Leave a like if you learned something :)
Installation of TOR in Kali Linux
Tor is very easy to install in Kali Linux, you just need to type the following command to install:
In case, if it shows some kind of error regarding “Unable to locate package” then do run “sudo apt-get update” command before installation of TOR and then try the same with above command.
To start the Tor, simply type “tor” in same terminal which takes approx 1-2 minutes to start and don’t close this terminal:
When trying to exploit any website using sqlmap, its always a good idea to be anonymous.
Sqlmap has excellent support for using common proxies or tor.
Ensure that your tor is running the socks5 daemon on port 9050. Then use the socks5 proxy with sqlmap as shown in following command:
Here, –tor option by default tries to use HTTP Proxy instead of SOCKS5, therefore it is necessary to mention the proxy type which is SOCKS5 in this case along with port number 9050 by adding –tor-port=9050 –check-tor (optional).
To further improve, you can also add fake User-Agent of Google Bot as shown below:
By executing above command, you are going to look like a Google Bot and your IP would be that of some TOR Exit node.
Furthermore, if you want to use some tools like Nmap, or Metasploit then you need to install one more tool i.e. Proxychains which you can easily install by typing the following command:
Now run the following command to add the proxy IP along with Port in proxychains.conf file:
Suppose, you want to run nmap against some IP, then type:
You can also run Metasploit over Tor by setting below option:
[ Hidden Content! ]
Installation of TOR in Kali Linux
Tor is very easy to install in Kali Linux, you just need to type the following command to install:
Code:
apt-get install tor Spoiler:
To start the Tor, simply type “tor” in same terminal which takes approx 1-2 minutes to start and don’t close this terminal:
Spoiler:
Sqlmap has excellent support for using common proxies or tor.
Ensure that your tor is running the socks5 daemon on port 9050. Then use the socks5 proxy with sqlmap as shown in following command:
Code:
sqlmap -u <vulnerable website> –tor –tor-type=SOCKS5 Spoiler:
To further improve, you can also add fake User-Agent of Google Bot as shown below:
Code:
sqlmap -u <Vulnerable Website> –tor –tor-type=SOCKS5 –user-agent=”Googlebot (compatible; Googlebot/2.1; +http://www.google.com/bot.html)” Spoiler:
Furthermore, if you want to use some tools like Nmap, or Metasploit then you need to install one more tool i.e. Proxychains which you can easily install by typing the following command:
Code:
apt-get install proxychains Spoiler:
Code:
echo socks5 127.0.0.1 9050 >> /etc/proxychains.conf Spoiler:
Code:
proxychains nmap -n 8.8.8.8 Spoiler:
Code:
set Proxies socks5:127.0.0.1:9050 Spoiler: