Proxy chaining
We live in a world where privacy has an important role in our day-to-day life. The activities we perform using the Internet can tell a lot about a person's social and professional life. In the wrong hands, this information could result in various problems. Data collected could be used to hack bank accounts, social media accounts etc. Due to this reason, people choose to be anonymous while using internet, using a proxy. A proxy could be explained as a gateway between the user computer and the destination webpage. Normally while browsing through the website, your original IP is identified by the website, which could compromise your privacy. By the use of proxy chaining we bounce through a number of proxy servers and reach the destination. While using a proxy server you are not directly connected to the website. The proxy connects to the website and creates a cached version of the site and sends it to you, like a photocopy. If a proxy visits a website, then the page is cached in the proxy server. The next time someone visits the page, the proxy server loads from the cached page. This speeds up the process to an extent. If you check the IP that's connected to internet, it will be the ISP IP. But when using proxy server and chaining the IP displayed will be the last used proxy server's IP in the chain.
User ----------> Proxy -----------> Webpage
Earn two pentesting certifications at once!
Enroll in one boot camp to earn both your Certified Ethical Hacker (CEH) and CompTIA PenTest+ certifications — backed with an Exam Pass Guarantee.
Proxy Chaining is connecting two or more proxy servers to obtain the intended page. We can use asmany proxies as we want. Let's see an example as shown below:
User -----------> Proxy1 -----------> Proxy2 -----------> Proxy3 -----------> Proxy4-----------> Webpage
The user connects to proxy1 and from there to the next proxies as specified by the user until it finally reaches the destination. When the destination end searches for the IP, the Proxy4 IP is displayed as the user's IP. While using proxy chaining we have to make sure that the entire proxy server included in the chain are working properly. If any proxy IP fails to work, this means the connection can't be established. Then we have to replace the damaged proxy with a new one or exclude the damaged IP and connect the rest forming a new chain. Sometimes it can be a bit difficult to figure out which proxy has misfunctioned, if you are using too many proxies.
Proxy chaining is also used while carrying out an attack. It is a must if you are attempting to gain unauthorized access to any server. Even if you use proxy chaining you can't be 100% anonymous. You could be traced on the basis of each proxy used to establish a connection. It just makes it a lot harder to track. If you use foreign proxies, then it will be more complicated to find someone. Tracking could be done only by collecting the logs of each proxies used from the administrator. This could take a lot of time if we use a foreign proxy. As the time passes, it becomes more difficult to track a person. Administrators delete the logs after a certain period of time. Once the log is gone, it's just impossible to track the IP back. So while hacking, it's advised to use at least 5 foreign proxies in a chain. One of the main factors that is needed to be taken in consideration when using proxy chaining is the connection speed. Each server might have a different connection speed and lag according to their configuration. So during chaining there may be chance of a slow net speed due to lag in each server. The total lag while connecting to a page could be said as the sum of individual lags at each server. This gets worse if we are using more number of proxies in the chain.
Browser chaining
Browser chaining is an easy process. We make use of the browser for chaining proxies. This will work only for the requests made through the browser. Let's see how this can be done using Internet explorer browser. First, open the browser and go to "Internet options" in the settings menu. A window will appear with a few tabs at the top as shown in the figure below :
Figure 1 : Internet Option window in Internet Explorer.
Now, click on the Connections tab from the available tabs and select "LAN settings" button. A small window will pop up after clicking on the LAN settings button as shown below:
Figure 2: LAN Settings window to specify Proxy server details.
Check the "Use a proxy server" box in the window to type in the proxy server details in the field. If you just need to use a single proxy, then type in the IP and port number and click ok. To use proxy chaining, click on the advanced button and type in the proxy IP followed by the port number in the box provided. Leave a space between each proxy IP. Now all the connections made from the browser is through the specified proxy servers.
There are various software that helps us to carryout proxy chaining. Let's discuss about one such piece of software called "Proxifier."
Proxifier
It's a simple piece of software that helps us to connect to various proxy servers across the world. All we have to do is type in the proxy IP, port number, and the socket type. While making use of proxy chaining there are some points you should remember:
- A proxy chain can contain various types of proxy servers like SOCKS v4, SOCKS v5, HTTPS etc.
