What do you need to follow along?
A laptop with working internet would do, and a cup of coffee. Maybe a little understanding of a basic static website server.
If you are new to Dark Web or TOR or proxies, please consider reading this article before heading ahead.
The Onion Routing(TOR) Protocol enables us to be a part of the network that keeps your browsing private and any interaction on the network requires only partial knowledge of the full path traced by the packet. In other words, no one out there knows everything about a packet's source or destination or even the route that the packet took.
Relays, the nodes that make up the TOR network, are needed in order to hide the full path of a packet. It is done by encapsulating the packet in layers and layers of encryption and sharing keys with each router for a specific layer only, every relay peels off a single layer as it moves through the network, hence the Onion Routing.
For in depth detail on the working of TOR please read my article Anonymity Online...Proxies, VPN and TOR...
Anyone can volunteer to become a relay in the network, you just need to install the correct software(hint:
tor ). So, in order to be able to use the dark net we need
tor installed in our system.
Install TOR in your Linux based operating system
$ sudo apt install tor
make sure that it is running,
$ sudo systemctl status tor
● tor.service - Anonymizing overlay network for TCP (multi-instance-master) Loaded: loaded (/lib/systemd/system/tor.service; enabled; vendor preset: enabled) Active: active (exited) since Thu 2022-07-28 22:39:12 IST; 24h ago Process: 1284 ExecStart=/bin/true (code=exited, status=0/SUCCESS) Main PID: 1284 (code=exited, status=0/SUCCESS) CPU: 776us Jul 28 22:39:12 local systemd: Starting Anonymizing overlay network for TCP (multi-instance-master)... Jul 28 22:39:12 local systemd: Finished Anonymizing overlay network for TCP (multi-instance-master).
Checking if the port is on for TOR and in listening,
$ss -lntp | grep 9050 LISTEN 0 4096 127.0.0.1:9050 0.0.0.0:*
Now, tor is like a SOCKS5 proxy server, it would have taken up the port 9050 by default and we can use it by setting it(localhost:9050) as the proxy server in our browsers.
Internal workings of Onion Services
The links that work on the TOR network are something like,
Notice the use of the
.onion suffix. The prefix is known as a Public Key. It is needed to prove to anyone looking that you are who you are claiming to be. We will delve into how its done but first let us understand the setup.
The client does not want to disclose its location and the server wants to stay anonymous as well. The server has already installed the
tor package and running it.
tor has generated you a Public-Private key pair for signing data.
The Public key is going to be the URL prefix later on!
The architecture is like this,
tor running at the server sets up 3 introductory node which are 2 relays away from you and you keep this connection open throughout the time you are hosting that Onion Service. These relays are already a part of the TOR network.
Once these introductory nodes are set, you package this information about the nodes into a structure and encrypt it with the server's private key. This ensures safety because it proves that the website creator really wants you to use these introductory nodes otherwise the structure would not decrypt successfully using that public key in the URL.
The client then separately builds another circuit to a new random relay, call it a Rendezvous point. This node is only going to be used for a single transaction. The identity of the rendezvous point is shared with the introductory nodes which proxies the data to the real server and the client now awaits signal from the rendezvous point that the server has connected.
The server then opens the packet it received, and finds information about the rendezvous point and separately establishes a circuit connection with the node. It also finds, in the same packet, a cookie that is going to be used to by the server proving it is indeed the connection the client is waiting for at the rendezvous point.
Now, the client is informed about the server and they can finally begin the key exchange in order to start passing real data encrypted through the rendezvous point.
Off course, we do not have to worry about any of this as it is all handled by the
tor application for us. We just have to configure it to use it.
Setting up the server
Note: I am working on a Linux machine. Get one, or spin-up a virtual one. Preferably a Debian please.
tor services are installed, we can go and configure the file @
/etc/tor/torcc to enable Onion Services.
There is a section in the file which looks like this,
############### This section is just for location-hidden services ### ## Once you have configured a hidden service, you can look at the ## contents of the file ".../hidden_service/hostname" for the address ## to tell people. ## ## HiddenServicePort x y:z says to redirect requests on port x to the ## address y:z. #HiddenServiceDir /var/lib/tor/hidden_service/ #HiddenServicePort 80 127.0.0.1:80 #HiddenServiceDir /var/lib/tor/other_hidden_service/ #HiddenServicePort 80 127.0.0.1:80 #HiddenServicePort 22 127.0.0.1:22
Let us uncomment(remove #) the lines,
HiddenServiceDir /var/lib/tor/hidden_service/ HiddenServicePort 80 127.0.0.1:80
$ sudo systemctl restart tor
Visit the directory
/var/lib/tor/hidden_service/ and read
hostname to get your Onion URL!
$ cat /var/lib/tor/hidden_service/hostname
ouput will be something like,
which is the URL that you are going to share with your customers.
Now, we have successfully create a TOR Onion Service, but this service does not do anything other than redirecting the TOR traffic to localhost port 80,
HiddenServicePort 80 127.0.0.1:80
So, you still need a normal web server running on port 80 to be able to handle that request. In my opinion, one should use something like
nginx to receive that traffic and then do whatever you want with the packets.
Setting up a simple server: View Post
Once that is set, you are serving your website on the Dark Web!!
We saw how secured TOR network really is by diving into the deep working of Onion Services. The we installed and initialized our own copy of Onion Service on a Linux Machine.
In later articles, we shall see how to use TOR network to
ssh into your home PC from afar without having to get a VPN or a public static global IP address.