Identity Secret: How to Become a Ghost Hacker with Proxychains

August 16, 2016 | Views: 33756

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

Welcome Back, Cybrarians!!!!

When it comes to hacking remotely, the number one priority that comes to a hacker’s mind is how to stay anonymous and operate under the radar in order to be safe.

Anonymity is a big topic in the digital world that becomes complicated as technology advances. However, achieving a complete anonymity is a myth, simply because the digital world based on the internet was not built to be used anonymously. You’re never completely anonymous on the internet; you have to keep that idea in mind.

That being said, they are some ways, if done together, that can  minimize the level of exposure and trace-ability, such as VPNs, Proxychains, changing physical locations and so on….

In our tutorial today, we’ll go through setting up Proxychains on Kali Linux in order to use it later in other hacking tutorials.


Let’s start…


Proxy: the idea of a proxy, in general, is directing traffic from your system (computer) to another system (computer or server) before reaching the targeted destination.

Proxy Server: is the midpoint between the client/hacker computer (your computer) and the targeted computer or server.

As you see below in the diagram, you get the external IP address from your ISP (internet Service Provider). Instead of connecting directly to the target, your traffic will travel through one or more servers and you will get a new IP address, before reaching the intended destination. These servers are the called proxy server.


Proxychains: are using multiple proxy servers to obscure or hide your original IP.



1- The more proxies you use, the slower your internet connection gets, as a result of bouncing packets from one server to another.

2- Spend a good amount of time searching for a good proxies for your mission.

3-Your proxies choice should be based on your location and laws of your area; it’s recommended to take the time to know which proxies ensure obscurity and are less likely to be traced back to your identity.

4- The weakest link is the proxychain is your original IP address that can be traced back to you. This  should be taken in consideration as where to get your internet connection. This should add a layer of anonymity to whole package.


Tutorial Requirements:

1- Kali Linux virtualbox

2- Proxies: these are list of common proxies. Yet, as I mentioned above, choose them carefully.

  1. SamAir Security

  2. Proxy4Free


  4. Hide My Ass


Step 1: Change Network Settings

Before you start your box, change the settings of your Network to a Bridged Network.


Step 2: Choose Your Proxies

For the purpose of this tutorial, I chose 3 proxies from different locations. As I mentioned before, spend some time choosing the right proxies for you. Remember NEVER depend on one proxy or proxy site. Always keep moving, keep bouncing.



Step 3: Configure Proxychains

  • Locate proxychains configuration file:

>> locate proxychains


  • Edit the configuration file using any file editor:vim, nano, leafpad,pico.


  • Once you hit the command, you should see the configurations below.


They are 3 different settings for proxychains and each one serves a different purpose.

1- Strict chain: is used when the order of the proxies is important to you. The connection will go through your list, one by one, as you listed them. This comes in handy if you know that all the proxies you chose are working and you can rely on them. Strict chain will help you craft a scenario as to where the attacks come from as you choose the locations to align with the mission.

2- Dynamic chain: goes through your list in order, but if one of the proxies timed out or is not working anymore, it skips it and goes to the next one in the list.

By default strict mode is uncommented out; if you want to switch to dynamics, comment out strict_chain by adding pound sign “#”in front of it, like below:


And remove the pound sign ”#” to use the dynamic_chain


3- Random chain: goes through the proxy list randomly without any order, every time you make a connection, you will get a different IP address. This means that each time you use proxychains, the chain of proxy will look different to the target destination, which makes it harder to trace the traffic back to you.

Note: If you want to use random_chain, make sure you comment the other two and uncomment “random_chain”

* To add your proxy list :

  • Go down the file under #Add proxy list and add your proxies

  • The list of proxies will include the protocol type, IP address and port number

  • Note: When you add the proxies, use the “tab key instead of “space” to avoid any problems while running proxychains later

Ex: Socks4”tabs”IP_address”tab”Port_number


Now that you added the list of the proxies, it’s the time to test them to see if they work properly as expected.


Step 4: Testing Your Proxies

Now that we set everything up, let’s test it and see how it goes.

Before we start using the proxychains, let’s check out original IP.

>>>> curl


Now, let’s check our IP address using the proxychains; I’m using dynamic_chain switch

>>> proxychains curl


As you see above, using the dynamic switch helps skipping the timeout responses. The connection bounced from one IP to another – skipping the timeout until it reached the destination with IP were the response message was OK.

– One of the greatest things about proxychains is that you can use it to scan networks or web servers. Sometimes anonymously, like below using Nmap

>>> proxychains nmap -sS -T4

  • sS for (TCP SYN scan)

  • T4 for time



  • As you see, the above connection bounced from one IP to another until it hit the target with a different IP from the one it started the scanning with.

  • Keep trying multiple times, as sometimes the scanning will time out a couple of times before you get a response back.


That’s all for this tutorial. In the coming ones, we’ll use proxychains for remote/external hacking. Thanks for reading and stay tuned for more…


Share with Friends
Use Cybytes and
Tip the Author!
Share with Friends
Ready to share your knowledge and expertise?
  1. can we use a proxy and a vpn in the same time in windows internet explorer or kali?

  2. your explanation is very clear and concise thank you.

  3. Wow, some interesting staff to read about, I’ve just develop interest in being a computer technician, and I can just say, every interesting things to read about. Thanks Guys

  4. FYI I would not use Hide my ass. Cause they log everything that you do on there servers. Couple of hacker were busted using there server as Hide My Ass turn over log files of the hackers.

    • @nerv The proxy sites are only examples. As I mentioned in the tutorial, you have to spend time searching for what it suits you in terms of location and laws of your area

  5. what is Kali Linux virtualbox??

Page 2 of 6«12345»...Last »
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge


We recommend always using caution when following any link

Are you sure you want to continue?