Rotasi IP Address dengan Proxy dan Jaringan TOR – Menurut kalian seberapa sering kalian menggunakan layanan proxy untuk mengubah alamat IP tanpa TOR. Mendapatkan Proxy secara gratisan sebenarnya mudah, kalian bisa cari informasi di https://free-proxy-list.net/. Banyak keperluan yang digunakan mengapa perlu melakukan rotasi IP /Proxy, misalnya untuk keperluan scrapping dan brutefo**ce?
auto change tor IP
Contents
Disini saya akan bahas dari yang paling mudah yaitu menggunakan https://github.com/noobpk/auto-change-tor-ip. Ditulis menggunakan Python dan menggunakan TOR sebagai jaringan proxy nya.
_ _ | | (_) __ _ _ _| |_ ___ _ __ _ _ __ / _` | | | | __/ _ \| '__| | '_ \ | (_| | |_| | || (_) | | | | |_) | \__,_|\__,_|\__\___/|_| |_| .__/ | | |_| Automatically Change Tor Ip Address #noobteam [*]___author___: @noobpk [*]___version___: 1.3 alpha [03-02-24 22:11:15] [INFO] - [*] Detect Platform [03-02-24 22:11:15] [INFO] - [*] Linux - KALI LINUX - UBUNTU [03-02-24 22:11:15] [INFO] - [+] Check Requirement [03-02-24 22:11:15] [INFO] - [*] Tor has been install [03-02-24 22:11:15] [INFO] - [*] TorSocks has been install [03-02-24 22:11:15] [INFO] - [*] Privoxy has been install [03-02-24 22:11:15] [INFO] - [*] File listip.txt has been created [03-02-24 22:11:15] [INFO] - [*] Current IP Addresss 127.124.95.430 [03-02-24 22:11:15] [INFO] - [*] Start service Tor [03-02-24 22:11:20] [INFO] - [*] Start service Privoxy [03-02-24 22:11:25] [INFO] - [*] Add to your browsers HTTP Proxy 127.0.0.1:8118 [03-02-24 22:11:25] [INFO] - [*] Access Privoxy Manager http://p.p/ [03-02-24 22:11:25] [INFO] - [*] Set time stamp [?] Time to auto change ip by second (default 600s):100 [?] Number of loop (default 144):30 [03-02-24 22:11:36] [INFO] - [*] Change New IP [03-02-24 22:11:39] [INFO] - [*] Successfully - Your IP has been Changed [03-02-24 22:11:39] [INFO] - [*] New IP Addresss: 127.124.95.430
Namun setelah dicoba, sesuai keterangan diatas, IP nya belum berubah. Sungguh mengecewakan sekali. Ataupun bila kita pakai setting proxy diatas langsung di browser pun Proxy 127.0.0.1:8118
tetap sama, tidak bisa akses internet malah!
Menggunakan TOR command Line
ntah apa kode diatas tidak bekerja dengan baik. Saya coba TOR command line dengan informasi sebagai berikut, kalian bisa pasang dengan mudah di ubuntu atau di mac
(base) root@bejo-HP-Laptop-14s-fq0xxx:/media/bejo/New Volume1/tools hack/auto-change-tor-ip# tor Feb 03 22:16:22.123 [notice] Tor 0.4.8.4 running on Linux with Libevent 2.1.12-stable, OpenSSL 3.0.10, Zlib 1.2.13, Liblzma 5.4.1, Libzstd 1.5.5 and Glibc 2.38 as libc. Feb 03 22:16:22.123 [notice] Tor can't help you if you use it wrong! Learn how to be safe at https://support.torproject.org/faq/staying-anonymous/ Feb 03 22:16:22.129 [notice] Read configuration file "/etc/tor/torrc". Feb 03 22:16:22.132 [notice] Opening Socks listener on 127.0.0.1:9050 Feb 03 22:16:22.133 [notice] Opened Socks listener connection (ready) on 127.0.0.1:9050 Feb 03 22:16:22.000 [notice] Parsing GEOIP IPv4 file /usr/share/tor/geoip. Feb 03 22:16:22.000 [notice] Parsing GEOIP IPv6 file /usr/share/tor/geoip6. Feb 03 22:16:22.000 [warn] You are running Tor as root. You don't need to, and you probably shouldn't. Feb 03 22:16:22.000 [notice] Bootstrapped 0% (starting): Starting Feb 03 22:16:22.000 [notice] Starting with guard context "default" Feb 03 22:16:23.000 [notice] Bootstrapped 5% (conn): Connecting to a relay Feb 03 22:16:24.000 [notice] Bootstrapped 10% (conn_done): Connected to a relay Feb 03 22:16:24.000 [notice] Bootstrapped 14% (handshake): Handshaking with a relay Feb 03 22:16:26.000 [notice] Bootstrapped 