Hello everyone, I'm new on null-byte, it's my first question.
I've searched a lot on google about how making a reverse payload which use TOR network or a proxy, to avoid my IP appearing somewhere.
I had no really success in my search..
I prefer using TOR instead of proxy, however if TOR isn't possible I will use a proxy. Can someone tell me where to start ? I've heard about hidden TOR service; but it suppose that the victim machine has TOR on it, right?
Forum Thread:
How to Track Who Is Sms Bombing Me .
4
Replies
Forum Thread:
Removing Pay-as-You-Go Meter on Loan Phones.
1
Replies
Forum Thread:
Hydra Syntax Issue Stops After 16 Attempts
3
Replies
Forum Thread:
moab5.Sh Error While Running Metasploit
17
Replies
Forum Thread:
Execute Reverse PHP Shell with Metasploit
1
Replies
Forum Thread:
Install Metasploit Framework in Termux No Root Needed M-Wiz Tool
1
Replies
Forum Thread:
Hack and Track People's Device Constantly Using TRAPE
35
Replies
Forum Thread:
When My Kali Linux Finishes Installing (It Is Ready to Boot), and When I Try to Boot It All I Get Is a Black Screen.
8
Replies
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
12
Replies
Forum Thread:
Hack Instagram Account Using BruteForce
208
Replies
Forum Thread:
Metasploit reverse_tcp Handler Problem
47
Replies
Forum Thread:
How to Train to Be an IT Security Professional (Ethical Hacker)
22
Replies
Metasploit Error:
Handler Failed to Bind
41
Replies
Forum Thread:
How to Hack Android Phone Using Same Wifi
21
Replies
How to:
HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide]
177
Replies
How to:
Crack Instagram Passwords Using Instainsane
36
Replies
Forum Thread:
How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More
5
Replies
Forum Thread:
How Many Hackers Have Played Watch_Dogs Game Before?
13
Replies
Forum Thread:
How to Hack an Android Device with Only a Ip Adress
55
Replies
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
10
Replies
How to Hack Wi-Fi:
Cracking WPA2 Passwords Using the New PMKID Hashcat Attack
Tutorial:
Create Wordlists with Crunch
Tutorial:
DNS Spoofing
Hack Like a Pro:
How to Use Netcat, the Swiss Army Knife of Hacking Tools
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
How To:
Find Vulnerable Webcams Across the Globe Using Shodan
Hack Like a Pro:
How to Find Directories in Websites Using DirBuster
How To:
Dox Anyone
How To:
Automate Wi-Fi Hacking with Wifite2
How To:
Hack WPA & WPA2 Wi-Fi Passwords with a Pixie-Dust Attack Using Airgeddon
News:
Hack Your Computer's BIOS to Unlock Hidden Settings, Overclocking & More
How To:
Crack Password-Protected Microsoft Office Files, Including Word Docs & Excel Spreadsheets
How To:
Find Identifying Information from a Phone Number Using OSINT Tools
How To:
Make Your Own Bad USB
How To:
Top 10 Things to Do After Installing Kali Linux
Android for Hackers:
How to Turn an Android Phone into a Hacking Device Without Root
How To:
Spy on Traffic from a Smartphone with Wireshark
How To:
Extract Bitcoin Wallet Addresses & Balances from Websites with SpiderFoot CLI
How To:
Scrape Target Email Addresses with TheHarvester
How To:
Hunt Down Social Media Accounts by Usernames with Sherlock
8 Responses
And I'm speaking only about reverse connection because I suppose that i don't have the victim IP.
Futhermore, even if I have the IP, and that I try to connect to the infected computer; how will the victim box know to which computer my request must be transmitted? It would need a port redirection in the victim box?
Sorry for my bad english :)
Look, Tor is VERY complex...Your packets change their identity 3-4 times through Tor before arriving to their destination... Except if you used something like a .onion domain that points to your computer...I don't know o.O... Better stick with proxies... :)
The simple way is to follow this post https://null-byte.wonderhowto.com/how-to/install-parrotsec-sealth-and-anonsurf-modules-kali-2-0-0166918/ , after that all your traffic is routed through TOR. You can then find your public IP with the usual methods and then use it for your reverse connections
Alright, thanks for your answers :)
DONFN, for proxies, is it better to use bind or reverse tcp?
Do you have a complete tutorial about using them ? (I'm not familiar at all with proxies)
About the .onion domain, i've saw on internet some people using reverse http payloads to connect back to their computer, but I failed to reproduce it.
LULU, when you say to find my public IP, you mean that I find the IP of the 3rd tor server, the IP which is appearing when I'm connecting to websites for instance?
But there are problems using it for reverse connection :
Sorry if I misunderstood your says ^^
You can't use reverse connection trough a proxy, only bind
That is not accurate.
why so?
It would be impossible to use tools like metasploit with Tor, because tor specifically prohibits this sort of thing., because it has been used as a deanonymization technique to attack tor in the past, specifically to gain control of guard and exit nodes.
Share Your Thoughts