Jump to content
Hak5 Forums
Shad

[Module] TORtle - TORShell + TORGateway

Recommended Posts

Shad   

Hi!

This will be the discussion/support thread for TORtle module. I sent the pull request several days ago but as I don't know when it will pushed I decided to open the thread already and attach the file just in case anyone wants to try it.

First, what is TORtle?

It's bassically a module that combines TOR and LAN Turtle in an automatic convenient way. It does two main things:

1- TORShell: Sets up a hidden service inside TOR network. By default it is a TORShell (SSH within TOR), that is a redirection to local port 22 (ssh)... but you can configure to offer any service you want.

This offers another possibility of remote shell WITHOUT requiring any sort of proxy/host pivoting or reverse connection to your machine.

LAN Turtle has lots of reverse shell options, which is cool, but having the possibility of direct/arbitrary/anonymous direct shells might be handy in some usage cases. TORShell offers just another one of those options.

Also you can use it to host an httpd server (or any other service) inside TOR if you want. For example:

My Turtle has a web server at: securityfrod4xaa.onion (or https://securityfrod4xaa.onion.to if connecting from "regular" internet).

Of course all of this is provided by the openwrt 'tor' client, TORtle just takes care of automagically setting it all up for you.

2- TORGateway: If enabled, automatically and conveniently forwards all ETH0 traffic through a TOR Transparent Proxy. It's a very simple way make all the connectivity for the USB connected PC go through TOR, simply starting the service with that configuration and not having to do anything else on the PC. TORtle will take care of all the necessary redirections for you.

Also, another option is to just run the regular TOR Proxy, for which you can also enable/disable turtle's IP forwarding for added prevention against unintentional leaks.

All of this you can choose in the simple configuration screen.

I also think that this could be a good place to discuss what are the best/more secure ways to access the TOR network. Ie: The risks of DNS leaking, other spyware inadvertently leaking when forwarding ALL traffic, if it is prefereable to use torified applications with a regular TOR proxy instead a full gateway, etc...

And also, any bugs or ideas to improve TORtle are very much welcome. I *really* need your feedback.

Thanks!

P.D.: I don't see the file I attached to my post... anyway, you can download it from https://securityfrod4xaa.onion.to/tortle

Just place it on /etc/turtle/modules and you are all set to use it from 'turtle' menu.

- Shad.

Edited by Shad
  • Upvote 2

Share this post


Link to post
Share on other sites
Shad   

Thanks Darren!

Let's see if anyone tries it AND post some feedback about it. Otherwise I will just leave it as it is, as it currently does everything I needed for my usage case.

Share this post


Link to post
Share on other sites

Hey Shad,

thanks for the great module it works perfectly for connecting back in using the hidden-service! Wouldn't it be cool to have pluggable transports included to hide the TOR traffic from DPI ans so forth?

I am unfortunatly not aware if this would be possible with the hidden service...

Best regards!

  • Upvote 1

Share this post


Link to post
Share on other sites

@Shad

As it seemed, that you aren't anymore active on this module, I forked it and did some changes:

- added a submenu to the configuration
- added tor bridges
- added http & httpsproxy
- added FascistFirewall

@cyb3rwr3ck

Does this fullfill your request?

@all:

This version needs to be tested, so feel free to get it here: https://github.com/GermanNoob/tortle

@Darren Kitchen

What steps do I have to take to get the version added to the repo (after it is tested of course)?

 

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


  • Recently Browsing   0 members

    No registered users viewing this page.

×