trimstray / multitor Goto Github PK

View Code? Open in Web Editor NEW

996.0 42.0 172.0 797 KB

Create multiple TOR instances with a load-balancing.

License: GNU General Public License v3.0

Shell 98.11% Roff 1.89%

tor multitor multi-tor onion instances socket tor-network communication identity tor-proxy

multitor's Introduction

multitor

Create multiple TOR instances with load-balancing.

Description • Introduction • How To Use • Parameters • Requirements • Docker • Other • License • Wiki

_{Created by
trimstray and
contributors}

Description

It provides one single endpoint for clients. Supports HAProxy, socks protocol and http-proxy servers: polipo, privoxy and hpts.

In addition, you can view previously running TOR processes and create a new identity for all or selected processes.

The multitor has been completely rewritten on the basis of:

Multi-TOR project written by Jan Seidl: Multi-TOR

original source is (Sebastian Wain project): Distributed Scraping With Multiple TOR Circuits

Introduction

multitor was created with the aim of initialize many TOR processes as quickly as possible. I could use many instances for my daily use programs (web browsers, messangers and other). In addition, I was looking for a tool that would increase anonymity when conducting penetration tests and testing the security of infrastructure.

Before using the multitor you need to remember:

TOR does attempt to generate a bunch of streams for you already. From this perspective, it is already load balancing (and it's much smarter at it than HAproxy)
the main goal is masking from where we get by sending requests to multiple streams. It is not so easy to locate where an attacker comes from. If you used http/https servers e.g. proxy servers, you will know what is going on but...
using multiple TOR instances can increase the probability of using a compromised circuit
multitor getting some bandwidth improvements just because it's a different way of connecting to TOR network
in multitor configuration mostly HAProxy checks the local (syn, syn/ack) socket - not all TOR nodes (also exist nodes). If there is a problem with the socket it tries to send traffic to others available without touching what's next - it does not ensure that the data will arrive
TOR network is a separate organism on which the multitor has no effect If one of the nodes is damaged and somehow the data can not leave the exit node, it is likely that a connection error will be returned or, at best, the data will be transferred through another local socket
HAProxy load balance network traffic between local TOR or http-proxy processes - not nodes inside TOR network

TOR is a fine security project and an excellent component in a strategy of defence in depth but it isn’t (sadly) a cloak of invisibility. When using the TOR, always remember about ssl (e.g. https) wherever it is possible.

Look also at Limitations.

How To Use

❗ For a more detailed understanding of multitor, its parameters, functions and how it all works, see the Manual.

It's simple:

# Clone this repository
git clone https://github.com/trimstray/multitor

# Go into the repository
cd multitor

# Install
./setup.sh install

# Run the app
multitor --init 2 --user debian-tor --socks-port 9000 --control-port 9900 --proxy privoxy --haproxy

symlink to bin/multitor is placed in /usr/local/bin

man page is placed in /usr/local/man/man8

Parameters

Provides the following options:

  Usage:
    multitor <option|long-option>

  Examples:
    multitor --init 2 --user debian-tor --socks-port 9000 --control-port 9900
    multitor --init 10 --user debian-tor --socks-port 9000 --control-port 9900 --proxy socks
    multitor --show-id --socks-port 9000

  Options:
        --help                        show this message
        --debug                       displays information on the screen (debug mode)
        --verbose                     displays more information about TOR processes
    -i, --init <num>                  init new tor processes
    -k, --kill                        kill all multitor processes
    -s, --show-id                     show specific tor process id
    -n, --new-id                      regenerate tor circuit
    -u, --user <string>               set the user (only with -i|--init)
        --socks-port <port_num|all>   set socks port number
        --control-port <port_num>     set control port number
        --proxy <proxy_type>          set socks or http (polipo, privoxy, hpts) proxy server
        --haproxy                     set HAProxy as a frontend for http proxies (only with --proxy)

Requirements

multitor uses external utilities to be installed before running:

This tool working with:

GNU/Linux (testing on Debian and CentOS)
Bash (testing on 4.4.19)

Also you will need root access.

Docker

See this project: docker-multitor

Other

Important

If you use this tool in other scripts where the output is saved everywhere, not on the screen, remember that you will not be able to use the generated password. I will correct this in the next version. If you do not use regenerate function of single or all TOR circuits with a password, you can safely restart the multitor which will do it for you.

