Skip to content
/ toralizer Public

Toralizer: Hijacking and Intercepting Library Calls on Linux and macOS

License

GPL-3.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

leonid-ed/toralizer

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
linux
linux
 
 
macos
macos
 
 
.clang-format
.clang-format
 
 
.prettierrc
.prettierrc
 
 
20241103103556.png
20241103103556.png
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Toralizer: Hijacking and Intercepting Library Calls on Linux and macOS

Intro

I got inspired by the videos by Dr. Jonas Birch (part 1, part 2) and decided to play with such technics to understand the technology better.

Disclaimer

This tool is implemented solely for educational and study purposes. It is not designed or intended to provide real anonymity or mask your identity in actual usage. Please use responsibly and only in compliance with applicable laws and regulations.

Overview

Toralizer is a tool for redirecting library functions, specifically for hijacking and intercepting network calls of programs to redirect traffic through a local Tor proxy server, thereby masking your identity.

Key Concepts

  • Library Call Redirection: Intercepting library and system calls like connect to route traffic through a proxy.
  • Tor Integration: Redirecting network calls to the Tor network for anonymized communication.

NOTE: Actually, it is integration with any SOCKS4 or SOCKS5 proxy server (not specifically Tor's local proxy) and in testing I use ordinary SOCKS4/SOCKS5 proxy servers:

  • dante running locally or remotely (please keep in mind that the communication is not encrypted in this case)
  • SSH tunnel to a remote machine which ensures the encryption of the traffic between your side and the proxy

Setting up SOCKS4/SOCKS5 proxy server

Dante proxy server

It is better to run your proxy server on some random port to make it harder for be found and used by someone else on the Internet accidentally:

# Run bash command to get a random number in the range
$ shuf -i 49152-65535 -n 1
61298

Now let's start a Docker container with the proxy server locally for testing purposes:

# Run a socks4 server locally as a Docker container on the port 61298
$ docker run -d -p 61298:1080 wernight/dante

# Test the socks4 server with curl
$ curl -v --socks4 127.0.0.1:61298 "ifconfig.so"
*   Trying 127.0.0.1:61298...
* Connected to 127.0.0.1 (127.0.0.1) port 61298
* SOCKS4 communication to ifconfig.so:80
* SOCKS4 non-blocking resolve of ifconfig.so
* Host ifconfig.so:80 was resolved.
...

SSH tunnel

A SSH tunnel to a remote machine can be started via the following command:

$ ssh -D 62494 -N <address>

If everything is fine, then go to linux and macos subdirectories to build the shared library and hijack programs' library calls to connect to the network.

Links

About

Toralizer: Hijacking and Intercepting Library Calls on Linux and macOS

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages