1
00:00:00,360 --> 00:00:01,740
Instructor: Welcome back.

2
00:00:01,740 --> 00:00:02,880
In the last video,

3
00:00:02,880 --> 00:00:05,550
we talked about using Tor Browser

4
00:00:05,550 --> 00:00:09,213
to anonymize our traffic on the internet.

5
00:00:10,170 --> 00:00:12,060
Right now, let's take a look at

6
00:00:12,060 --> 00:00:15,870
how we can use something called proxy

7
00:00:15,870 --> 00:00:19,350
to redirect our Nmap scans through a third-party

8
00:00:19,350 --> 00:00:21,420
in order to mask our

9
00:00:21,420 --> 00:00:25,500
original physical address and IP address

10
00:00:25,500 --> 00:00:27,633
to the target that we are scanning.

11
00:00:28,710 --> 00:00:30,570
So in order to do that,

12
00:00:30,570 --> 00:00:31,403
what you want to do

13
00:00:31,403 --> 00:00:33,870
is you want to start your terminal first,

14
00:00:33,870 --> 00:00:36,360
and the first thing that we want to redo,

15
00:00:36,360 --> 00:00:39,990
in case you haven't done it in the previous lecture,

16
00:00:39,990 --> 00:00:44,043
is to run sudo apt-get install tor.

17
00:00:45,150 --> 00:00:47,070
It will ask you for your password,

18
00:00:47,070 --> 00:00:49,080
and once you type the password in,

19
00:00:49,080 --> 00:00:52,710
it will install the Tor service for you.

20
00:00:52,710 --> 00:00:56,280
In case you have already done this in the previous lecture,

21
00:00:56,280 --> 00:00:58,470
the next command that we want to do

22
00:00:58,470 --> 00:01:01,980
is we want to actually start the Tor service.

23
00:01:01,980 --> 00:01:02,880
And we can do it

24
00:01:02,880 --> 00:01:05,730
with the help of this command right here,

25
00:01:05,730 --> 00:01:07,803
service tor start.

26
00:01:08,700 --> 00:01:10,143
Press enter.

27
00:01:11,160 --> 00:01:14,940
And you won't get any output back for this command.

28
00:01:14,940 --> 00:01:17,520
It will only ask for password,

29
00:01:17,520 --> 00:01:19,290
which you have to type in,

30
00:01:19,290 --> 00:01:21,930
and the Tor service will be started.

31
00:01:21,930 --> 00:01:25,600
We can check it by typing service tor status

32
00:01:26,610 --> 00:01:30,723
and it will say that the status is active.

33
00:01:32,430 --> 00:01:33,900
Next thing we want to do

34
00:01:33,900 --> 00:01:36,210
is we want to install ProxyChains,

35
00:01:36,210 --> 00:01:38,010
which is a tool that will allow us

36
00:01:38,010 --> 00:01:42,300
to filter our traffic through a proxy.

37
00:01:42,300 --> 00:01:44,370
And in this specific video,

38
00:01:44,370 --> 00:01:47,250
we're going to filter it using the Tor service,

39
00:01:47,250 --> 00:01:49,710
so our IP address will change

40
00:01:49,710 --> 00:01:52,380
with the help of Tor service.

41
00:01:52,380 --> 00:01:55,020
To install ProxyChains, you run this command:

42
00:01:55,020 --> 00:01:57,573
sudo apt-get install proxychains.

43
00:01:59,760 --> 00:02:03,030
For me, I have already installed ProxyChains,

44
00:02:03,030 --> 00:02:05,820
for you, it might take a minute or two to finish.

45
00:02:05,820 --> 00:02:07,470
And as soon as it's done,

46
00:02:07,470 --> 00:02:10,139
we want to navigate to its configuration file

47
00:02:10,139 --> 00:02:12,570
to set an option or two.

48
00:02:12,570 --> 00:02:13,980
To do that, we want to type

49
00:02:13,980 --> 00:02:18,270
sudo nano /etc/proxychains.conf,

50
00:02:20,940 --> 00:02:22,893
which is short for configuration.

