redspace Posted June 2, 2014 Share Posted June 2, 2014 Love Tails and use it daily, only problem is I keep on running into a lot of sites that block tor ip addresses. Since there are thousands of free proxy lists (socks 4/5 proxy ips) is there any way to chain a proxy ip in Tails? If so, how? Thanks. Apologize if this isn't posted in the correct section, I couldn't find an area to ask questions. Quote Link to comment Share on other sites More sharing options...
Sitwon Posted June 4, 2014 Share Posted June 4, 2014 The board labeled Questions was probably the correct place to put this... https://forums.hak5.org/index.php?/forum/11-questions/ It's possible to nest/chain proxies. I've done it in Linux, so I'm sure Tails could do it. However I've never used Tails before so I can't give Tails-specific instructions. I'm downloading it now. Quote Link to comment Share on other sites More sharing options...
cooper Posted June 4, 2014 Share Posted June 4, 2014 If you're going via an open proxy, why are you still bothering with Tor? All your data will travel via that one machine, in (to that machine) plain text. You've just obliterated all your security... If you're worried about the content on the line towards the proxy not being secure, find one that does https. There's plenty of them shown on www.hidemyass.com Quote Link to comment Share on other sites More sharing options...
Sitwon Posted June 4, 2014 Share Posted June 4, 2014 Going through Tor does allow you to hide your originating IP address from the open proxy.Tor sees that you're making an encrypted connection to an open proxy, the open proxy sees that someone on the Tor network is visiting the target website. If the target website uses SSL/TLS then the open proxy knows neither your original IP address nor the contents of your communication. Tor knows your original IP, but not who you were talking to or what you were saying. Quote Link to comment Share on other sites More sharing options...
digip Posted June 4, 2014 Share Posted June 4, 2014 (edited) Going through Tor does allow you to hide your originating IP address from the open proxy. Tor sees that you're making an encrypted connection to an open proxy, the open proxy sees that someone on the Tor network is visiting the target website. If the target website uses SSL/TLS then the open proxy knows neither your original IP address nor the contents of your communication. Tor knows your original IP, but not who you were talking to or what you were saying. Hmm. Not sure about all of that if using a public socks proxy through TOR, the proxy would become your exit point I would think and have control over what is sent back to you, including stripping SSL but serving you their own certificate "proxied" version while being able to inject into what they send back or track, sniff, etc. If you own your own domain though, once on TOR, you can then SSH tunnel to your domain over TOR, but then your still using something tied to you, such as your own domain as your exit point and from there, no end to end encryption, but the same could be said for TOR since once you leave your exit node, the traffic between it and the destination you request is not protected unless also SSL or such. To answer the ops question though, yes, you can do a socks proxy through TOR which makes you look like your IP to the Proxy is from TOR and not your home IP(so long as the app you are using can do socks5, ie: browser proxy settings) -and- as long as the connection is made after TOR is started. Same with a VPN. If you set up the proxy first, then start TOR or the VPN, your connection will be your home IP to the Proxy first rather than the latter. I can SSH tunnel using PuTTy as my socks5 proxy in my browser after I connect to my VPN or TOR and my IP connection showing up on my domain is that of my VPN. If I connect to it first, then start the VPN, anything using the socks proxy shows connected from my home IP to the proxy, but all other non socks traffic is then sent over the VPN, which I've tested before both ways to see what my IP is both at my SSH connection and on the web side via sites like IPChicken, which in either scenario, will show the socks tunnel IP at the requested destination. Edited June 4, 2014 by digip Quote Link to comment Share on other sites More sharing options...
phpsystems Posted June 4, 2014 Share Posted June 4, 2014 The program you want to use, providing it is available is proxychains: http://hak5.org/episodes/hak5-1119 Looks like it has been requested in Tails (from 2013): https://tails.boum.org/forum/featurerequest:_proxychains/ Quote Link to comment Share on other sites More sharing options...
Sitwon Posted June 4, 2014 Share Posted June 4, 2014 (edited) Hmm. Not sure about all of that if using a public socks proxy through TOR, the proxy would become your exit point I would think and have control over what is sent back to you, including stripping SSL but serving you their own certificate "proxied" version while being able to inject into what they send back or track, sniff, etc. If you own your own domain though, once on TOR, you can then SSH tunnel to your domain over TOR, but then your still using something tied to you, such as your own domain as your exit point and from there, no end to end encryption, but the same could be said for TOR since once you leave your exit node, the traffic between it and the destination you request is not protected unless also SSL or such. To answer the ops question though, yes, you can do a socks proxy through TOR which makes you look like your IP to the Proxy is from TOR and not your home IP(so long as the app you are using can do socks5, ie: browser proxy settings) -and- as long as the connection is made after TOR is started. Same with a VPN. If you set up the proxy first, then start TOR or the VPN, your connection will be your home IP to the Proxy first rather than the latter. I can SSH tunnel using PuTTy as my socks5 proxy in my browser after I connect to my VPN or TOR and my IP connection showing up on my domain is that of my VPN. If I connect to it first, then start the VPN, anything using the socks proxy shows connected from my home IP to the proxy, but all other non socks traffic is then sent over the VPN, which I've tested before both ways to see what my IP is both at my SSH connection and on the web side via sites like IPChicken, which in either scenario, will show the socks tunnel IP at the requested destination. If they strip the SSL you would be able to see that in the browser. If they provide their own cert, the browser should still warn you because it's not signed by a trusted root. If they used heartbleed to steal the target's cert or they have a "valid" signature from a trusted root (or can fake it) then I guess you're boned. But that requires a lot more sophistication, making it less likely, and there's nothing you can do about this scenario anyways. Now back to the question at hand. I just tested Tails in a VM and you can chain proxies, but not easily with the tools that come pre-packaged. What you need to do is install proxychains (apt-get update; apt-get install proxychains), then edit /etc/proxychains.conf to add your open proxy after the default line for Tor, then start your browser using proxychains and disable the proxy settings inside the browser itself (you want proxychains to handle the proxy connections, the browser's proxy settings will just confuse things). Tor itself works by creating a socks4 proxy that listens on localhost:9050, so you have to nest the socks connection to your open proxy inside the socks connection to your local Tor proxy, otherwise you're just bypassing Tor and directly-connecting to the second proxy. Proxychains will automate the nesting for you, and you can chain as many proxies together as you like. Edited June 4, 2014 by Sitwon Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.