Limitations

each TOR, http-proxy and HAProxy processes needs a certain number of memory. If the number of TOR processes is too big, the oldest one will be automatically killed by the system
Polipo is no longer supported but it is still a very good and light proxy. In my opinion the best http-proxy solution is Privoxy
I think this topic will be usefull for You before using multitor - How to run multiple Tor processes at once with different exit IPs?

Contributing

See this.

Project architecture

See this.

License

GPLv3 : http://www.gnu.org/licenses/

Free software, Yeah!

multitor's People

Contributors

Stargazers

Watchers

Forkers

ykankaya mrhacker46 codingeverysolution rajivraj security-geeks jothatron daedalus mav1814 h0k5 puzanov 4n6strider akiraaisha sukelluskello satyaji ashr shubham4564 binihao5bei vtngan pabit stefan-caraiman arshiay reality9 qsdj intmaxmood hadesv massito b1gw00d absiddique zeerg miusorin th3khadraoui xuacker devillove084 bbsyaya monkeym4ster melkorazo clicknull silascutler wizard2773 orf53975 malwar3ninja atefbb nebulae389 leopard888 zard777 jwcastillo modulexcite bardimnik indigos33k3r ro9ueadmin sydwicked bbhunter chipper1 team-firebugs mattweidner marcelopalacioabreu emce69 johndoex1 prodject jaggedsoft sanshengshi zumoris kuustudio xixizizixixi dantesieg todun jluisjuncal farxial-forks-collection reviewthislater sha-512 nbg0x1 dynamicdesignz mmillerxyz pchaos attackgithub md50x marciopocebon adv27 goldigrcn fakeuser7 jr69ss dariuszo nstal adityavs gr3c0s 5l1v3r1 bluerabbits eulenleber srburton liadahao aylexx pc-pedia perara pherisw minhle2994 overcyber sarthaksahni rdbo justhumanz mdheller

multitor's Issues

Using bridges

Is it possible to use a multitor with bridges such as obfs4? Found the code for torrc

sudo apt-get install obfs4proxy obfsproxy tor

sudo vi /etc/tor/torrc

UseBridges 1
ClientTransportPlugin obfs3 exec /usr/bin/obfsproxy managed
ClientTransportPlugin obfs4 exec /usr/bin/obfs4proxy managed

send email to [email protected] with body `get transport obfs4` you can get new bridges.

bridge obfs4 195.154.49.15:44705 BACD07DACE996093DC7635F33A98C49... cert=xc/wtKNWADfJQf232xSXT0WpzsaINw6fgPvZBy5Rkw4.../ypaZPDug9L... iat-mode=0
bridge obfs3 163.172.161.87:34827 70C720468D057BBF9F59081506D660CE87...

But dont understand how to implement bridges in the multitor. Please help

doesnt work

[root@mzalinux multitor]# multitor --init 2 --user root --socks-port 9000 --control-port 9900 --proxy privoxy --haproxy
    socks_port:
        status: false
    socks_port:
        status: false

     Set processes: 2
           Created: 0
       Not created: 2
  Control password: DWaycOtRPdEGAbvPFV

       Proxy state: running (haproxy » privoxy » socks)

It used to works fine. but i -k it.. and now it wont work again for some reasons..

IPs repeated too often

Tor is supposed to have thousands of IPs in its pool but for some reason my IP used here is repeated way too often, maybe once every 20th request.
Is this related to the number of tor instances launched at beginning or is it something else?

Does not work for when exceeding 100 nodes.

I'm working on a project that would like to use more than 100 nodes using multitor. However, I am not able to spawn above this number.

I've tried to identify the problem, but I must admit that my bash debugging skills are limited. What could be the reason for this?

I'm not getting any particular error message.