51
00:02:24,060 --> 00:02:26,220
It will open this file,

52
00:02:26,220 --> 00:02:30,420
and the settings that you want to have are these ones.

53
00:02:30,420 --> 00:02:35,250
You want to hash the strict_chain or comment it out.

54
00:02:35,250 --> 00:02:38,313
And you want to enable the dynamic_chain.

55
00:02:39,150 --> 00:02:44,150
Down here, we also want to add socks5 support,

56
00:02:44,340 --> 00:02:47,520
which will be filtered through the local host

57
00:02:47,520 --> 00:02:50,550
on port 9050.

58
00:02:50,550 --> 00:02:53,550
Even here, it says defaults set to tor.

59
00:02:53,550 --> 00:02:57,060
We have socks4 on local host 9050,

60
00:02:57,060 --> 00:03:01,203
and socks5 on local host 9050.

61
00:03:02,190 --> 00:03:04,710
Once you have all of these options set,

62
00:03:04,710 --> 00:03:07,680
you want to save the configuration file,

63
00:03:07,680 --> 00:03:09,420
exit the configuration file,

64
00:03:09,420 --> 00:03:12,180
and just small quick tip,

65
00:03:12,180 --> 00:03:15,300
make sure you use sudo once changing the configuration file,

66
00:03:15,300 --> 00:03:18,090
because otherwise it will not work.

67
00:03:18,090 --> 00:03:19,620
You won't have the permission

68
00:03:19,620 --> 00:03:21,780
to change this configuration file

69
00:03:21,780 --> 00:03:23,103
if you don't use sudo.

70
00:03:24,240 --> 00:03:27,120
Now to make sure all of it works,

71
00:03:27,120 --> 00:03:29,760
let's try to run ProxyChains

72
00:03:29,760 --> 00:03:33,600
and then let's for example, open Firefox.

73
00:03:33,600 --> 00:03:35,400
If this works,

74
00:03:35,400 --> 00:03:37,860
then we should have a stable internet connection

75
00:03:37,860 --> 00:03:40,710
which will be a little bit slower in Firefox.

76
00:03:40,710 --> 00:03:44,163
And also our IP address should change.

77
00:03:45,780 --> 00:03:47,880
Pretty much the same thing that we did with Tor,

78
00:03:47,880 --> 00:03:51,450
but right now, it should also do it in Firefox.

79
00:03:51,450 --> 00:03:54,990
Let's first of all try to access google.com

80
00:03:54,990 --> 00:03:56,763
just to see whether we can load it.

81
00:04:00,420 --> 00:04:03,780
And you notice it does take some time to finish.

82
00:04:03,780 --> 00:04:07,050
And next thing we want to do is type

83
00:04:07,050 --> 00:04:09,780
what is my IP?

84
00:04:09,780 --> 00:04:11,430
We just want to make sure

85
00:04:11,430 --> 00:04:14,670
that we successfully masked our IP address.

86
00:04:14,670 --> 00:04:18,720
So currently, we have this IP address.

87
00:04:18,720 --> 00:04:20,940
You can already see that my results

88
00:04:20,940 --> 00:04:22,530
are given in different language,

89
00:04:22,530 --> 00:04:24,573
which is always a good sign.

90
00:04:26,130 --> 00:04:28,293
And if I go on whatismyip.com,

91
00:04:30,240 --> 00:04:32,010
we should see where exactly

92
00:04:32,010 --> 00:04:33,993
is this IP address located?

93
00:04:35,070 --> 00:04:35,903
Here it is.

94
00:04:38,400 --> 00:04:40,563
This is the location of the IP.

95
00:04:42,030 --> 00:04:45,363
And let's take a look at one more result.

96
00:04:49,290 --> 00:04:53,160
And you notice it does take quite some time

97
00:04:53,160 --> 00:04:54,450
for pages to load,

98
00:04:54,450 --> 00:04:56,010
but this is quite normal

99
00:04:56,010 --> 00:04:59,853
since our traffic is going through a proxy.

100
00:05:02,730 --> 00:05:05,940
And for some reason this timed out, nevermind.