15% (handshake_done): Handshake with a relay done Feb 03 22:16:26.000 [notice] Bootstrapped 20% (onehop_create): Establishing an encrypted directory connection Feb 03 22:16:26.000 [notice] Bootstrapped 25% (requesting_status): Asking for networkstatus consensus Feb 03 22:16:27.000 [notice] Bootstrapped 30% (loading_status): Loading networkstatus consensus Feb 03 22:17:05.000 [notice] Bootstrapped 45% (requesting_descriptors): Asking for relay descriptors Feb 03 22:17:05.000 [notice] I learned some more directory information, but not enough to build a circuit: We need more microdescriptors: we have 6114/7647, and can only build 53% of likely paths. (We have 82% of guards bw, 75% of midpoint bw, and 86% of exit bw = 53% of path bw.) Feb 03 22:17:07.000 [notice] Bootstrapped 71% (loading_descriptors): Loading relay descriptors Feb 03 22:17:09.000 [notice] Bootstrapped 75% (enough_dirinfo): Loaded enough directory info to build circuits Feb 03 22:17:09.000 [notice] Bootstrapped 90% (ap_handshake_done): Handshake finished with a relay to build circuits Feb 03 22:17:09.000 [notice] Bootstrapped 95% (circuit_create): Establishing a Tor circuit Feb 03 22:17:11.000 [notice] Bootstrapped 100% (done): Done
disitu tertera informasi yaitu
Feb 03 22:16:22.133 [notice] Opened Socks listener connection (ready) on 127.0.0.1:9050
Kemudian setting proxy di system
dan menggunakan Curl mendapatkan IP yang sudah berubah
bejo@bejo-HP-Laptop-14s-fq0xxx:/$ curl checkip.amazonaws.com 82.221.131.5 bejo@bejo-HP-Laptop-14s-fq0xxx:/$
Sampai disini, saya belum tahu cara mengubah secara praktis command line di TOR untuk berubah setiap request ataupun berubah per 1 menit karena secara default akan berubah per 10 menit.
Cek IP Proxy menggunakan Mubeng
Ada tools menarik dari https://github.com/kitabisa/mubeng ditulis menggunakan bahasa go lang. Kalian bisa install dulu golang nya https://www.cyberciti.biz/faq/how-to-install-gol-ang-on-ubuntu-linux/. Kemudian mencari IP Proxy gratisan di https://free-proxy-list.net/. Disimpan dalam bentuk csv/txt misalkan seperti berikut (saya simpan dengan nama proxy.csv). Kalian bisa melakukans scrapying yaitu Cara Mendapatkan Free Proxy List
http://82.146.37.145:80 http://82.64.77.30:80 http://72.10.164.178:10801 http://50.122.86.118:80 http://109.107.189.214:80 http://133.18.234.13:80 http://117.250.3.58:8080 http://162.223.94.164:80 http://116.203.28.43:80 http://3.37.125.76:3128 http://13.38.176.104:3128 http://54.233.119.172:3128 http://54.248.238.110:80 http://32.223.6.94:80 http://66.191.31.158:80 http://41.207.187.178:80 http://198.44.255.3:80 http://154.208.10.126:80 http://99.79.58.166:80 http://3.122.84.99:3128 http://20.27.86.185:80 http://8.219.97.248:80 http://50.237.207.186:80 http://178.128.113.118:23128 http://64.23.131.209:8080 http://198.176.56.43:80 http://47.74.152.29:8888 http://94.100.26.202:80 http://67.43.228.254:32221 http://67.43.228.253:14869 http://67.43.236.20:16829 http://72.10.160.173:10677 http://198.199.86.11:8080 http://114.156.77.107:8080 http://67.43.227.226:25639 http://196.223.129.21:80 http://195.181.172.230:8082 http://67.43.236.18:22645 http://103.148.57.103:30005 http://67.43.227.229:26943 http://113.161.131.43:80 http://202.5.16.44:80 http://103.70.147.233:8080 http://202.166.205.181:8080 http://49.156.47.162:8080 http://51.159.0.236:2020 http://139.59.1.14:8080 http://47.88.3.19:8080 http://196.20.125.149:8083 http://216.137.184.253:80 http://155.94.241.134:3128 http://123.30.154.171:7777 https://44.213.196.246:8080 http://198.176.56.39:80 http://50.231.172.74:80 http://50.174.145.14:80 http://50.170.90.26:80 http://50.168.163.182:80 