search
explicitClick to confirm you are 18+

Tutorial - Tor: Using Services Through the Tor Network

museJun 19, 2018, 8:25:11 AM
thumb_up4thumb_downmore_vert

This Tutorial will not be for everyone, as most of the activity people do will be through a browser. Yet this tutorial will show that it is easy to run services other than a browser through the Tor Network. This might be non-browser applications on a phone, on a PC, or it might be API calls from a program you write. I will demonstrate for you how to run curl through Tor, but it should be easy to see that you can do this with any service.

To first install and setup Tor, read my blog Tutorial - Getting Started with Tor, Part M2(Method 2) is the relevant part, but instead of using Firefox, we will use Curl from the command line.

To prove to you that the Curl service I use is running through Tor, I will use an API call to detect my IP Address. I will use the API call firstly without Tor, then with Tor. In each case the return will be a different IP Address. Thirdly I will do a whois lookup on the IP Address that is detected by the API call to demonstrate how you can confirm if you are really passing the API call through the Tor Proxy.

Firstly - No Proxy

Call the IP with the Curl command https://api.ipify.org/ you will receive a reply that shows the IP address the world detects you to have. The result will be something like this image:

IP address lookup not through a proxy shows my own external IP address(although I changed it for this blog)

Secondly - Tor Proxy

Call the IP using the Socks Proxy that I demonstrate how to setup in the Blog Tutorial - Getting Started with Tor.

IP address lookup through a Proxy shows an IP Address that does not belong to me

Note that the IP address returned is different, this proves that using the Tor Proxy, a different IP address is seen by the outside world.

Thirdly - Check Tor Proxy

We can get more information on who that IP address belongs to by looking it up with the whois command(I shortened the output by using | grep address). I know for a fact that I am not located in Germany, so Tor indeed seems to be working correctly. I don't censor this information, because this information is already very public. Note, the "Exit Nodes" of the Tor Network are probably the Tor Networks greatest weakness. Exit Nodes - The IP address that the world sees when you use the Tor Network - are very exposed to the world. Therefore, running an Exit Node yourself does expose you to some risks.

whois lookup showing Tor Exit Node in Germany

A good equivalent to the whois call above is the following:

curl https://ipapi.co/94.16.123.176/json/


publicgnuv3