#!/bin/bash# AnonSurf is inspired to the original backbox-anonymous script

1. #!/bin/bash
2.  
3. # AnonSurf is inspired to the original backbox-anonymous script
4. # distributed as part of backbox-default-settings package.
5. # It was modified and forked from the homonimous module of PenMode, developed by the "Pirates' Crew" in order to make it fully compatible with
6. # Parrot  OS and other debian-based systems, and it is part of
7. # parrot-anon package.
8. #
9. #
10. # Devs:
11. # Lorenzo 'EclipseSpark' Faletra <eclipse@frozenbox.org>
12. # Lisetta 'Sheireen' Ferrero <sheireen@frozenbox.org>
13. # Francesco 'mibofra'/'Eli Aran'/'SimpleSmibs' Bonanno mibofra@ircforce.tk mibofra@frozenbox.org
14. #
15. #
16. # anonsurf is free software: you can redistribute it and/or
17. # modify it under the terms of the GNU General Public License as
18. # published by the Free Software Foundation, either version 3 of the
19. # License, or (at your option) any later version.
20. # You can get a copy of the license at www.gnu.org/licenses
21. #
22. # anonsurf is distributed in the hope that it will be
23. # useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
24. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
25. # General Public License for more details.
26. #
27. # You should have received a copy of the GNU General Public License
28. # along with Parrot Security OS. If not, see <http://www.gnu.org/licenses/>.
29.  
30.  
31. export BLUE='\033[1;94m'
32. export GREEN='\033[1;92m'
33. export RED='\033[1;91m'
34. export RESETCOLOR='\033[1;00m'
35.  
36. # Destinations you don't want routed through Tor
37. TOR_EXCLUDE="192.168.0.0/16 172.16.0.0/12 10.0.0.0/8"
38.  
39. # The UID Tor runs as
40. # change it if, starting tor, the command 'ps -e | grep tor' returns a different UID
41. TOR_UID="debian-tor"
42.  
43. # Tor's TransPort
44. TOR_PORT="9040"
45.  
46.  
47. function start {
48.     # Make sure only root can run this script
49.     if [ $(id -u) -ne 0 ]; then
50.         echo -e -e "\n$GREEN[$RED!$GREEN] $RED R U DRUNK?? This script must be run as root$RESETCOLOR\n" >&2
51.         exit 1
52.     fi
53.    
54.     # Check defaults for Tor
55.     grep -q -x 'RUN_DAEMON="yes"' /etc/default/tor
56.     if [ $? -ne 0 ]; then
57.         echo -e "\n$GREEN[$RED!$GREEN]$RED Please add the following to your /etc/default/tor and restart service:$RESETCOLOR\n" >&2
58.         echo -e "$BLUE#----------------------------------------------------------------------#$RESETCOLOR"
59.         echo -e 'RUN_DAEMON="yes"'
60.         echo -e "$BLUE#----------------------------------------------------------------------#$RESETCOLOR\n"
61.         exit 1
62.     fi 
63.    