http://50.175.212.66:80 http://50.218.224.35:80 http://50.172.227.202:80 http://50.174.145.10:80 http://50.175.212.74:80 http://50.174.145.15:80 http://50.174.145.11:80 http://50.175.212.72:80 http://50.200.12.81:80 http://50.175.212.79:80 http://50.222.245.50:80 http://50.169.23.170:80 http://50.200.12.85:80 http://50.168.210.235:80 http://50.221.230.186:80 http://50.171.68.130:80 http://50.222.245.46:80 http://50.174.145.12:80 http://50.217.29.198:80 http://50.168.89.184:80 http://50.174.7.154:80 http://50.168.163.180:80 http://50.204.190.234:80 http://24.205.201.186:80 http://50.220.168.134:80 http://50.204.219.226:80 http://50.168.163.178:80 http://50.218.57.65:80 http://50.168.72.117:80 http://50.218.57.68:80 http://50.204.219.229:80 http://50.207.199.80:80 http://50.173.140.145:80 http://50.168.72.114:80 http://50.168.72.113:80 http://50.207.199.83:80 http://50.204.219.227:80 http://50.218.57.69:80 http://50.170.90.27:80 http://50.168.163.181:80 http://50.239.72.16:80 http://50.204.219.230:80 http://50.218.57.64:80 http://50.200.12.84:80 http://103.137.160.186:8090 http://103.140.131.107:8080 http://36.89.156.146:8080 http://70.186.128.126:8080 https://67.43.228.250:18003 http://193.107.104.57:3128 http://65.21.35.155:7518 http://45.87.68.17:15321 http://188.225.24.22:3128 http://194.182.178.90:3128 http://13.37.59.99:3128 http://18.185.169.150:3128 http://15.236.106.236:3128 http://13.37.89.201:3128 http://139.162.78.109:3128 http://51.15.242.202:8888 http://103.163.51.254:80 https://128.199.184.169:8000 https://159.65.186.46:10002 https://47.254.91.248:3773 http://50.200.12.87:80 http://50.222.245.42:80 http://50.207.199.86:80 http://50.222.245.40:80 http://213.143.113.82:80 http://0.0.0.0:80 http://50.172.75.122:80 http://50.172.75.124:80 http://50.239.72.19:80 http://170.64.222.81:8000 http://50.173.140.146:80 http://50.172.75.120:80 http://50.219.244.6:80 http://213.157.6.50:80 http://80.120.130.231:80 http://213.33.2.28:80 http://50.222.245.41:80 http://211.128.96.206:80 http://50.172.75.123:80 http://50.168.163.179:80 http://190.58.248.86:80 http://50.206.111.88:80 http://82.119.96.254:80 http://50.218.57.71:80 http://62.99.138.162:80 http://50.206.111.91:80 http://85.8.68.2:80 http://50.217.226.45:80 http://50.218.57.70:80 http://50.174.145.8:80 http://50.170.90.31:80 http://213.33.126.130:80 http://50.168.72.118:80 http://50.170.90.28:80 http://50.170.90.30:80 http://50.207.199.87:80 http://80.150.50.226:80 http://50.170.90.34:80 http://80.228.235.6:80 http://50.217.226.41:80 http://50.172.23.10:80 http://50.169.135.10:80 http://50.168.163.166:80 http://50.230.222.202:80 http://50.217.226.46:80 http://50.174.7.159:80 http://45.64.169.7:3128 http://121.101.134.22:8080 http://202.5.56.139:5020 http://36.94.24.235:9000 http://45.235.16.121:27234 https://68.183.134.152:8000 http://104.225.220.233:80 http://162.223.89.84:80 http://74.208.177.198:80 https://24.144.95.168:8000 http://46.101.115.59:80 https://128.199.104.93:8000 https://72.10.160.91:18031 http://181.65.200.53:80 http://13.81.217.201:80 http://218.255.187.60:80 http://51.250.13.88:80 http://202.131.65.110:80 http://194.67.91.153:80 http://41.77.188.131:80 http://133.242.229.79:33333 http://162.240.75.37:80 http://138.68.235.51:80 http://156.67.214.232:80 http://50.174.7.158:80 http://50.173.140.147:80 http://167.99.124.118:80 http://195.114.209.50:80 http://50.170.152.189:80 http://50.223.246.226:80 http://50.219.244.0:80 http://50.219.244.2:80 http://189.202.188.149:80 http://82.165.105.48:80 http://103.127.1.130:80 http://50.168.72.119:80 http://50.174.41.66:80 http://50.169.37.50:80 https://167.114.107.37:80 