Use Kali Linux Through Tor with Whonix Gateway

By | 2015/09/01



The Whonix Gateway can be used as a tor router for any virtual machine, including Kali Linux! Here is how to setup Whonix and Kali so that Kali Linux is completely routed through Tor.


Requirements

Virtualbox
Kali Linux
Whonix-Gateway Virtualbox image


Step 1:

Install Kali Linux in Virtualbox, and perform updates (sudo apt-get update && sudo apt-get upgrade) then shut down the VM.


Step 2:

Download and import the Whonix Gateway Virtualbox appliance into Virtualbox. Only the gateway is needed.


Step 3:

Start the Whonix Gateway and proceed with the initial setup then perform any OS updates (sudo apt-get update && sudo apt-get upgrade). A reboot is generally required after the initial setup.

Leave the Whonix Gateway VM up and running. This is what will be used to connect to tor!

03-kali_tor


Step 4:

Next, edit the Virtualbox network settings for Kali Linux. Set Adapter 1 to Internal Network, and Whonix.

01-kali_tor


Step 5:

Boot Kali Linux and edit the relevant network settings.

Add the following to the bottom of /etc/network/interfaces

iface eth0 inet static
       address 10.152.152.11
       netmask 255.255.192.0
       gateway 10.152.152.10

Replace the entire contents of /etc/resolv.conf with the following:

nameserver 10.152.152.10

Bounce the interface inside Kali:

sudo ifdown eth0

sudo ifup eth0

Done.


Verify that Kali is using tor via the Whonix gateway by visiting a page inside Kali such as:

https://check.torproject.org or https://icanhazip.com.

02-kali_tor

33 thoughts on “Use Kali Linux Through Tor with Whonix Gateway

  1. Carlo

    I was looking for a guide like thank, thank you!
    I’m new to Kali, and realized that after I installed it in virtualbox, there is no “mortal” user account, just the root account. Do I have to set up a “mortal” user-account in Kali first and follow the instructions of this guide while I’m logged in as a “mortal” user? Or as root?

    Reply
  2. Carlo

    For now, I followed the instructions while being logged in as root. Please let me know if that was wrong.
    This guide works like a charm, took me less than 5 mins to get Kali connect to Tor through the Whonix gateway!
    Just one question: when executing the command

    if down ethic

    Kali tells me:

    ifdown: interface eth0 not configured

    Is that a problem or reason to be concerned? Do I have to configure interface eth0?

    Reply
    1. Scott Miller Post author

      Yep for Kali, you have to login as root/toor.

      You can ignore that eth0 error – one can also get that if the nic is just not up. Just turn up the nic:

      ifup eth0
      Reply
  3. dan

    Hi, I am wondering if using this gateway procedure eliminates the use of the usb wifi dongle?? I have an ALFA wireless dongle that i would like to use with KALI but i think i am setting up the gateway wrong? or it is not possible?

    Sorry for the noob question, it just appears that with using the gateway it would make my internet connection a wired connection so nmap and tools like that would be useless. Am i wrong? please help!

    thanks

    Reply
  4. sam ames

    I tried to follow this guide on an OSX (el captain) host and the Kali box can’t access the network at all. Quite frustrating. I’ve repeated the process about four times now in an attempt to be sure I didn’t make a stupid error. I haven’t…

    Reply
    1. Scott Miller Post author

      It is possible the private networking of VirtualBox on OS X is different. This guide was done on Linux.

      Reply
      1. sam ames

        How did you find the addresses needed for the tutorial?

        Reply
        1. Scott Miller Post author

          That is the private network setup by the Whonix Gateway. (Make sure you are using the Gateway (not workstation) for the guide on this page).

          To test, one can spin up the Whonix Workstation and check out the ip info inside for an example perhaps:

          https://www.whonix.org/wiki/VirtualBox#Download_Whonix

          Reply
          1. sam ames

            Thanks very much Scott 🙂 … This tutorial is excellent, by the way, I’m sure it will help many other people, as it’s helped me. I’ve got things working on my OSX system, but have learned a bit about how whonix works by installing the full system, so haven’t wasted much time.

            My error was ridiculous; I closed my terminal after issuing “$ sudo ifdown eth0” and wondered why my connection wasn’t working… Doh.

            May I ask what your thoughts are on OSX? Is it safe to use for work that you want to stay hidden, or is installing Kali and whonix workstation all compromised by the OSX “backdoor”? (http://www.theregister.co.uk/2015/04/21/apple_os_x_yosemite_rootpipe_backdoor/)

  5. Seb

    Is it just me or is this method a little overkill?

