{"id":694,"date":"2021-01-01T17:30:04","date_gmt":"2021-01-01T17:30:04","guid":{"rendered":"https:\/\/dft.wiki\/?p=694"},"modified":"2022-03-13T17:03:35","modified_gmt":"2022-03-13T17:03:35","slug":"setting-up-a-hidden-service-http-in-the-darkweb-tor","status":"publish","type":"post","link":"https:\/\/dft.wiki\/?p=694","title":{"rendered":"Setting Up a Hidden Service (HTTP) in the DarkWeb (Tor)"},"content":{"rendered":"<p>Tor is a secure network created by the US gov in 1990 [<a href=\"https:\/\/en.wikipedia.org\/wiki\/Tor_(anonymity_network)\">Read More<\/a>].<\/p>\n<p>Tor Project [<a href=\"https:\/\/www.torproject.org\/\">Link<\/a>] continues the research and development of the &#8220;Onion&#8221; network and browser.<\/p>\n<p>Assuming you know what it is and how it works (at least used it before), let&#8217;s set up the HTTP hidden service in the Tor network.<\/p>\n<p>Of course, we will use Linux (Ubuntu 20.04) for the server. It can also be done in Raspberry Pi (I will try and share later).<\/p>\n<p>There are 3 main things for this process:<\/p>\n<ul>\n<li>You need a webserver\n<ul>\n<li>We will set up a simple web server using Phyton3, but I recommend using Apache2 or NGINX for more reliable service.<\/li>\n<li>Note that the web service will be only accessible from localhost (127.0.0.1) because the Tor service is running in localhost too and the service will be hidden from outside the Tor network.<\/li>\n<\/ul>\n<\/li>\n<li>You will need to install Tor Network on your server\n<ul>\n<li>Note the difference between, Tor Browser is a client that navigates inside the Tor Network.<\/li>\n<li>We will receive one unique .onion address to the service.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>Said that, let&#8217;s set it up:<\/p>\n<pre>sudo mkdir \/var\/www\/tor_service\r\ncd \/var\/www\/tor_service\r\npython3 -m http.server --bind <strong>127.0.0.1<\/strong> <strong>8080<\/strong><\/pre>\n<p>The last command creates the HTTP server only accessible by <strong>127.0.0.1<\/strong> at port <strong>8080<\/strong> in the <strong>current directory<\/strong>. Feel free to make changes. This command will lock your terminal while the server is running, so leave this terminal running and open another terminal to continue.<\/p>\n<pre>sudo nano \/var\/www\/tor_service\/index.html<\/pre>\n<p>Add any HTML content, for example:<\/p>\n<pre>&lt;html&gt;&lt;body&gt;Hello World!&lt;\/body&gt;&lt;html&gt;<\/pre>\n<p>Then test your webserver:<\/p>\n<pre>curl http:\/\/127.0.0.1:8080<\/pre>\n<p>You should be able to see the plain text of the HTML code.<\/p>\n<p>Now install the Tor Network:<\/p>\n<pre>sudo apt install tor -y\r\nsudo nano \/etc\/tor\/<strong>torrc<\/strong><\/pre>\n<p>If &#8216;<strong>torrc<\/strong>&#8216; is not there, try to search for it issuing &#8216;<strong>whereis tor<\/strong>&#8216;.<\/p>\n<p>Look for the lines below, uncomment and adjust them to look like shown or match to any modification you did in your HTTP server.<\/p>\n<pre>HiddenServiceDir \/var\/lib\/tor\/hidden_service\/\r\nHiddenServicePort 80 127.0.0.1:8080<\/pre>\n<p>Start Tor service and verify the given address to your server:<\/p>\n<pre>sudo tor<\/pre>\n<p>If you don&#8217;t get any error message means your service is running fine. This second terminal will also stay locked while this service is running, so open a third terminal and check the generated address to your server:<\/p>\n<pre>sudo cat \/var\/lib\/tor\/hidden_service\/hostname<\/pre>\n<p>You should see something like:<br \/>\n<strong>4l67wy7uuntt6i4tlmdznqjyqq7rwxrtwddcatkvfc6ivclfxtbndeyd.onion<\/strong><\/p>\n<p>This is your address in the Tor network. Understand it as a &#8220;domain&#8221;.<\/p>\n<p>Note, for this exercise you used 3 terminals.<\/p>\n<ul>\n<li>First to run the HTTP server;<\/li>\n<li>Second to run the Tor;<\/li>\n<li>Third to see the hostname (.onion address).<\/li>\n<\/ul>\n<p>The first and second terminals must still be running in order to keep the hidden service active. It works very well for testing or simulations, but not for a production environment.<\/p>\n<p>An alternative is to run the HTTP server as a service with Apache2 or NGINX.<\/p>\n<p>And configure Tor to run as a Daemon uncomment the following line in the configuration <strong>\/etc\/tor\/torrc<\/strong>:<\/p>\n<pre><strong>RunAsDaemon 1<\/strong><\/pre>\n<p>Also change the following line in the file <strong>\/lib\/systemd\/system\/tor.service<\/strong>:<\/p>\n<pre>ExecStart=<strong>\/usr\/sbin\/tor -f \/etc\/tor\/torrc<\/strong><\/pre>\n<p>Reboot your system and test everything.