After a Cyber Security Awareness Training for company X, I thought about sharing the idea and even the script used to make it easier and available for everyone.
-
By Users :
-
By Country :
-
By Relays :
-
By Relays :
So, here we'll use a docker image with Tor installed on it. We
On docker I'm going to use alpine instead of Debian on docker for it's light weight.
starting with tor config file torrc / (/etc/tor/torrc)
VirtualAddrNetwork 0.0.0.0/10
AutomapHostsOnResolve 1
DNSPort 0.0.0.0:53530
SocksPort 0.0.0.0:9050
you can change port 1962 to your own
and now the Dockerfile
FROM alpine:latest
RUN apk update && apk add tor
COPY torrc /etc/tor/torrc
RUN chown -R tor /etc/tor
USER tor
ENTRYPOINT ["tor"]
CMD ["-f", "/etc/tor/torrc"]
- The containing of the folder should be :
Now let's build and image : docker build -t sofiane/tor .
Check the image `docker image ls | grep sofiane/tor
Start by running the docker image docker run --rm --detach --name tor --publish 1962:1962 sofiane/tor
Now let's test it out!
- Without Proxy : My Real IP
- With Proxy : a Tor exit
You can check with tor website too :
curl --socks5 localhost:9050 --socks5-hostname localhost:9050 -s https://check.torproject.org/ | cat | grep -m 1 Congratulations | xargs
We won't use the VPN on a docker, because first we need to create the tun device on the container which is a kill for the Security.
So to setup as a vpn, we'll use a Linux VPS ( Debian )
For the VPN, you will always use the same Tor config file!
But, you'll need to make some changes to the iptables rules.
these rules are for the transparently, what we call
Transparent Routing Traffic Through Tor
Check Tor website explaining this in details : TransparentProxy
First of all, add these 3 Environment variables
And the iptables rules :
don't forget that you need openvpn, iptables and tor installed on your machine.
Final step, is to create your own openvpn profile, to do that I suggest you this small script that I love and use often :
$ curl -O https://raw.githubusercontent.com/angristan/openvpn-install/master/openvpn-install.sh
$ chmod +x openvpn-install.sh
and run it using
$ ./openvpn-install.sh
and for setting the rules, we will use this script :
Okey, now let's do this together !
-
1 - connect to the vps ( don't forget to allow traffic on the used ports)
-
2 - install all the needed packages
-
3 - change the
torrcfilecurl -L https://raw.githubusercontent.com/SofianeHamlaoui/Tor-scripts/main/torrc > /etc/tor/torrc > torrc && sudo mv torrc /etc/tor/torrc -
4 - Using the openvpn script
and save the
.ovpnfile -
5 - Enabling OpenVpn & Tor services :
-
6 - Adding the rules
$ curl -O https://raw.githubusercontent.com/SofianeHamlaoui/Tor-scripts/main/vpn.sh && chmod +x vpn.sh $ sudo ./vpn.sh
Congrats ! now you can surf the net using a VPN through TOR connection.
© 2021 - Sofiane Hamlaooui - Making the world a better place 🌎