Mar 072014
 

I love irc.  I love tor.  I love freenode via tor.  But one thing I hate is that sometimes I can’t connect and I would have to open up my torrc file and change the MapAddress cname.  So, I created a script today which randomly cycles through the names and changes it for me…..it uses a bash array to accomplish this.

Continue reading »

May 152012
 
#!/bin/bash
 
# By Ed Wiget
# This script sets up a proxy so that you can audit web servers anonymously over tor
# 20111113 - initial script (better method)
# enable next line for debugging
#set -x
 
echo "Please enter the ip address of the target host or a domain name"
read dom
 
# this checks to see if we set a domain name or ip address
# it sets the variable IP to the ip address of domain or ip entered
# if you are auditing more than .com, .net, .org, .edu addresses, you need to add them below
if [ "`echo ${dom} | egrep 'com|net|org|edu' | wc -l`" = "1" ]; then
		IP=`tor-resolve ${dom}`
	else
		IP=${dom}
fi
 
# for debugging to make sure we are setting IP correctly
#echo ${IP}
 
# here we set up a socat proxy listening on localhost port 8080
# it forwards any tcp requests to ${IP} port 80
# via the socks tor listening on localhost 9050
sudo socat TCP4-LISTEN:8080,fork SOCKS4:127.0.0.1:${IP}:80,socksport=9050 &
 
# the sleep is required or the check for listening fails below
sleep 2
 
if [ "`sudo netstat -ptane | grep 8080 | wc -l`" = "1" ]; then
	echo "proxy started successfully"
else
	echo "proxy not running"
	exit
fi
 
# here we are going to check port 80 for a web server which will likely tell us the
# operating system too via the results
sudo proxychains nmap -sT -PN -n -sV ${IP} -p80
 
# here we need to set up w3af_gui running as root in order to connect to our proxy
echo "when w3af opens, click on advanced target settings"
sleep 1
echo "set the target ip in w3af to http://127.0.0.1:8080"
sleep 1
echo "set the targetos and targetframework in w3af as returned by the nmap check above"
sleep 1
sudo /pentest/web/w3af/w3af_gui &

 

So now you can audit a web app using w3af.  If you wanted to use nessus or metasploit, just plug in the address as 127.0.0.1:8080

Oct 042011
 

On backtrack 5, I had the hardest time getting chromium browser and tor working together.  I tried several pages with different topics on how to do it, but no matter what I tried, it never worked.  Even weirder was that firefox has always worked with tor and the tor button.  So here is a quick explanation of what I did….and weird thing is, I don’t really have an explanation…

First, I followed the lifehacker article like everybody else on the internet.

When it didn’t work, I tried several other pages.  I also validated firefox worked fine with tor, torsocks worked with lynx, and everything else I fed tor worked EXCEPT Chrome.  The fix was so simple, I am still laughing at it.

If you used the instructions above, go to Proxy Switchy Options.  Select your tor profile.  Then replace all of the 127.0.0.1 with localhost.  See attached image.

What is even more odd, is that my /etc/hosts file has 127.0.0.1 localhost local.domain entry so either should have worked, but only using localhost worked.

Fixed.