64.     # Check torrc config file
65.     grep -q -x 'VirtualAddrNetwork 10.192.0.0/10' /etc/tor/torrc
66.     if [ $? -ne 0 ]; then
67.         echo -e "\n$RED[!] Please add the following to your /etc/tor/torrc and restart service:$RESETCOLOR\n" >&2
68.         echo -e "$BLUE#----------------------------------------------------------------------#$RESETCOLOR"
69.         echo -e 'VirtualAddrNetwork 10.192.0.0/10'
70.         echo -e 'AutomapHostsOnResolve 1'
71.         echo -e 'TransPort 9040'
72.         echo -e 'DNSPort 53'
73.         echo -e "$BLUE#----------------------------------------------------------------------#$RESETCOLOR\n"
74.     exit 1
75.     fi
76.     grep -q -x 'AutomapHostsOnResolve 1' /etc/tor/torrc
77.     if [ $? -ne 0 ]; then
78.         echo -e "\n$RED[!] Please add the following to your /etc/tor/torrc and restart service:$RESETCOLOR\n" >&2
79.         echo -e "$BLUE#----------------------------------------------------------------------#$RESETCOLOR"
80.         echo -e 'VirtualAddrNetwork 10.192.0.0/10'
81.         echo -e 'AutomapHostsOnResolve 1'
82.         echo -e 'TransPort 9040'
83.         echo -e 'DNSPort 53'
84.         echo -e "$BLUE#----------------------------------------------------------------------#$RESETCOLOR\n"
85.         exit 1
86.     fi
87.     grep -q -x 'TransPort 9040' /etc/tor/torrc
88.     if [ $? -ne 0 ]; then
89.         echo -e "\n$RED[!] Please add the following to your /etc/tor/torrc and restart service:$RESETCOLOR\n" >&2
90.         echo -e "$BLUE#----------------------------------------------------------------------#$RESETCOLOR"
91.         echo -e 'VirtualAddrNetwork 10.192.0.0/10'
92.         echo -e 'AutomapHostsOnResolve 1'
93.         echo -e 'TransPort 9040'
94.         echo -e 'DNSPort 53'
95.         echo -e "$BLUE#----------------------------------------------------------------------#$RESETCOLOR\n"
96.     exit 1
97.     fi
98.     grep -q -x 'DNSPort 53' /etc/tor/torrc
99.     if [ $? -ne 0 ]; then
100.         echo -e "\n$RED[!] Please add the following to your /etc/tor/torrc and restart service:$RESETCOLOR\n" >&2
101.         echo -e "$BLUE#----------------------------------------------------------------------#$RESETCOLOR"
102.         echo -e 'VirtualAddrNetwork 10.192.0.0/10'
103.         echo -e 'AutomapHostsOnResolve 1'
104.         echo -e 'TransPort 9040'
105.         echo -e 'DNSPort 53'
106.         echo -e "$BLUE#----------------------------------------------------------------------#$RESETCOLOR\n"
107.         exit 1
108.     fi
109.    
110.     echo -e "\n$GREEN[$BLUE i$GREEN ]$BLUE Starting anonymous mode:$RESETCOLOR\n"
111.    
112.     if [ ! -e /var/run/tor/tor.pid ]; then
113.         echo -e " $RED*$BLUE Tor is not running! $GREEN starting $BLUE for you\n" >&2
114.         echo -e -n " $GREEN*$BLUE Service "
115.         service resolvconf stop 2>/dev/null || echo -e "resolvconf already stopped"
116.         service dnsmasq stop
117.         service nscd stop
118.         service tor start
119.         sleep 6
120.     fi
121.     if ! [ -f /etc/network/iptables.rules ]; then
122.         iptables-save > /etc/network/iptables.rules
123.         echo -e " $GREEN*$BLUE Saved iptables rules"
124.     fi
125.    
126.     iptables -F
127.     iptables -t nat -F
128.    
129.     echo -e 'nameserver 127.0.0.1\nnameserver 199.175.54.136' > /etc/resolv.conf
130.     echo -e " $GREEN*$BLUE Modified resolv.conf to use Tor"
131.  
132.     # set iptables nat
133.     iptables -t nat -A OUTPUT -m owner --uid-owner $TOR_UID -j RETURN
134.     iptables -t nat -A OUTPUT -p udp --dport 53 -j REDIRECT --to-ports 53
135.     iptables -t nat -A OUTPUT -p tcp --dport 53 -j REDIRECT --to-ports 53
136.     iptables -t nat -A OUTPUT -p udp -m owner --uid-owner $TOR_UID -m udp --dport 53 -j REDIRECT --to-ports 53
137.    
138.     #resolve .onion domains mapping 10.192.0.0/10 address space
139.     iptables -t nat -A OUTPUT -p tcp -d 10.192.0.0/10 -j REDIRECT --to-ports 9040
140.    
141.     #exclude local addresses
142.     for NET in $TOR_EXCLUDE 127.0.0.0/9 127.128.0.0/10; do
143.         iptables -t nat -A OUTPUT -d $NET -j RETURN
144.     done
145.    
