Anon Surf with Kali Linux

Anon Surf has been ported to Kali Linux

In my previous post, I told you how to use circumvent internet censorship in your country, including a ban on Tor, with Parrot OS and Anon Surf.  Now, thanks to Und3rf10w, it is possible to use Anon Surf in Kali Linux as well.

To set it up, we will first need to clone the repository from GitHub with the following command in the terminal:

git clone https://github.com/Und3rf10w/kali-anonsurf.git

This will create a folder called kali-anonsurf in the folder you executed the command from.  Go into the kali-anonsurf folder and check its contents.  If the installer is not executable (Kali shows this as green in the terminal), you can make the installer.sh file executable with the following command:

chmod +x installer.sh

Then you should run the installer with:

./installer.sh

After the installation is complete, you will need to install the obfs4proxy package:

apt-get install obfs4proxy

With that complete, all that is left is getting your bridges and adding them to end of your /etc/tor/torrc file.

The first thing we need to do is is acquire some bridges from Tor at https://bridges.torproject.org.  If the Tor website is blocked, you can request your obfs4 bridges from Tor through email at bridges@bridges.torproject.org with the line “get bridges” by itself in the body of the mail.

Screenshot 2018-07-05 00.11.28.png

Once you’ve acquired your list of bridges, you can add to the end of your /etc/tor/torrc file in the following format and save.

UseBridges 1

ClientTransportPlugin obfs4 exec /usr/bin/obfs4proxy managed

Bridge obfs4 192.36.31.113:39269 366588398C6DB557AC04B006AFCD88E8F9AF1C32 cert=dPWEDqARFmsUWBTjKXwVPoI7eHltxjcCzusU7HVBI6X4OrALZ2sCK9+NVZA8hhfEKQXcWQ iat-mode=0

Bridge obfs4 34.223.222.1:9443 E2C03E5581695FB8EC8E612D397C8DF00E809278 cert=hXnB1g1tEDulE+BjdnI6f7HQXxs6GZeUEDve/K9Z/GJpLLgdXB+2v7SuH+K4EMN4m6fBCA iat-mode=0

Bridge obfs4 63.251.20.238:9443 B59764BF9102FEE821302AC2C9CC28B248054CE4 cert=mK9LnXAcGEacSAd9YspRHyswi1/mBqnha8OLTa9Lpg4UwSf6KbgegAd7zjY+ImhO//PYbg iat-mode=0

Remember to replace these bridges with the ones you got from Tor, as these may not work.

With that done, you can now start and stop Anon Surf with the following commands:

anonsurf start

anonsurf stop

Enjoy! 🙂

(if you have any issues, leave a comment below and I’ll try to get back to you)

Parrot Security OS and Anon Surf

Circumventing Countrywide Tor block with Anon Surf

The Parrot Operating System is a Debian-based rolling release GNU/Linux distribution that focuses on security, privacy, and software development.  I’m going to focus on the privacy aspects of this operating system, but will be touching on the other features, as well.  There are two main versions of Parrot OS: Parrot Security and Parrot Home/Workstation.

Parrot Home/Workstation is “a very lightweight system for daily use and privacy protection. It is designed for casual users who love the parrot look and feel.”  This version has all the features I’m going to discuss in this article.

Parrot Security is a “complete all-in-one environment for pentesting, privacy, digital forensics, reverse engineering and software development.”  This version is considered the full version of Parrot and comes with everything the Home version has along with a full suite of penetration testing and digital forensics tools similar to Kali Linux.  But Parrot OS has some important advantages over Kali Linux.  One major difference between Kali and Parrot is that Kali does not have you setup a user account during installation while Parrot does.  This makes Parrot more suited to being a daily driver.  

Parrot uses “sandboxing” to protect your machine by isolating its components.  A sandbox is a security mechanism for separating running programs, usually in an effort to mitigate system failures or software vulnerabilities from spreading. It is often used to execute untested or untrusted programs or code, possibly from unverified or untrusted third parties, suppliers, users or websites, without risking harm to the host machine or operating system.⁠1  

The newest version, Parrot 4.0, also has the latest Linux kernel which contains up-to-date patches to the meltdown/spectre issues that have come to light over the past few months.  And since it’s a rolling release distribution, you get all the latest base system updates that make their way into Debian’s Testing Branch, which leads to greater security as well.

My favorite feature, however, is Anon Surf.  With a single click, you can enter/exit Anon Surf mode.  Anon Surf automatically routes you through the Tor network and changes your MAC address.  This enables you to “surf” the internet anonymously and privately.  This is more secure than a VPN with the only downside being a slower connection.  

As someone who lives in a country that has heavy internet censorship, blocks many DNS’s and VPN’s, and even blocks Tor, this is very useful.  But it does not work out of the box for me, and it is likely that others who live in countries with similar situations will face the same issue.  Anon Surf seems like it has connected, but when you open Firefox, you see that you have no internet connection.

The solution to this is to add Tor bridges to your torrc file.  I’m going to walk you through that process so you can get around this impediment just as I do.  The first thing we need to do is is acquire some bridges from Tor at https://bridges.torproject.org.  If the Tor website is blocked, you can request your obfs4 bridges from Tor through email at bridges@bridges.torproject.org with the line “get bridges” by itself in the body of the mail.

Screenshot 2018-07-05 00.11.28.png

Once you’ve acquired your list of bridges, you can add to the end of your /etc/tor/torrc file in the following format and save.  

UseBridges 1

ClientTransportPlugin obfs4 exec /usr/bin/obfs4proxy managed

Bridge obfs4 192.36.31.113:39269 366588398C6DB557AC04B006AFCD88E8F9AF1C32 cert=dPWEDqARFmsUWBTjKXwVPoI7eHltxjcCzusU7HVBI6X4OrALZ2sCK9+NVZA8hhfEKQXcWQ iat-mode=0

Bridge obfs4 34.223.222.1:9443 E2C03E5581695FB8EC8E612D397C8DF00E809278 cert=hXnB1g1tEDulE+BjdnI6f7HQXxs6GZeUEDve/K9Z/GJpLLgdXB+2v7SuH+K4EMN4m6fBCA iat-mode=0

Bridge obfs4 63.251.20.238:9443 B59764BF9102FEE821302AC2C9CC28B248054CE4 cert=mK9LnXAcGEacSAd9YspRHyswi1/mBqnha8OLTa9Lpg4UwSf6KbgegAd7zjY+ImhO//PYbg iat-mode=0

Remember to replace these bridges with the ones you got from Tor, as these may not work.  Then make sure you have obfs4proxy installed by doing an apt-get install obfs4proxy in the terminalAnd that’s all it takes.  Now you should be able to use Anon Surf to its full potential and enjoy the privacy it provides.

(if you have any questions, issues or suggestions, please feel free to leave them in the comments section by clicking ‘Leave a comment’ in the left sidebar)

 

1 https://en.wikipedia.org/wiki/Sandbox_(computer_security)