Talk:Tor/Usage/Nmap-scan-through-tor

From aldeid
Jump to navigation Jump to search
MrHahn
02:39, 23 February 2011 (CET)
So what happens if you get 1000 CLOSED ports results through proxychains & torproxy nmap vs 1000 ports filtered through regular nmap without tor or proxychains for same ip address.
Jeff Gordon
05:48, 26 February 2012 (MST)
Interesting post. There is a mistake in your privoxy config description...the "." at the end of the line is missing.

But something is missing in the description. Results differs with/without proxychains with same target and same options:

root@debiannmaptor:~# nmap -PN -sT -p80 <testipadress>

Starting Nmap 5.00 ( http://nmap.org ) at 2012-02-26 13:40 CET
Interesting ports on <testipadress>:
PORT   STATE SERVICE
80/tcp open  http
root@debiannmaptor:~# proxychains nmap -PN -sT -p80  <testipadress>
ProxyChains-3.1 (http://proxychains.sf.net)

Starting Nmap 5.00 ( http://nmap.org ) at 2012-02-26 13:41 CET
|S-chain|-<>-127.0.0.1:5060-<><>-<testipadress>:80-<--timeout
Interesting ports on <testipadress>:
PORT   STATE  SERVICE
80/tcp closed http
Jeff Gordon
06:14, 26 February 2012 (MST)
Found out what the problem was: You cant use any tor exit node for scanning. So you shouldnt use your python script for determining an exide node (or you have to change it..). The scans only work through Tor exit nodes with

.... 443 9030 s Exit Fast Running V2Dir Valid ...

You can search for an appropriate Exit Node on http://128.31.0.34:9031/tor/status/all