146.     #redirect all other output through TOR
147.     iptables -t nat -A OUTPUT -p tcp --syn -j REDIRECT --to-ports $TOR_PORT
148.    
149.     #set iptables filter
150.     iptables -A OUTPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
151.    
152.     #exclude local addresses
153.     for NET in $TOR_EXCLUDE 127.0.0.0/8; do
154.         iptables -A OUTPUT -d $NET -j ACCEPT
155.     done
156.    
157.     #allow only tor output
158.     iptables -A OUTPUT -m owner --uid-owner $TOR_UID -j ACCEPT
159.     iptables -A OUTPUT -j REJECT
160.  
161.     echo -e "$GREEN *$BLUE Redirected all traffic throught Tor\n"
162.     echo -e "$GREEN[$BLUE i$GREEN ]$BLUE You are under AnonSurf-TOR tunnel$RESETCOLOR\n"
163.     sleep 4
164. }
165.  
166.  
167.  
168.  
169.  
170. function stop {
171.     # Make sure only root can run our script
172.     if [ $(id -u) -ne 0 ]; then
173.         echo -e "\n$GREEN[$RED!$GREEN] $RED R U DRUNK?? This script must be run as root$RESETCOLOR\n" >&2
174.         exit 1
175.     fi
176.     echo -e "\n$GREEN[$BLUE i$GREEN ]$BLUE Stopping anonymous mode:$RESETCOLOR\n"
177.  
178.     iptables -F
179.     iptables -t nat -F
180.     echo -e " $GREEN*$BLUE Deleted all iptables rules"
181.    
182.     if [ -f /etc/network/iptables.rules ]; then
183.         iptables-restore < /etc/network/iptables.rules
184.         rm /etc/network/iptables.rules
185.         echo -e " $GREEN*$BLUE Restored iptables rules"
186.     fi
187.     echo -e -n " $GREEN*$BLUE Service "
188.     service tor stop
189.     service resolvconf start 2>/dev/null || echo -e "resolvconf already started"
190.     service nscd start
191.     service network-manager restart
192.     service dnsmasq start
193.     sleep 1
194.    
195.     echo -e " $GREEN*$BLUE Stopped anonymous mode\n"
196.     sleep 4
197. }
198.  
199. function change {
200.     service tor reload
201.     sleep 4
202.     echo -e " $GREEN*$BLUE Restarted tor daemon and forced to change nodes\n"
203.     sleep 1
204. }
205.  
206. function status {
207.     service tor status
208. }
209.  
210. case "$1" in
211.     start)
212. start
213. ;;
214.     stop)
215. stop
216. ;;
217.     restart)
218. $0 stop
219. sleep 1
220. $0 start
221.  
222. ;;
223.     change)
224. change
225. ;;
226.     status)
227. status
228. ;;
229.     *)
230. echo -e "
231. Parrot AnonSurf Module (v 0.9)
232.     Usage:
233.     $RED&#9484;&#9472;[$GREEN$USER$YELLOW@$BLUE`hostname`$RED]&#9472;[$GREEN$PWD$RED]
234.     $RED&#9492;&#9472;&#9472;&#9596; \$$GREEN"" anonsurf $RED{$GREEN""start$RED|$GREEN""stop$RED|$GREEN""restart$RED|$GREEN""change$RED""}
235.    
236.     $RED start$BLUE -$GREEN start system-wide anonymous
237.           tunneling under TOR proxy through iptables
238.          
239.     $RED stop$BLUE -$GREEN reset original iptables settings
240.           and return to clear navigation
241.    
242.     $RED restart$BLUE -$GREEN combines \"stop\" and \"start\" options
243.    
244.    
245.     $RED change$BLUE -$GREEN changes identity restarting TOR
246. $RESETCOLOR" >&2
247. exit 1
248. ;;
249. esac
250.  
251. echo -e $RESETCOLOR
252. exit 0