http://50.173.140.150:80 http://50.172.218.164:80 http://96.113.158.126:80 http://50.174.214.222:80 http://50.168.210.234:80 http://50.168.210.236:80 http://188.166.56.246:80 https://165.22.36.164:10001 http://50.174.7.153:80 http://50.239.72.17:80 http://50.173.140.144:80 http://68.188.59.198:80 http://50.218.57.74:80 http://50.206.111.90:80 http://50.174.7.157:80 http://50.218.57.66:80 http://207.2.120.16:80 http://50.222.245.45:80 http://50.173.140.148:80 http://50.207.199.85:80 http://50.170.90.25:80 http://162.222.207.221:80 http://50.173.140.151:80 http://96.113.159.162:80 http://154.118.228.212:80 http://50.174.7.155:80 http://47.56.110.204:8989 http://50.168.72.112:80 https://8.212.4.168:8081 http://20.205.61.143:80 http://50.217.226.42:80 http://181.209.80.134:999 http://191.101.78.207:3128 http://41.33.66.234:1976 http://89.134.183.173:18080 http://120.28.150.68:8082 http://177.53.153.14:999 http://46.245.77.52:3128 http://200.155.142.97:8080 http://120.28.218.151:8080 http://94.154.152.12:8079 http://190.90.233.65:8080 http://190.144.80.122:8080 http://36.64.132.91:3127 http://41.85.8.233:8080 http://188.235.0.207:8181 http://162.214.165.203:80 http://89.36.114.38:80 http://147.182.180.242:80 http://50.168.72.122:80 http://50.168.7.250:80 http://50.169.118.211:80 http://50.174.216.110:80 https://67.43.227.228:9039 http://134.209.29.120:8080 http://50.200.12.83:80 http://50.172.75.121:80 http://50.170.90.29:80 http://50.172.39.98:80 http://50.223.38.6:80 http://50.222.245.43:80 http://50.174.145.13:80 http://50.200.12.80:80 http://50.172.75.126:80 http://50.168.210.232:80 http://50.174.7.162:80 http://68.185.57.66:80 http://50.174.7.156:80 http://50.168.72.116:80 http://50.231.110.26:80 http://50.235.240.86:80 http://50.204.219.225:80 http://50.239.72.18:80 http://50.221.74.130:80 http://50.207.199.82:80 http://50.217.226.40:80 http://50.217.226.44:80 http://103.135.14.176:8181 http://181.10.181.107:999 http://187.110.227.78:8080 http://181.78.83.27:999 http://62.201.251.217:8585 http://170.78.211.33:999 http://45.189.252.243:999 http://5.17.6.83:8080 http://170.83.77.246:999 http://191.243.46.30:43241 http://103.165.58.109:64999 http://190.217.5.242:999 https://72.10.160.92:26077 https://4.247.16.242:3128 https://94.73.239.124:55443 https://72.10.160.174:22669
Kita masuk ke terminal dan ke direktory bin dan panggil perintahnya
root@bejo-HP-Laptop-14s-fq0xxx:/media/bejo/New Volume1/tools hack/mubeng/bin# ./mubeng -f proxy.csv --check --output live.csv
Hasilnya sebagai berikut (disimpan dalam bentuk file dengan nama live.csv)
_ v0.14.2 _____ _ _| |_ ___ ___ ___ | | | | . | -_| | . | |_|_|_|___|___|___|_|_|_ | |___| infosec@kitabisa.com [LIVE] [KR] [3.36.94.149] http://3.37.125.76:3128 [LIVE] [KR] [3.36.94.149] http://117.250.3.58:8080 [LIVE] [FR] [13.38.122.233] http://54.248.238.110:80 [LIVE] [FR] [13.38.122.233] http://13.38.176.104:3128 [LIVE] [DE] [3.72.48.200] http://3.122.84.99:3128 [LIVE] [BR] [18.228.137.135] http://54.233.119.172:3128 [LIVE] [SG] [8.219.64.236] http://8.219.97.248:80 [LIVE] [US] [64.23.131.209] http://64.23.131.209:8080 [LIVE] [JP] [20.27.86.185] http://20.27.86.185:80 [LIVE] [ID] [103.140.131.107] http://103.140.131.107:8080 [LIVE] [FR] [13.38.122.233] http://18.185.169.150:3128 [LIVE] [FR] [13.38.122.233] http://13.37.59.99:3128 [LIVE] [FR] [13.38.122.233] http://13.37.89.201:3128 [LIVE] [FR] [13.38.122.233] http://15.236.106.236:3128
artinya [LIVE] [KR] [3.36.94.149] http://3.37.125.76:3128
proxy http://3.37.125.76:3128 akan berada di My IP [3.36.94.149] berada di kroasia
Akan tetapi script tersebut menurut saya berjalan sangat lambat sekali!
