Hello everyone, I'm new on null-byte, it's my first question.
I've searched a lot on google about how making a reverse payload which use TOR network or a proxy, to avoid my IP appearing somewhere.
I had no really success in my search..
I prefer using TOR instead of proxy, however if TOR isn't possible I will use a proxy. Can someone tell me where to start ? I've heard about hidden TOR service; but it suppose that the victim machine has TOR on it, right?
Forum Thread:
HACK ANDROID with KALI USING PORT FORWARDING(portmap.io)
12
Replies
Forum Thread:
Hydra Syntax Issue Stops After 16 Attempts
2
Replies
Forum Thread:
Hack Instagram Account Using BruteForce
208
Replies
Forum Thread:
Metasploit reverse_tcp Handler Problem
47
Replies
Forum Thread:
How to Train to Be an IT Security Professional (Ethical Hacker)
22
Replies
Metasploit Error:
Handler Failed to Bind
41
Replies
Forum Thread:
How to Hack Android Phone Using Same Wifi
21
Replies
How to:
HACK Android Device with TermuX on Android | Part #1 - Over the Internet [Ultimate Guide]
177
Replies
How to:
Crack Instagram Passwords Using Instainsane
36
Replies
Forum Thread:
How to Hack an Android Device Remotely, to Gain Acces to Gmail, Facebook, Twitter and More
5
Replies
Forum Thread:
How Many Hackers Have Played Watch_Dogs Game Before?
13
Replies
Forum Thread:
How to Hack an Android Device with Only a Ip Adress
55
Replies
How to:
Sign the APK File with Embedded Payload (The Ultimate Guide)
10
Replies
Forum Thread:
How to Run and Install Kali Linux on a Chromebook
18
Replies
Forum Thread:
How to Find Admin Panel Page of a Website?
13
Replies
Forum Thread:
can i run kali lenux in windows 10 without reboting my computer
4
Replies
Forum Thread:
How to Hack School Website
11
Replies
Forum Thread:
Make a Phishing Page for Harvesting Credentials Yourself
8
Replies
Forum Thread:
Creating an Completely Undetectable Executable in Under 15 Minutes!
38
Replies
Forum Thread:
Hacking with Ip Only Part [1] { by : Mohamed Ahmed }
5
Replies
How To:
Crack Password-Protected Microsoft Office Files, Including Word Docs & Excel Spreadsheets
How To:
Use Burp & FoxyProxy to Easily Switch Between Proxy Settings
How To:
Gain SSH Access to Servers by Brute-Forcing Credentials
How To:
Find Identifying Information from a Phone Number Using OSINT Tools
How To:
Crack Shadow Hashes After Getting Root on a Linux System
How To:
Dox Anyone
BT Recon:
How to Snoop on Bluetooth Devices Using Kali Linux
How To:
Exploit EternalBlue on Windows Server with Metasploit
How To:
Make Your Own Bad USB
How To:
Use SQL Injection to Run OS Commands & Get a Shell
Tutorial:
Create Wordlists with Crunch
How To:
Run Kali Linux as a Windows Subsystem
How To:
Hack Android Using Kali (Remotely)
How To:
Crack SSH Private Key Passwords with John the Ripper
How To:
Find Vulnerable Webcams Across the Globe Using Shodan
How To:
Brute-Force Nearly Any Website Login with Hatch
How To:
Fuzz Parameters, Directories & More with Ffuf
How To:
Run USB Rubber Ducky Scripts on a Super Inexpensive Digispark Board
How To:
Automate Wi-Fi Hacking with Wifite2
How To:
Seize Control of a Router with RouterSploit
8 Responses
And I'm speaking only about reverse connection because I suppose that i don't have the victim IP.
Futhermore, even if I have the IP, and that I try to connect to the infected computer; how will the victim box know to which computer my request must be transmitted? It would need a port redirection in the victim box?
Sorry for my bad english :)
Look, Tor is VERY complex...Your packets change their identity 3-4 times through Tor before arriving to their destination... Except if you used something like a .onion domain that points to your computer...I don't know o.O... Better stick with proxies... :)
The simple way is to follow this post https://null-byte.wonderhowto.com/how-to/install-parrotsec-sealth-and-anonsurf-modules-kali-2-0-0166918/ , after that all your traffic is routed through TOR. You can then find your public IP with the usual methods and then use it for your reverse connections
Alright, thanks for your answers :)
DONFN, for proxies, is it better to use bind or reverse tcp?
Do you have a complete tutorial about using them ? (I'm not familiar at all with proxies)
About the .onion domain, i've saw on internet some people using reverse http payloads to connect back to their computer, but I failed to reproduce it.
LULU, when you say to find my public IP, you mean that I find the IP of the 3rd tor server, the IP which is appearing when I'm connecting to websites for instance?
But there are problems using it for reverse connection :
Sorry if I misunderstood your says ^^
You can't use reverse connection trough a proxy, only bind
That is not accurate.
why so?
It would be impossible to use tools like metasploit with Tor, because tor specifically prohibits this sort of thing., because it has been used as a deanonymization technique to attack tor in the past, specifically to gain control of guard and exit nodes.
Share Your Thoughts