Hi everyone, Today i am going to demonstrate how to send BurpSuite requests through tor proxy servers. First understand the scenario what we are going to do,
In general we set our browser's proxy to "127.0.0.1:9050" on which tor proxy daemon is running. So our request is directly going through "tor proxy servers" to the
destination.
Browser --> Tor Proxy --> Destination
Lets add BurpSuite in-between the Browser and a Tor proxy, to do so we need to specify two interfaces to Burp one will handle requests from the browser to Burp and second will send requests from Burp
to tor proxy.
Open /etc/apt/resouces.list file using any editor in BackTrack and add following line.
"deb http://deb.torproject.org/torproject.org lucid main"
Open command prompt and run following commands to install tor
gpg --keyserver keys.gnupg.net --recv 886DDD89
gpg --export A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89 | sudo apt-key add -
apt-get update
apt-get install tor tor-goipdb
apt--get install privoxy
Now we have successfully installed tor & piroxy.
open /etc/privoxy/config file and uncomment the following line
forward-socks4a / 127.0.0.1:9050
start both the services tor & privoxy.
/etc/init.d/tor start
/etc/init.d/privoxy start
First you need to configure your browser to point to Burp for outbound HTTP & HTTPS connection, then you need to set your SOCKS proxy to point to your tor service running
on port 9050 by default.
<a href="http://3.bp.blogspot.com/-5hs1GX8L8Uw/UJpp2O5-2WI/AAAAAAAAAAU/6aPcAv5-hlg/s1600/1.PNG"></a>
Finally configure BurpSuite to point to privoxy.
Select "options tab" in Burp and navigate to 'upstream proxy server' click on 'add' button. By default privoxy runs on port '8118' so add proxy host and port accordingly.
<a href="http://3.bp.blogspot.com/-7AIfDMdq4XI/UJpsOOXimbI/AAAAAAAAAAc/w9_bVB3A6eo/s1600/Untitled.png"></a>
<a href="http://4.bp.blogspot.com/-2EJxbKA4bXk/UJps4a_C_nI/AAAAAAAAAAk/c6wCnrDHzLQ/s1600/2.png"></a>
To verify that you are being routed through tor network visit
<a href="http://www.whatismyipaddress.com/">www.whatismyipaddress.com</a>
Keep visiting blog for exploits and vulnerabilities :)