How many of yous receive got heard of a hidden service inwards TOR similar the Silk Road? It’s actually non to a greater extent than or less mystical place on the dark side of the Internet, or darknet. While it does audio a chip fantastic, a hidden service inwards TOR is simply a server that is connected to TOR network in addition to is solely accessible past times a uniquely generated domain holler (.onion). The catch is that at that spot aren’t supposed to hold out whatever IP’s associated amongst the server i time it’s laid on TOR – making it untraceable. Of course of instruction at that spot are ways of exploiting a vulnerability that volition break that address, but I won’t motion into that. Essentially a hidden service is simply a spider web service on TOR. In this post, I volition present how to gain hidden service inwards TOR similar Silk Road or DarkNet.
However, i mightiness retrieve why its necessary to gain hidden service inwards TOR similar Silk Road? After all, Silk Road was an illegal service that was taken down. But inwards many cases It mightiness hold out necessary non because yous desire to gain something illegal similar Silk Road, but it’s necessary for the people inwards oppressed states where yous don’t receive got a correct to limited yourself in addition to yous withal desire data passed onto the exterior world. Use it good in addition to for legit purposes.
If yous receive got never used TOR, here’s the guide on how to setup TOR inwards Linux. This guide specifically item steps required to gain hidden service inwards TOR which tin hold out used on a Kali/Debian/Ubuntu distro etc.
1. Update in addition to upgrade yous system
apt-get update
apt-get upgrade
2. Install a Web Server
If you’re using Kali Linux, yous already receive got Apache Web Server installed in addition to configured for you. Else install Apache.
apt-get install apache2
3. Install TOR
Now it’s fourth dimension to install TOR. You tin install via apt-get every bit it’s available inwards whatever repository. You don’t require to download the binary or origin code.
apt-get install tor
4. Edit TOR Configuration file
After you’ve install TOR, yous require to opened upward the configuration file in addition to edit it. It’s unremarkably inwards /etc/tor/ folder. Use your favorite editor.
vi /etc/tor/torrc
You should modify the port numbers inwards the configuration file. Verify the IP yous spider web server is listening on (change it if yous want). I utilization 6666. What happens inwards the configuration file is that the TOR service volition hear on a for certain port in addition to address (accessible solely via TOR) in addition to and then redirect that traffic to your Web Server.
In the configuration file navigate to the kickoff instance of this:
HiddenServiceDir /Library/Tor/var/lib/tor/hidden_service/
HiddenServicePort lxxx 127.0.0.1:8080
The HiddenServiceDir plain is a directory place (non-arbitrary) inwards which yous specify where yous desire TOR to gain your fundamental in addition to .onion address (hostname). It volition generate 2 files inwards the directory to which yous holler for it, i for each artifact (see pace 6).
The HiddenServicePort plain is where yous specify which ports yous desire TOR to hear on in addition to to redirect to.
So inwards my case, I receive got TOR listening on port 7777 which in addition to then redirects to my Apache Web Server on 6666 (which is what I configured Apache to hear on). So when I navigate to my .onion address on port 7777, I volition hold out sent to the dwelling directory of my Apache server (/var/www). Remember that whatever spider web server yous are running, your traffic volition hold out directed to the HOME directory of that server, wherever that may be. Make sense?
In my case, my torrc file contains these 2 fields:
HiddenServiceDir /var/lib/tor/hidden_service
HiddenServicePort 6666 127.0.0.1:7777
127.0.0.1:7777 is what TOR is listening on, in addition to 6666 is where it is redirecting (and where Apache is listening). It doesn’t affair if Apache is listening on a port that is populace or somebody (localhost). If yous receive got Apache listening on a port on your populace interface, in addition to then yous should block it at the firewall thence every bit to non acquire out the Web Server opened upward to the world.
Again, past times default the TOR service volition holler for to your Web Server’s default directory. So inwards my instance when I navigate to my hidden service I acquire dropped into /var/www. You mightiness hold out able to modify this. You tin also receive got to a greater extent than than i hidden service running at once. Just repeat this configuration for each instance in addition to gain dissimilar directories on your Web Server.
So to convey this configuration into perspective, allow me summarize. You receive got a TOR service listening on a for certain port on a uniquely generated .onion URL that redirects traffic to whatever port yous Web Server is listening on. Keep inwards hear that yous are withal connected to the mesh on your normal IP in addition to your Web Server tin acquire pwned if yous brand whatever port it’s listening inwards on available to the outside! You should solely opened upward up the port that TOR is listening on inwards your firewall configuration.
Your service volition solely hold out accessible via the .onion address thence yous don’t receive got to worry nearly people stumbling upon it past times accident (unless they approximate or pocket your .onion address – which should hold out difficult).
5. Start required services
Start the TOR service in addition to Web Server:
tor
service apache2 start
6. Sit dorsum in addition to enjoy
When yous start the tor service for the kickoff fourth dimension it volition generate your fundamental in addition to hostname inwards the directory yous specified inwards the configuration file. Navigate at that spot in addition to re-create your address. This is the URL for your .onion address.
Conclusion
There are to a greater extent than or less anonymity issues yous should conk on inwards hear too:
- As mentioned above, hold out careful of letting your spider web server break identifying data nearly you, your computer, or your location. For example, readers tin in all probability gain upward one's hear whether it’s thttpd or Apache, in addition to acquire something nearly your operating system.
- If your figurer isn’t online all the time, your hidden service won’t hold out either. This leaks data to an observant adversary.
- It is to a greater extent than oftentimes than non a improve catch to host hidden services on a Tor customer rather than a Tor relay, since relay uptime in addition to other properties are publicly visible.
- The longer a hidden is online, the higher the adventure that its place is discovered. The most prominent attacks are edifice a profile of the hidden service’s availability in addition to matching induced traffic patterns.
And finally, yep don’t acquire in addition to reate hidden service inwards TOR similar Silk Road or DarkNet! Why? Cause Silk Road got taken down, which agency goose egg is untraceable. Though tracing something similar this volition accept months of collaboration betwixt TOR service providers in addition to Exit Gateways, but it tin hold out traced. Nothing inwards untraceable, it simply takes fourth dimension in addition to efforts. Use this guide for educational purposes only.