    Reply
    1. HacKan

      Just don’t use it…

      This is an awesome method!

      Reply
      1. chupalacapif

        /me just found a random hackan on the wild.

        hack the planet!!! \o/ o7

        Reply
    1. Scott Miller Post author

      Thanks this is awesome! Very nice work,

      Reply
  6. james connor

    is this IP 10.152.152.11 is man in a middle for us? how can you find that ip address? how we can trust? is have any proof?

    Reply
    1. jason

      TOR was made by the US Navy.

      The interet NAP was designed at Bell Labs and DARPA.

      Reply
  7. james connor

    my linux have 2 nameserver in /etc/resolv.conf. like this :

    generated by networkmanager:
    nameserver 203.162.0.181
    nameserver 8.8.8.8

    can you help me this step? Is i need delete my nameserver or add “nameserver 10.152.152.10” to this file?

    Reply
  8. thomi

    Thank you very much!! it was a long time i’m searching this.
    thank you again from swiss!!

    Reply
  9. Matheusvigo

    I did the whole procedure, but when I restart the network disconnects and /etc/resolv.conf says this with the broken link and the original file that is in /var/run/networkmanager/resolv.conf disappears

    Reply
  10. banano

    you can skip the file editor and insert

    address 10.152.152.11
    netmask 255.255.192.0
    gateway 10.152.152.10
    nameserver 10.152.152.10

    in the first part when are required by the kali graphical installation, less fuss and perfectly working,
    even when rebooting (no need for ifup eth0) —- WHONIX gateway must be already up and running—–

    Reply
  11. Babak

    You need to set the socks as 10.152.152.10 port 9122 as well otherwise won’t work

    Reply
      1. ellao

        works now, probably there was an error on my side. great tutorial, thanks.

        Reply
  12. ellao

    resolv.conf keeps resetting after restart, what should i do to prevent this?

    Reply
  13. john nash

    Hi , what about kali as host and whonix as virtual ? how can we but all traffic to whonix firewall ?

    Reply
  14. justme

    I’m not sure wether this solution is all you need to send *all* your network traffic through tor. If you have a look at the different config file in /etc on the Whonix-Workstation VM ( grep -r “10.152.152.1” /etc/* ) several places come up. Morover in the Whonix-Workstation there is an extra firewall designed to strenghten the system (have a look at /etc/network/if-pre-up.d/30_whonix_firewall).
    My problem is that I need a 64-bit system to be able to run a certain program and Whonix is only 32-bit. So I’m trying to connect a 64-bit Debian to Whonix-Gateway, but I want to be sure that every bit sent/received goes through tor.
    If you are unsure and you need strong anonymity my advice is to use the Whonix-Workstation VM.

    Reply
  15. PlayJosh

    How can I do this with kali with dual boot ?

    Reply
  16. Adore privacy

    Great tip. But is there a way I can use tor browser on that kali linux ? When I tried tor browser wasn’t able to connect to internet. May be because already there is tor circuit? Nested tor circuit won’t work ?

    Reply
  17. me

    is everything working great!

    When I use Tor from my Windowns I can acess to “.onion” sites.

    I understand that with Kali_Whonix Iḿ more secure! But I can acess to “.onion” sites?
    What I should to do?

    Thanks!

    Reply
  18. Neil

    I don’t see the point in this since you can use tools like nmap through the gateway – they don’t work.

    Reply
  19. gandalf

    .onion sites will not work using normal browser on kali. Need to use tor browser

    Reply
  20. Somnambulistic

    Excellent walkthrough. Please amend the steps on how to configure the kali interfaces or explain how you got the address – some may be confused
    The following commands can give you an overview of the necessary details
    Whonix Gateway >Terminal> sudo ifconfig
    Whonix Gateway>Terminal> sudo ip route
    Whonix Gateway>Terminal> sudo ip addr
    Whonix Gatweay>Terminal> sudo route -n

    This gives the results for eth0, eth1, lo, wlan0, wlan1, tun0, etc
    The results from eth1 are the ones needed for configuring kali.

    Configuring Firefox to surf .onion sites
    New Tab > about:config

    network.dns.blockDotOnion; default; boolean;true

    Set this value to ‘false’ to enable deep web surfing

    Install Add ons:
    No Script
    Privacy Badger
    U-Block Origin
    and a user-agent switcher – if you can get one that switches at random intervals, even better.
    Get into the habit of changing your tor circuit frequently
    Kali-Anonsurf through Whonix might throw a wrench or two into the works, but if you can set it up properly, you will not be tracked or discovered through your browser.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Notify me of followup comments via e-mail. You can also subscribe without commenting.