Have you ever noticed that the running one simple cURL command can turn a private click into a series of public breadcrumbs like being visible to ISPs, DNS resolvers and anyone snooping the network. One way of making cURL command secure is by using TOR network.
Before we improve the cURL command, lets see a basic cURL command and see how it works.
Working of cURL
curl https://example.com
The above curl command is a simple GET request to the URL example.com. The command then retrieves HTML information about the page. Lets deep dive into this whole process, we will keep it simple and straight to the point.
1) cURL parses your commands and flags and determines which protocol to use based on it like HTTPS,FTP,HTTP etc.
2) The system resolver then looks up the hostname in your local DNS server to get the IP address. This is the part where DNS leakage can take place as the ISP can easily observe your DNS queries.
3) cURL then opens a TCP socket on the target IP address and does the usual TCP 3 way handshake(SYN,SYN-ACK,ACK).
4) If the URL uses HTTPS, a TLS handshake follows. The client and server negotiate ciphers, validate the server certificate (SNI may be sent in plaintext), and derive encryption keys. If certificate validation fails, curl reports an error.
5) cURL then constructs the actual HTTP request, add headers like User-Agent, Host etc. and sends it over the TCP/TLS channel.
6) Server then responds to the request and adds its own headers with its own status code.
So that was a quick rundown of how cURL works, however there are quite a few problems that can happen when the above process takes place like
1) DNS Leaking
2) Snooping of information by the ISP
3) Man in the middle (MITM) attacks
4) Unencrypted traffic exposure when using HTTP instead of using HTTPS
Lets see how we can improve and mitigate these problems while using TOR network, we will go over the whole implementation of TOR network over the curl command in C.
TOR implementation of cURL in C aka TorConnect
So in order implement a simple cURL command in C, we need to use libcurl. It's a simple client side library that basically powers the main component of the cURL command. libcurl and its documentation (https://curl.se/libcurl/) will basically help us to set up the whole TOR network.
for the next step we will set up a local TOR proxy using SOCKS5 instead of using DNS in the normal version of cURL. We will set up this local TOR proxy at our localhost (127.0.0.1:9050). This basically prevents DNS leaks and avoids MITM attacks. In order to set this up we will use the following commands.
curl_easy_setopt(curl,CURLOPT_PROXY,"127.0.0.1:9050"); // sets up local TOR proxy
curl_easy_setopt(curl,CURLOPT_PROXYTYPE,CURLPROXY_SOCKS5_HOSTNAME); // prevents DNS leaking
Make sure that you have TOR installed in your system.
sudo apt update
sudo apt install tor
Now that we have TOR network set up we can just use this command to send request to the webpage, this request will travel securely through the TOR network tunnel.
curl_easy_setopt(curl,CURLOPT_URL,"https://example.com");
Security note: Tor anonymizes routing but does not provide end-to-end encryption outside the Tor network. So we should always use HTTPS and keep TLS verification enabled (CURLOPT_SSL_VERIFYPEER / CURLOPT_SSL_VERIFYHOST) to prevent MITM at the exit node.
Those are the main steps involved in anonymizing your cURL. If you’re interested in viewing the complete source code, check out my GitHub repository: TorConnect
Conclusion
TorConnect is a small step toward making network requests safer and more private by routing traffic through the Tor network, preventing DNS leaks, and hiding your real IP. Of course, it’s not perfect. Using Tor can slow down your connection, and some websites may block Tor exit nodes altogether. Still, TorConnect shows that privacy and usability can coexist if built carefully. It’s a reminder that staying anonymous online isn’t just about using the right tools, but also about using them wisely.
Top comments (0)