOR network. Ie: The risks of DNS leaking, other spyware inadvertently leaking when forwarding ALL traffic, if it is prefereable to use torified applications with a regular TOR proxy instead a full gateway, etc...

And also, any bugs or ideas to improve TORtle are very much welcome. I *really* need your feedback.

Thanks!

P.D.: I don't see the file I attached to my post... anyway, you can download it from https://securityfrod4xaa.onion.to/tortle

Just place it on /etc/turtle/modules and you are all set to use it from 'turtle' menu.

- Shad.

Edited by Shad
  • Upvote 2
Link to comment
Share on other sites

  • 3 weeks later...
  • 1 month later...
  • 2 months later...

Hey Shad,

thanks for the great module it works perfectly for connecting back in using the hidden-service! Wouldn't it be cool to have pluggable transports included to hide the TOR traffic from DPI ans so forth?

I am unfortunatly not aware if this would be possible with the hidden service...

Best regards!

  • Upvote 1
Link to comment
Share on other sites

  • 1 year later...

@Shad

As it seemed, that you aren't anymore active on this module, I forked it and did some changes:

- added a submenu to the configuration
- added tor bridges
- added http & httpsproxy
- added FascistFirewall

@cyb3rwr3ck

Does this fullfill your request?

@all:

This version needs to be tested, so feel free to get it here: https://github.com/GermanNoob/tortle

@Darren Kitchen

What steps do I have to take to get the version added to the repo (after it is tested of course)?

 

Link to comment
Share on other sites

  • 5 months later...

Sorry for the late reply! 

Actually what I was looking for was the integration of pluggable transports (https://www.torproject.org/docs/pluggable-transports.html.en#user) which should hide the traffic for all kinds of deep-packets-inspection. 

Bridges are also good, but as far as I understand your code only uses 'standard' tor connections. The perfect combination would be bridges+PT (https://www.torproject.org/docs/bridges#PluggableTransports) to cicumvent DPI and statically blocked entry-guards. 

I will try to add the PT support asap. 

 

EDIT: I recognized that you also use obfs3. I will give it a try.

Edited by cyb3rwr3ck
recognized i was wrong
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...