Membuat Cek Proxy sendiri dengan Threading agar lebih cepat
Setelah saya cermati karena script mubeng terlalu lamban! saya akan menggunakan python dan threading saja. Agar lebih mudah dibuatlah class turunan dari Threading untuk mempermudah return value dari hasil threading
# custom thread class CustomThread(Thread): def __init__(self,url): Thread.__init__(self) self.value = None self.url = url self.ip = None def run(self): sleep(0.1) target = "http://checkip.amazonaws.com" # target = "https://api.ipify.org" session = requests.Session() headers = { 'accept': 'text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9', 'accept-encoding': 'gzip, deflate, br', 'accept-language': 'en-US,en;q=0.9', 'cache-control': 'max-age=0', 'referer': 'https://www.whatismyip.com/52.242.97.97/', 'user-agent': 'Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36' } #nggak pakai proxy if self.url !=None: opt = {self.url.split(':')[0]: self.url.split(':')[1].replace("/","")+":"+self.url.split(':')[2]} session.proxies = opt try: st = session.get(target,headers = headers) self.value = self.url self.ip = st.text.strip() # #lebih hati2 jika yang di render malah kode HTML if self.validate_ip(self.ip): self.ip = self.ip else: self.ip = None except: self.value = None self.ip = None def validate_ip(self,s): a = s.split('.') if len(a) != 4: return False for x in a: if not x.isdigit(): return False i = int(x) if i < 0 or i > 255: return False return True def validate_ip(s): a = s.split('.') if len(a) != 4: return False for x in a: if not x.isdigit(): return False i = int(x) if i < 0 or i > 255: return False return True path = '/media/bejo/New Volume1/tools hack/mubeng/bin/proxy.csv' data = pd.read_csv(path,header=None) threads = list() for url in data[0]: x = CustomThread(url) threads.append(x) for t in threads: t.start() #butuh waktu agak lama sebelum dipanggil! for t in threads: t.join(0.01) time.sleep(3) for aktif in threads: if aktif.value!=None and aktif.ip!=None: print("proxy: "+aktif.value, "My IP: "+aktif.ip)
langsung run saja, hasilnya cukup cepat dan akurat!
proxy: http://3.37.125.76:3128 My IP: 3.36.94.149 proxy: http://54.248.238.110:80 My IP: 18.183.9.197 proxy: http://3.122.84.99:3128 My IP: 3.72.48.200 proxy: http://178.128.113.118:23128 My IP: Maximum number of open connections reached. proxy: http://64.23.131.209:8080 My IP: 64.23.131.209 proxy: http://195.181.172.230:8082 My IP: 195.181.172.230 proxy: https://44.213.196.246:8080 My IP: 27.124.95.43 proxy: https://67.43.228.250:18003 My IP: 27.124.95.43 proxy: http://13.37.59.99:3128 My IP: 13.38.122.233 proxy: http://18.185.169.150:3128 My IP: 3.72.48.200 proxy: http://15.236.106.236:3128 My IP: 13.38.122.233 proxy: http://13.37.89.201:3128 My IP: 13.38.122.233 proxy: https://128.199.184.169:8000 My IP: 27.124.95.43 proxy: https://159.65.186.46:10002 My IP: 27.124.95.43 proxy: https://47.254.91.248:3773 My IP: 27.124.95.43
ada pesan Maximum number of open connections reached hal ini wajar, karena sleep(0.01) yang sangat singkat! kalian bisa ubah saja ke 0.1 tentu hasilnya akan menjadi lebih lama. Jangan lupa dikasih jeda waktu sebelum memanggil hasilnya
time.sleep(3) for aktif in threads: if aktif.value!=None: print("proxy: "+aktif.value, "My IP: "+aktif.ip)
Oiya saya sengaja tidak menggunakan cek IP dari https://api.ipify.org karena tidak capable kalau banyak request.
Simpan hasil Proxy
Setelah didapatkan hasil, kita bisa simpan hasilnya ke format CSV
live = list() for aktif in threads: if aktif.value!=None and aktif.ip!=None: live.append(aktif.value) live = pd.DataFrame(live) live.to_csv('live ok.txt')
Untuk brute force
Proxy diatas, bisa kalian gunakan buat brute force Brute Password Attack IG dengan Rotasi Proxy IP Multi Threading dan Resume Password
laptops._store Hati-hati penipuan oleh akun IG dari laptops._store