ksecurity Posted January 31, 2014 Share Posted January 31, 2014 Dear Hak5ers, Apologies if this has been discussed, I only went a few pages in to see. So what I'm goofing with is the whole isolation proxy thing, using whonix-gateway in a VM (couldn't build successfully on my extra physical box). I followed the basic guide provided by them just to get er up and running. I'm a vmware man myself, but some extra work involved so went with the suggest virtualbox. So the guide suggest the following (actually a mix of two) vm #1 - the Whonix gateway. It has 2 NIC's : one is NAT so we can reach out on the net to TOR, second is an internal (called whonix) running on 192.168.0.10 by default vm#2 - kali (not whonix-workstation) with one NIC (the internal one called whonix) running on 192.168.0.20 So what's my beef? Well, a lot works in terms of tunneling everything through the whonix gateway, which is essentially the goold ole' "how to route everything through tor" debate. But the one item I'm trying to tinker with is getting metasploit to behave. Which it doesn't by default. What happens is (bear in mind this is through Armitage) regardless of the IP(s) you enter for testing, they all A) basically say every bloody port is open, and B) just to get things moving, I used a known vulnerable VM to see how exploits got handled in all this routing. Well, not to smooth. Basically they EOF over and over, so you'll see the box pop (turn red and lightning) then just die (End of File). Before I start pulling hair and messing with routing tables, and most importantly, mucking the whonix gateway which I shouldn't really touch to mouch, wanted to run this scenario buy you guys. See if anyone has tried this out, worked/not worked etc etc. Would love to work this one out with some discussion. Thoughts? Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.