Tor && Vidalia Ports

Daniel Ericsson deric at macports.org
Mon Apr 16 01:25:39 PDT 2012


On 16 apr 2012, at 05:52, Jasper Frumau wrote:

> Now on my issues with tor from the command line:
> 
> tor -help start did not help:

For documentation on tor see: `man tor`

> $ tor -help start
> Apr 16 09:19:45.830 [notice] Tor v0.2.2.35 (git-b04388f9e7546a9f). This is experimental software. Do not rely on it for strong anonymity. (Running on Darwin i386)
> Apr 16 09:19:45.830 [notice] Configuration file "/opt/local/etc/tor/torrc" not present, using reasonable defaults.
> Apr 16 09:19:45.831 [warn] Failed to parse/validate config: Unknown option 'help'.  Failing.
> Apr 16 09:19:45.831 [err] Reading config failed--see warnings above.
> 
> But when I entered tor as a command, it did start it all up. Just not sure how I can test it from the terminal..
> 
> When I tried to use tor to test the security of a site of mine using wpscan and tor host:port 127.0.0.1:9050 I did see this error:
> 
> Apr 16 09:47:43.641 [warn] Socks version 71 not recognized. (Tor is not an http proxy.)
> Apr 16 09:47:43.642 [warn] Socks version 71 not recognized. (Tor is not an http proxy.)
> Apr 16 09:47:43.642 [warn] Socks version 71 not recognized. (Tor is not an http proxy.)
> Apr 16 09:47:43.643 [warn] Socks version 71 not recognized. (Tor is not an http proxy.)

Tor runs as a SOCKS proxy not as an http proxy, this is why you see this error.

> so I installed privoxy. I did no longer receive the same error and could see the privoxy online page to see it was running. But when I pick privoxy for all protocols in Firefox using 127.0.0.1 and port 8118 and went to whatismyip.com I still got my ip address. So I am not sure if my application using --proxy 127.0.0.1:8118 is really making the call anonymous even though I did not get any errors. And there you go, when I checked the access logs my IP address was logged. 
> 
> I asked for some tips at wpscan, but if anyone on the list has any ideas what I am missing please let me know.

privoxy seems to be an http proxy. By using it instead of Tor, your traffic isn't routed through Tor - so of course you don't get any errors and your IP isn't anonymized. You can probably set up privoxy to in turn route it's traffic through Tor but you'll have to look to the privoxy documentation on how to do that.

To use Tor once it's started and bootstrapped. Go into System Preferences -> Network -> Click "Advanced..." for the interface you are connecting to the internet with -> Go to the "Proxies" tab -> Check "SOCKS Proxy" and enter "localhost:98050" for SOCKS Proxy Server address.

This will allow most Mac apps written to read the proxy settings to route through Tor. Most command line apps aren't written for Mac OS X specifically though so they need to have support for using a SOCKS and be configured separately to use Tor's SOCKS proxy on localhost:9050.

eg. curl --socks5 localhost:9050 http://yourwordpressblog.com/
    or
    curl --socks4a localhost:9050 http://yourwordpressblog.com/ - to have the DNS resolution flow through Tor as well.

-- Daniel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/macports-users/attachments/20120416/543463ff/attachment.html>


More information about the macports-users mailing list