Request for all platforms

The project is very useful. I'm going to use it in my OnionHarvester project. My project is written in Java and thus is cross platform but the multitor is designed for *nix systems. Is it possible to release the windows version too?
If you are insterested in OH, you may check these links:
Link 1
Link 2
Link 3

Best Regards
Saman

Getting this error...Please help

not found in PATH: haproxy polipo privoxy hpts
the above error i get while executing the multitor....FYI haproxy, polipo, privoxy and hpts is installed in Kali ....version
Linux kali 4.16.0-kali2-amd64 #1 SMP Debian 4.16.16-2kali1 (2018-06-25) x86_64 GNU/Linux

how to change hpts 127.0.0.1:15379 to 0.0.0.0:15379

i change the CreateWebProxyProcess but its not work

bad multitor directory owner

Hello,

I get the following error after trying to launch those commands:

git clone https://github.com/trimstray/multitor
cd multitor
./setup.sh install
multitor --init 2 --user debian-tor --socks-port 9000 --control-port 9900 --proxy privoxy --haproxy

[!] bad multitor directory owner

I'm working on clean version of debian 9.

Can you please help me trying to understand the causes of this error ?

Thanks a lot for your time and help

Onion services load balancing

Can it be used for onion services balancing or is it just a forward client connection?

Stop multitor processes: kill param

Hey

Thanks for the tool. Nice to have one.

How to gracefully stop multitor? Cannot find the command in help

syntax error in expression (error token is "<pid>")

/opt/git/multitor/bin/../src/__init__: line 575: [[: 9040
9080: syntax error in expression (error token is "9080")
    socks_port: 9040
9080
        status: false

error: "value is less than or equal 1023"

Rebooted the server. I run the script gives the following error:
"value is less than or equal 1023"

No path

$ multitor
not found in PATH: haproxy polipo privoxy

It seems its need path, how to add the path ?

not found in PATH: hpts

root@termos:~# multitor --init 2 --user debian-tor --socks-port 9000 --control-port 9900 --proxy privoxy --haproxy

not found in PATH: hpts
what is problem ?
what need install ?

HAProxy timeouts to improve.

Default values:

defaults proxy
  mode              tcp
  timeout connect   200ms
  timeout client    2000ms
  timeout server    750ms
  retries           0

After use, I find that they do not work optimally.

For polipo/privoxy the better values are:

defaults proxy
  mode              tcp
  timeout connect   5000ms
  timeout client    15000ms
  timeout server    15000ms
  retries           0

Proxy state disable (only tor)

I have run:

service haproxy start
service tor start
service polipo start

I have tried creating the user debian-tor I have run it with the services stopped, I don't know why I keep getting: Proxy state disable (only tor) thanks

Question

Hi, Neat job!, THANKS, Well, I've setup it and works perfectly. The question now how to access it remotely from different PC?

Getting error

Hi,
I am getting the following error when trying to check IPs

for i in $(seq 1 4) ; do printf "req %2d: " "$i" ; curl -k --location --socks5 127.0.0.1:15379 http://ipinfo.io/ip ; done
req 1: curl: (7) Unable to receive initial SOCKS5 response.
Using centos 6-64bit but I don't understand what this issue is.

Is there a smarter way to communicate with control port when using HAProxy

eg.

Client
|--------> HAProxy (127.0.0.1:16379)
|--------> TOR Instance (127.0.0.1:9000) (cp: 9900)
|--------> TOR Instance (127.0.0.1:9001) (cp: 9901)

When client found a tor circle not work, ( eg, 9000 )
how to send signal newnym to renew it?
cuz client doesn't know which one used

or at least during 15s ( default renew duration ),
the HAProxy will still keep forwarding traffic to this broken instance?

So, my question is,
Is there a possibility to "smart communicate" with control ports?
Besides, is there a command forward interface for docker container?

--proxy Setting gives [!] incorrect proxy type

If i run multitor with: multitor --init 2 -u debian-tor --socks-port 9000 --control-port 9900 --proxy http
I get: [!] incorrect proxy type

qustion: how does multitor handles NEWNUM signal for many Tor process?

Curious to know how does multitor creates new circuits while maintaining lots of Tor processes?

How to add a new instance to the instances.

i don't know if this feature is not available to begin with, but i want to note that when i initiate a number of tor instances multitor kills the previously created ones.

Autorun

How to run multitor after launching other applications through init.d in debian?

I use aws debian11 os ,but error

I use aws debian11 os
after install ,and it say

root@ip-172-31-17-112:~/tor2/multitor# multitor
not found in PATH: nc

what is problem ?
what need install ?