101
00:05:05,940 --> 00:05:08,250
We already checked on one site,

102
00:05:08,250 --> 00:05:11,910
and we successfully changed our IP address

103
00:05:11,910 --> 00:05:14,820
so it will appear like this

104
00:05:14,820 --> 00:05:16,893
to any website that we visit.

105
00:05:18,150 --> 00:05:21,180
Now that we confirmed that this works,

106
00:05:21,180 --> 00:05:23,340
we can close Firefox,

107
00:05:23,340 --> 00:05:25,710
which will automatically close this command

108
00:05:25,710 --> 00:05:28,290
and give us our terminal back.

109
00:05:28,290 --> 00:05:31,680
And now to run the Nmap scan,

110
00:05:31,680 --> 00:05:34,020
all you have to do is simply type

111
00:05:34,020 --> 00:05:36,723
proxychains, and then nmap.

112
00:05:37,878 --> 00:05:40,680
And for example, let's go with nmap.org.

113
00:05:40,680 --> 00:05:42,450
We want to scan it.

114
00:05:42,450 --> 00:05:45,513
Let's use -F command, we already know what it does.

115
00:05:47,490 --> 00:05:50,163
And the scan will run.

116
00:05:51,000 --> 00:05:53,100
Now one thing about this is

117
00:05:53,100 --> 00:05:56,220
that the scans will run much slower

118
00:05:56,220 --> 00:05:58,260
than without proxy chains,

119
00:05:58,260 --> 00:05:59,850
which is also normal.

120
00:05:59,850 --> 00:06:01,830
Same way our traffic is slower

121
00:06:01,830 --> 00:06:03,330
when we go on Firefox,

122
00:06:03,330 --> 00:06:05,280
and when we go on Tor Browser.

123
00:06:05,280 --> 00:06:09,270
The same reason is behind the slow Nmap scan.

124
00:06:09,270 --> 00:06:12,090
As you can see, it already scanned couple of ports.

125
00:06:12,090 --> 00:06:15,360
It found the port 80 to be open.

126
00:06:15,360 --> 00:06:19,140
For port 139, we got socket error or timeout.

127
00:06:19,140 --> 00:06:22,230
And it will do this for each and every port.

128
00:06:22,230 --> 00:06:25,800
And nmap.org won't really know

129
00:06:25,800 --> 00:06:28,443
where our traffic is coming from.

130
00:06:29,310 --> 00:06:32,460
Nonetheless, we got all of this to work well.

131
00:06:32,460 --> 00:06:35,310
We also found port 22 to be open,

132
00:06:35,310 --> 00:06:38,940
which is I believe, correct result.

133
00:06:38,940 --> 00:06:40,410
And that is pretty much it,

134
00:06:40,410 --> 00:06:42,210
it's as simple as that.

135
00:06:42,210 --> 00:06:46,470
Now you can combine different options with the Nmap scan.

136
00:06:46,470 --> 00:06:48,600
All of those options that we already covered,

137
00:06:48,600 --> 00:06:50,490
feel free to use them.

138
00:06:50,490 --> 00:06:54,390
Now, nmap.org is allowed to be scanned,

139
00:06:54,390 --> 00:06:56,970
but don't scan it multiple times.

140
00:06:56,970 --> 00:06:58,260
They say it on their website

141
00:06:58,260 --> 00:07:02,190
that you shouldn't spam scans on their website.

142
00:07:02,190 --> 00:07:05,010
You can scan it once or twice.

143
00:07:05,010 --> 00:07:06,990
That would be about it for this video.

144
00:07:06,990 --> 00:07:08,610
This is how we can combine

145
00:07:08,610 --> 00:07:12,900
proxy Tor service and our Nmap scan,

146
00:07:12,900 --> 00:07:16,260
the same way we would combine this ProxyChains

147
00:07:16,260 --> 00:07:20,130
with other tools as well that support it.

148
00:07:20,130 --> 00:07:22,620
Nonetheless, thank you for watching this video.

149
00:07:22,620 --> 00:07:25,110
And in the next video we are going to take a look

150
00:07:25,110 --> 00:07:29,850
at how we can run VPN inside of Kali Linux.

151
00:07:29,850 --> 00:07:31,250
See you in the next lecture.