- If using HTTP proxy, it should be placed at the last in the chain.
- The entire chain will not work if one proxy goes down.
-
The total lag will be the sum of all individual lags in the chain.
Figure 3: Proxifier window
This software has a variety of functions. The connections space as shown above in Figure 3 will display all the connections established form the particular system. The total time, data exchanged etc can be easily sorted out using this software. We can save the log according to our need. The connections made could be encrypted as per the user's requirement and various other options are available in this software. Click on the first icon in the panel called Proxy server configuration. A window will open up with a black space type in the proxy server details. You can create a number of chains and select them accordingly using this window. The window is as shown below:
Figure 4: Filling in proxy server details
The order of chain will be as specified in the list as shown in the figure above. We can drag and change the order according to our need. There will be a check box to enable and disable each proxy in the chain. There is also a proxy checker tool integrated to this software, which is a very helpful one. Under "View" in toolbar click on proxy checker to start checking the proxies. Some of the proxy servers available are disabled by the administrators due to various reasons. So to checking the servers before connecting it to the internet is a good idea. This tool could be used to check the status of the server. All we have to do is to specify the server address and the socket type with IP and click the check button. If it's a working proxy a message will be shown after the test that it's ready to use with proxifier.
TOR
Tor is a browser that helps us to browse anonymously making use of various proxy server available. In here we cannot specify proxy servers. But the browser itself skips through a few servers which are provided by the TOR network. It helps us to reach blocked destination or view censored contents by the help of the available channels.
I would not recommend TOR for extreme hacking purposes, but normal browsing could be done easily. All we have to do is to install the browser and type in the required page address. TOR's hidden services help us to publish websites and other services without revealing the original location. Tor is mainly used against a common form of internet surveillance called "traffic analysis". This is used to keep an eye on the activities of a public network. TOR cannot completely hide you from attackers. It protects the packets sent from your end by encrypting it and also by passing through various channels to make it hard for other to track. However, with sophisticated tools and efforts they could find information about your identity.
As the number of users in TOR increases, the number of source and destination in the network increases accordingly, increasing the security for everyone in the network. Some NGOs recommend the users to browse from TOR to hide their identity to the outer world. A branch of U S Navy uses TOR for open source intelligence. They use TOR for visiting websites without leaving government IP to their website log. The path selected by the browsers changes from time to time. There may be various nodes in between the connection. All this connections will be encrypted in the Tor network and the connection from the last node to the destination will be open. So when the website checks its log, only the last node path will be visible, keeping user's privacy.
Figure 5: TOR Browser
ProxyHam
ProxyHam brings a whole new level for being anonymous. It's a proxy device made by Ben Caudill which adds a radio connection to the users layer giving absolute protection. This device connects to Wi-Fi and relays a users internet connection over a 900 MHz radio connection to a faraway computer. ProxyHam has a range of about 2.5 miles (4 km approx). Even if the investigator fully traces the connection, they will only find the ProxyHam placed 4 km away from your original location. Device mainly consists of two parts. First one consists of Raspberry Pi computer connected to a Wi-Fi card and a small 900 MHz antenna which is to be kept at a far away location from yours. The other end consist of a 900 MHz antenna plugged in to the users Ethernet port.
Figure 6: ProxyHam
Proxy website service
There are various proxy websites that offer proxy services. Some of them may have a chain of servers behind and some of them just one or two. These websites are mainly used to access blocked websites or pages. Some of the Youtube videos are blocked in certain countries. These websites help us to view such blocked contents easily. The following is a list of such websites that offer this kind of service:
- https://www.filterbypass.me/
- https://www.proxysite.com/
- https://hide.me/en/proxy
- https://kproxy.com/
- https://zend2.com/
- http://www.proxywebsite.org/
- http://000freeproxy.com/
- https://www.hidemyass.com/proxy
There are some integrated browser add-ons like anonymox that provide proxy services. They have a small window, which allows us to select from available servers so that we could connect it to the destination. We cannot trust completely an such add-on. They might give a shield from normal scanning but on a thorough analysis the user IP could be easily determined. And also the number of available proxies is limited in such cases. So, this type could only be used for normal browsing purposes. The anonymox window is as shown below:
Figure 7: Anonymox window.
