How to configure multiple outputs to the TOR network through PRIVOXY

Author and Contributor: Jonás Ropero Castillo – @norasec_


Sometimes, in pentest tasks such as brute force or recon, phishing, URL analysis with malicious content, etc., it is necessary to perform tests from different IP’s or specific countries. Proxys or VPNs are usually used for these tasks. If we also want to add a layer of anonymity (… for any reason …) another option is to resort to TOR.

When TOR is installed, it works by default as if it were a SOCKS proxy, although sometimes it is useful to be able to use TOR as an HTTP Proxy, in which case we can resort to Privoxy.

1. Installation of TOR and Privoxy

To install TOR and Privoxy in a GNU / Linux distribution (in this case Ubuntu LTS 16 has been used) we must enter in the terminal the following command:

2. TOR Settings

When configuring TOR, you need to access the configuration file located in / etc / tor / torrc, where we will add the following parameters to the end of the file:

While if we want to use a particular country of departure we must add:

We may need to change the permissions of the / var / lib / tor file to root:

If you want to use ControlPort (in which you can edit the configuration of TOR at runtime among other things) we must generate a hash, for example:


To start TOR with the configuration file we have created you have to enter:

As a result we have lifted an exit to TOR with Proxy SOCKS on port 9050.

Finally, access to ControlPort would be done as follows:

Since we will not stop at this point, it is advisable to read the following article for use of ControlPort in depth:

3. Privoxy Settings

On the other hand, to configure Privoxy you have to access the file / etc / privoxy / config, where we must add the following lines to redirect traffic from Privoxy to TOR.

The following lines are also important (log file and listener port) although they will already come this way by default:

The result will be having Privoxy started as HTTP Proxy on port 8118

4. Installing and configuring five outputs of TOR and Privoxy automatically (for the vague jumpers here)

We have already done everything necessary to go through TOR both with SOCKS proxy and HTTP proxy, but the interesting thing and what we were talking about at the beginning is to be able to use several TOR outputs precisely to have the versatility to use different countries or different IP’s. So we will automate the task of installation and configuration of all outputs.

In the next small script, we have the necessary to configure three TOR outputs using the countries of Russia, the United States and Brazil, and the other two outputs would be configured by default, randomly.

In the last part of the script a sh file is created to raise all the TOR’s and Privoxy’s at once, and an alias is added to our ~ / .bashrc to execute the same.

It creates a file called for example (let’s be original because not), and copy the following content with any text editor

We then run it (we give you chmod + x execute permissions before):

We open a new terminal and execute the alias that was created in the previous execution to raise all the outputs simultaneously:

Just wait a while to start all processes and this way the outputs are active and ready to be used as HTTP proxies or SOCKS proxy.

Summary of accomplishments:

Servicio Proxy:port ControlPort Servicio Proxy:port País
tor Proxysocks:9050 Controlport:9051 privoxy Proxyhttp:8118 aleatorio
tor2 Proxysocks:9150 Controlport:9151 privoxy2 Proxyhttp:8218 us
tor3 Proxysocks:9250 Controlport:9251 privoxy3 Proxyhttp:8318 ru
tor4 Proxysocks:9350 Controlport:9351 privoxy4 Proxyhttp:8418 br
tor5 Proxysocks:9450 Controlport:9451 privoxy5 Proxyhttp:8518 aleatorio

We can check that everything has been fine with netstat and ps.

5. Proving the Proxys

If you want to navigate through the configured Proxys, we can use for example the Firefox browser along with the Foxy Proxy add-on, adding the new TOR outputs.

FIgure 1 – Proxys

As an example, for HTTP Proxy the first would be as follows (the rest only changing the port):

FIgure 2 – Proxys Socks

Note: To use or add SOCKS Proxy, select SOCKS v4 / 4a and change the port to 9050 and successive.

We would already have everything needed to navigate the country that we choose or change from IP to click hit

If we want to verify its correct operation, open the browser and we will select the different Proxys, and check the IP and country of exit with the following URL:

FIgure 3 – Configured Outputs

Or faster, we use Curl by copying and pasting the following lines:

Now we can navigate the multiple TOR’s, configure our favorite pentest tools with the different HTTP or SOCKS proxies, analyze URL’s that require an IP in a certain country or give it the use that each one considers more appropriate.

Author and Contributor: Jonás Ropero Castillo – @norasec_