Create hidden service in TOR like Silk Road or DarkNet
Silk Road
? It’s really not some mystical location on the dark
side of the Internet, or darknet
.
While it does sound a bit fantastic, a hidden service in TOR is just a
server that is connected to TOR network and is only accessible by a
uniquely generated domain name (.onion
). The idea is that there aren’t supposed to be any IP’s associated with the server once it’s set up on TOR – making it untraceable
.
Of course there are ways of exploiting a vulnerability that will reveal
that address, but I won’t go into that. Essentially a hidden service is
just a web service on TOR. In this post, I will show how to create
hidden service in TOR like Silk Road or DarkNet.However, one might think why its necessary to create hidden service in TOR like Silk Road? After all, Silk Road was an illegal service that was taken down. But in many cases It might be necessary not because you want to create something illegal like Silk Road, but it’s necessary for the people in oppressed states where you don’t have a right to express yourself and you still want information passed onto the outside world. Use it well and for legit purposes.
1. Update and upgrade you system
apt-get update apt-get upgrade
2. Install a Web Server
If you’re using Kali Linux, you already have Apache Web Server installed and configured for you. Else install Apache.apt-get install apache2
3. Install TOR
Now it’s time to install TOR. You can install viaapt-get
as it’s available in any repository. You don’t need to download the binary or source code.apt-get install tor
4. Edit TOR Configuration file
After you’ve install TOR, you need to open the configuration file and edit it. It’s usually in/etc/tor/
folder. Use your favorite editor.vi /etc/tor/torrcYou should change the port numbers in the configuration file. Verify the IP you web server is listening on (change it if you want). I use
6666
.
What happens in the configuration file is that the TOR service will
listen on a certain port and address (accessible only via TOR) and then
redirect that traffic to your Web Server.In the configuration file navigate to the first instance of this:
HiddenServiceDir /Library/Tor/var/lib/tor/hidden_service/ HiddenServicePort 80 127.0.0.1:8080The
HiddenServiceDir
field is a directory location (non-arbitrary) in which you specify where you want TOR to create your key and.onion
address (hostname). It will generate two files in the directory to which you point it, one for each artifact (see step 6).The
HiddenServicePort
field is where you specify which ports you want TOR to listen on and to redirect to.So in my case, I have TOR listening on port
7777
which then redirects to my Apache Web Server on 6666
(which is what I configured Apache to listen on). So when I navigate to my .onion
address on port 7777
, I will be sent to the home directory of my Apache server (/var/www
).
Remember that whatever web server you are running, your traffic will be
directed to the HOME directory of that server, wherever that may be.
Make sense?In my case, my
torrc
file contains these two fields:HiddenServiceDir /var/lib/tor/hidden_service HiddenServicePort 6666 127.0.0.1:7777
127.0.0.1:7777
is what TOR is listening on, and 6666
is where it is redirecting (and where Apache is listening). It doesn’t
matter if Apache is listening on a port that is public or private (localhost
).
If you have Apache listening on a port on your public interface, then
you should block it at the firewall so as to not leave the Web Server
open to the world.Again, by default the TOR service will point to your Web Server’s default directory. So in my case when I navigate to my hidden service I get dropped into
/var/www
. You might be able to change this.
You can also have more than one hidden service running at once. Just
repeat this configuration for each instance and create different
directories on your Web Server.So to bring this configuration into perspective, let me summarize. You have a TOR service listening on a certain port on a uniquely generated
.onion
URL that redirects traffic to whatever
port you Web Server is listening on. Keep in mind that you are still
connected to the internet on your normal IP and your Web Server can get
pwned if you make whatever port it’s listening in on available to the
outside! You should only open up the port that TOR is listening on in
your firewall configuration.Your service will only be accessible via the
.onion
address so you don’t have to worry about people stumbling upon it by accident (unless they guess or steal your .onion
address – which should be difficult).5. Start required services
Start the TOR service and Web Server:tor service apache2 start
6. Sit back and enjoy
When you start the tor service for the first time it will generate your key and hostname in the directory you specified in the configuration file. Navigate there and copy your address. This is the URL for your.onion
address.Conclusion
There are some anonymity issues you should keep in mind too:- As mentioned above, be careful of letting your web server reveal identifying information about you, your computer, or your location. For example, readers can probably determine whether it’s thttpd or Apache, and learn something about your operating system.
- If your computer isn’t online all the time, your hidden service won’t be either. This leaks information to an observant adversary.
- It is generally a better idea to host hidden services on a Tor client rather than a Tor relay, since relay uptime and other properties are publicly visible.
- The longer a hidden is online, the higher the risk that its location is discovered. The most prominent attacks are building a profile of the hidden service’s availability and matching induced traffic patterns.