Creating a hardware torbox using a RaspberryPi Zero

I liked the concept the grugq had with PORTALofPi and I guess you could use that for this, however the most useful steps in this guide are about how to go about connecting and routing traffic through it.

all the instructions below assume you’re on a Linux distro, if you’re on Mac, that sucks for you, I’m sorry

Steps

you’ll need a Raspberry-Pi Zero a really nice thing about this is you can power it and connect to it’s ethernet just by plugging it into your laptop, no extra cables or power suppply needed!

Setting up the pi

  1. Burn the raspbian-lite image onto a microSD card
  2. Edit the file boot/config.txt adding this line to the end of the file: 
    dtoverlay=dwc2
  3. In the file boot/cmdline.txt add the following after the rootwait command: 
    modules-load=dwc2,g_ether
  4. Raspbian recently changed ssh to not be enabled by default so touch boot/ssh to enable this
  5. Add the SD card to the pi, plug in the cable to the usb port, not the power port, and connect to your machine

Connecting from the host

  1. On your host, create a wired network connection, disable ipv6, and set ipv4 to be link-local only
  2. Once the pi has booted your should be able to run an arp -a to see it’s ip address, if you don’t see it for whatever reason, try the next step just in case
  3. Test the connection with ssh -o PreferredAuthentications=password -o PubkeyAuthentication=no [email protected] password is raspberry (all the options are just to stop your keychain throwing a load of keys at it)
  4. Once you’re on the box, setup the wifi using sudo raspi-config, enjoying the ncurses-looking menu (whiptail)
  5. Install tor sudo apt update && sudo apt install tor, note on next boot this service will autorun a SOCKS5 on localhost:9050
  6. Exit that connection, and now setup a background port mapping, via: 
    ssh -fqCN -L 5000:localhost:9050 -o PreferredAuthentications=password -o PubkeyAuthentication=no [email protected]
  7. Configure your system’s network proxy (or browser local proxy) SOCKS5 to go through localhost:5000
  8. Be sure to turn off the wifi connection on your host machine for extra assurance that all traffic is going through the tor-pi

Go to a site like ip.team-cymru.org (sad that the TLS cert expired there..), you’ll notice firstly that it says Type: Darknet but also that you’re somewhere random in the world, each time you refresh you’ll travel somewhere else, see if you can hit all 7 continents :)

References