/TorOverVPN

Setup a Tor over VPN or proxy/ VPS or Docker

Primary LanguageShell

Tor Docker Proxy & TOR over VPN

After a Cyber Security Awareness Training for company X, I thought about sharing the idea and even the script used to make it easier and available for everyone.

header

Before doing anything, you can check here some Tor uses/users statistics 05/2021

  • By Users : stats

  • By Country : stats

  • By Relays : stats

  • By Relays : stats

How TOR over VPN works ?

Starting with docker

So, here we'll use a docker image with Tor installed on it. We

Docker

On docker I'm going to use alpine instead of Debian on docker for it's light weight.

Configuring the image

starting with tor config file torrc / (/etc/tor/torrc)

    VirtualAddrNetwork 0.0.0.0/10
    AutomapHostsOnResolve 1
    DNSPort 0.0.0.0:53530
    SocksPort 0.0.0.0:9050

you can change port 1962 to your own

Config

and now the Dockerfile

FROM alpine:latest
RUN apk update && apk add tor
COPY torrc /etc/tor/torrc
RUN chown -R tor /etc/tor
USER tor
ENTRYPOINT ["tor"]
CMD ["-f", "/etc/tor/torrc"]

Dockerfile

  • The containing of the folder should be :

output

Now let's build and image : docker build -t sofiane/tor .

Built

Check the image `docker image ls | grep sofiane/tor

check

Using the proxy

Start by running the docker image docker run --rm --detach --name tor --publish 1962:1962 sofiane/tor

Now let's test it out!

  • Without Proxy : My Real IP noproxy
  • With Proxy : a Tor exit proxy

You can check with tor website too : curl --socks5 localhost:9050 --socks5-hostname localhost:9050 -s https://check.torproject.org/ | cat | grep -m 1 Congratulations | xargs

Configuring the VPN

We won't use the VPN on a docker, because first we need to create the tun device on the container which is a kill for the Security.

So to setup as a vpn, we'll use a Linux VPS ( Debian )

For the VPN, you will always use the same Tor config file!

But, you'll need to make some changes to the iptables rules.

these rules are for the transparently, what we call Transparent Routing Traffic Through Tor

Check Tor website explaining this in details : TransparentProxy

First of all, add these 3 Environment variables And the iptables rules :

don't forget that you need openvpn, iptables and tor installed on your machine.

Final step, is to create your own openvpn profile, to do that I suggest you this small script that I love and use often :

$ curl -O https://raw.githubusercontent.com/angristan/openvpn-install/master/openvpn-install.sh
$ chmod +x openvpn-install.sh

and run it using

$ ./openvpn-install.sh

and for setting the rules, we will use this script :

Okey, now let's do this together !

  • 1 - connect to the vps ( don't forget to allow traffic on the used ports)

  • 2 - install all the needed packages

  • 3 - change the torrc file

    curl -L https://raw.githubusercontent.com/SofianeHamlaoui/Tor-scripts/main/torrc > /etc/tor/torrc > torrc && sudo mv torrc /etc/tor/torrc

  • 4 - Using the openvpn script

    and save the .ovpn file

  • 5 - Enabling OpenVpn & Tor services :

  • 6 - Adding the rules

    $ curl -O https://raw.githubusercontent.com/SofianeHamlaoui/Tor-scripts/main/vpn.sh && chmod +x vpn.sh
$ sudo ./vpn.sh

Congrats ! now you can surf the net using a VPN through TOR connection.

© 2021 - Sofiane Hamlaooui - Making the world a better place 🌎