Adding Specific ExitNodes

Hi, I was wondering if there is a mechanism in place to allow specifying the exit node:

ExitNodes {us} StrictNodes 1

I could not find anything in the documentation or in the code that indicated an environment variable etc... to allow you to set the value for this. I would be willing to contribute the change if you can direct me to where it should be added. I looked through the code and it would require a deeper dive to get my head wrapped around it enough to figure out what's going on.

Thank you in advance!

Kill properly polipo service.

Status: In Progress

Kill properly polipo service.

Create man page to /usr/local/man/man8

i try install your script but when i run
./setup.sh install
i get this error .
Create man page to /usr/local/man/man8

plus what command needed to make my all internet in vps use your script exactly "http proxy"
? please help ASAP.

Load balancing between multiple tor instances/ports.

Next Release: testing
Status: In Progress

Load balancing between multiple tor instances/ports:

haproxy

multitor autostart

Could anyone please help me, how to make multitor start with a system? (debian)

Run MultiTor on CentOS 8 error

Hi,

I installed Tor, Privoxy, HAProxy, NC, Polipo and HPTS on CentOS 8. After I run multitor --init 20 --user root --socks-port 9000 --control-port 9900 --proxy privoxy --haproxy

The output was:

socks_port: 
        status: false
    socks_port: 
        status: false
    socks_port: 
        status: false
    socks_port: 
        status: false
    socks_port: 
        status: false
    socks_port: 
        status: false
    socks_port: 
        status: false
    socks_port: 
        status: false
    socks_port: 
        status: false
    socks_port: 
        status: false
    socks_port: 
        status: false
    socks_port: 
        status: false
    socks_port: 
        status: false
    socks_port: 
        status: false
    socks_port: 
        status: false
    socks_port: 
        status: false
    socks_port: 
        status: false
    socks_port: 
        status: false
    socks_port: 
        status: false
    socks_port: 
        status: false

     Set processes: 20
           Created: 0
       Not created: 20
  Control password: *******

       Proxy state: running (haproxy » privoxy » socks)

I don't know why MultiTor cannot run, could you help me to fix the issue?

Another request, because I used Privoxy instead of Polipo, when I don't install Polipo and run MultiTor with the command multitor --init 20 --user root --socks-port 9000 --control-port 9900 --proxy privoxy --haproxy and the output was not found in PATH: polipo. So, I must install Polipo to run MultiTor. I guess it would be wonderful to fix this.

Many thanks,

not found in PATH: hpts

Hello.
I am getting not found in PATH: hpts constantly on ubuntu 18.04, even after I installed http-proxy-to-socks. How do I fix that? Please help

Kali linux not hpts package for installing!!

root@AVI:~# apt-get install hpts
Reading package lists... Done
Building dependency tree
Reading state information... Done
E: Unable to locate package hpts

Can we use this in windows?

IF we can use this in windows please provide me how to set this up in detail

privoxy not run in arch linux with multitor

I have the problem that privoxy does not work command:

multitor --init 2 -u misec --socks-port 9000 --control-port 9900 --proxy privoxy

the working processes:

[ root ]# netstat -tapn | grep LISTEN | grep "tor\|haproxy\|polipo\|privoxy\|node"
tcp        0      0 127.0.0.1:9000          0.0.0.0:*               LISTEN      2237/tor            
tcp        0      0 127.0.0.1:9001          0.0.0.0:*               LISTEN      2296/tor            
tcp        0      0 127.0.0.1:9900          0.0.0.0:*               LISTEN      2237/tor            
tcp        0      0 127.0.0.1:9901          0.0.0.0:*               LISTEN      2296/tor            
tcp        0      0 127.0.0.1:9050          0.0.0.0:*               LISTEN      14827/tor           
tcp        0      0 127.0.0.1:16379         0.0.0.0:*               LISTEN      2395/haproxy        
tcp        0      0 127.0.0.1:16380         0.0.0.0:*               LISTEN      2395/haproxy

privoxy only works if I run it manually with the configuration file of the /multitor/etc directory

/usr/bin/privoxy --no-daemon privoxy.cfg

what is happening?

Multitor directory: ownership bug

after running setup.sh, and attempting to run the program i was greeted with no std output. Digging around the logs, found the issue. should be handled in setup.sh

it didn't make the directory /var/lib/multitor, so I made it, then it complained about a ownership problem.
to fix that I simply used chown $USER /var/lib/multitor

HTTP Traffic with Polipo (backend for HAProxy).