FREE role-guided training plans
Conclusion
Proxy chaining is a simple but effective method to stay anonymous over the internet. Not only hackers but normal users can also make use of such services to protect their privacy over the internet. Black hat hackers make use of several tools and software to switch between the proxy servers all over the world, which makes them very hard to track. By the use of normal browser and add-ons you won't get much security, but to an extent these could be used for day to day browsing purposes. We might also consider the internet speed while using such intermediate servers. If it's a popular website which the server has already cached, then the response time will be remarkable. These websites are loaded from cache database. When accessing a new webpage it takes a bit to load due to the lag in the intermediate servers. Now that we know how proxy chaining works, we can carry out our activities with relative anonymity. I used "relative" because there is no way to remain completely anonymous with the NSA spying across the globe. All we can do is to make detection a bit harder using proxy chaining.
Sources
Enroll in an Ethical Hacking Boot Camp and earn two of the industry’s most respected certifications — guaranteed.
- CEH exam voucher
- PenTest+ exam voucher
- Exam Pass Guarantee
- Live online hacking training
In this Series
- Proxy chaining
- The rise of ethical hacking: Protecting businesses in 2024
- How to crack a password: Demo and video walkthrough
- Inside Equifax's massive breach: Demo of the exploit
- Wi-Fi password hack: WPA and WPA2 examples and video walkthrough
- How to hack mobile communications via Unisoc baseband vulnerability
- How to build a hook syscall detector
- Top tools for password-spraying attacks in active directory networks
- NPK: Free tool to crack password hashes with AWS
- Tutorial: How to exfiltrate or execute files in compromised machines with DNS
- Top 19 tools for hardware hacking with Kali Linux
- 20 popular wireless hacking tools [updated 2021]
- 13 popular wireless hacking tools [updated 2021]
- Man-in-the-middle attack: Real-life example and video walkthrough [Updated 2021]
- Decrypting SSL/TLS traffic with Wireshark [updated 2021]
- Dumping a complete database using SQL injection [updated 2021]
- Hacking clients with WPAD (web proxy auto-discovery) protocol [updated 2021]
- Hacking communities in the deep web [updated 2021]
- How to hack Android devices using the StageFright vulnerability [updated 2021]
- Hashcat tutorial for beginners [updated 2021]
- How to hack a phone charger
- What is a side-channel attack?
- Copy-paste compromises
- Hacking Microsoft teams vulnerabilities: A step-by-step guide
- PDF file format: Basic structure [updated 2020]
- 10 most popular password cracking tools [updated 2020]
- Popular tools for brute-force attacks [updated for 2020]
- Top 7 cybersecurity books for ethical hackers in 2020
- How quickly can hackers find exposed data online? Faster than you think …
- Hacking the Tor network: Follow up [updated 2020]
- Podcast/webinar recap: What's new in ethical hacking?
- Ethical hacking: TCP/IP for hackers
- Ethical hacking: SNMP recon
- How hackers check to see if your website is hackable
- Ethical hacking: Stealthy network recon techniques
- Getting started in Red Teaming
- Ethical hacking: IoT hacking tools
- Ethical hacking: BYOD vulnerabilities
- Ethical hacking: Wireless hacking with Kismet
- Ethical hacking: How to hack a web server
- Ethical hacking: Top 6 techniques for attacking two-factor authentication
- Ethical hacking: Port interrogation tools and techniques
- Ethical hacking: Top 10 browser extensions for hacking
- Ethical hacking: Social engineering basics
- Ethical hacking: Breaking windows passwords
- Ethical hacking: Basic malware analysis tools
- Ethical hacking: How to crack long passwords
- Ethical hacking: Passive information gathering with Maltego
- Ethical hacking: Log tampering 101
- Ethical hacking: What is vulnerability identification?
- Ethical hacking: Breaking cryptography (for hackers)
Get certified and advance your career
- Exam Pass Guarantee
- Live instruction
- CompTIA, ISACA, (ISC)², Cisco, Microsoft and more!