<\/p>\n<p>To have many services running on different ports and using different .onion addresses follow the syntax:<\/p>\n<pre>HiddenServiceDir \/var\/lib\/tor\/hidden_service\/\r\nHiddenServicePort 80 127.0.0.1:80\r\nHiddenServicePort 22 127.0.0.1:22\r\n\r\nHiddenServiceDir \/var\/lib\/tor\/other_hidden_service\/\r\nHiddenServicePort 80 127.0.0.1:8080<\/pre>\n<hr \/>\n<p>Feel free to visit the project <a href=\"https:\/\/dft.wiki\/\">RPi Zero Tor Hidden Service<\/a>.<\/p>\n<hr \/>\n<p>Tip: define the geolocation of the entry and exit nodes.<\/p>\n<pre>sudo apt install tor-geoipdb -y\r\nsudo nano ~\/.local\/share\/torbrowser\/tbb\/x86_64\/tor-browser_en-US\/Browser\/TorBrowser\/Data\/Tor\/torrc<\/pre>\n<p>Append:<\/p>\n<pre>EntryNodes {us} StrictNodes 0\r\nExitNodes {de},{ca} StrictNodes 1<\/pre>\n<p>Country code&#8217;s shortlist:<\/p>\n<pre>AUSTRALIA {au}\r\nBELGIUM {be}\r\nBRAZIL {br}\r\nCANADA {ca}\r\nFRANCE {fr}\r\nGERMANY {de}\r\nHONG KONG {hk}\r\nINDIA {in}\r\nRUSSIAN FEDERATION {ru}\r\nSWEDEN {se}\r\nSWITZERLAND {ch}\r\nUNITED KINGDOM {uk}\r\nUNITED STATES {us}<\/pre>\n<p>See the full list at [<a href=\"https:\/\/sccmrookie.blogspot.com\/2016\/03\/tor-country-codes-list.html\">Link<\/a>].<\/p>\n<hr \/>\n<p><strong>BONUS<\/strong><\/p>\n<p>Configure your web-server on the clear internet to inform the visitors that is also offers an S address:<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-2841\" src=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2021\/01\/Screenshot_2022-03-13_12-49-11.png\" alt=\"\" width=\"403\" height=\"116\" srcset=\"https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2021\/01\/Screenshot_2022-03-13_12-49-11.png 403w, https:\/\/dft.wiki\/wp-content\/uploads\/sites\/15\/2021\/01\/Screenshot_2022-03-13_12-49-11-300x86.png 300w\" sizes=\"auto, (max-width: 403px) 100vw, 403px\" \/><\/p>\n<p>NGINX configuration:<\/p>\n<pre>server {\r\n    listen 443 ssl http2;\r\n    listen [::]:443 ssl http2;\r\n\r\n    server_name example.com;\r\n\r\n    ssl_certificate \/etc\/ssl\/fullchain.pem; \r\n    ssl_certificate_key \/etc\/ssl\/privkey.pem;\r\n\r\n    <strong>add_header Onion-Location http:\/\/<span style=\"color: #ff0000;\">&lt;your-onion-address&gt;<\/span>.onion$request_uri;<\/strong>\r\n\r\n    index index.html;\r\n    root \/var\/www\/html;\r\n\r\n    location \/ {\r\n        try_files $uri $uri\/ =404;\r\n    }\r\n}<\/pre>\n<p><strong>Note:<\/strong> only copy and past the line in bold into your configuration. The other parts of the example are just to contextualize where the additional line have to be placed. Don&#8217;t forget to restart the web-server and check if it worked with a Tor browser.<\/p>\n<pre>sudo nginx -t\r\nsudo nginx -s reload<\/pre>\n<p>APACHE configuration:<\/p>\n<pre>&lt;VirtualHost *:443&gt;\r\nServerName example.com\r\nDocumentRoot \/var\/www\/html\r\n\r\n<strong>Header set Onion-Location \"http:\/\/<span style=\"color: #ff0000;\">&lt;your-onion-address&gt;<\/span>.onion%{REQUEST_URI}s\"<\/strong>\r\n\r\nSSLEngine on\r\nSSLCertificateFile \"\/etc\/ssl\/example.com.cert\"\r\nSSLCertificateKeyFile \"\/etc\/ssl\/example.com.key\"\r\n&lt;\/VirtualHost&gt;<\/pre>\n<p>Test you configuration and reload the web-server:<\/p>\n<pre>sudo apachectl configtest\r\nsudo systemctl reload apache2<\/pre>\n<hr \/>\n<p>See also how to Set Up a Tor Node [<a href=\"https:\/\/dft.wiki\/?p=2354\">Link<\/a>].<\/p>\n<p>See also how to create a Tor Snowflake [<a href=\"https:\/\/dft.wiki\/?p=2346\">Link<\/a>].<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Tor is a secure network created by the US gov in 1990 [Read More]. Tor [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[7],"tags":[],"class_list":["post-694","post","type-post","status-publish","format-standard","hentry","category-web"],"_links":{"self":[{"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/posts\/694","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dft.wiki\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=694"}],"version-history":[{"count":12,"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/posts\/694\/revisions"}],"predecessor-version":[{"id":2842,"href":"https:\/\/dft.wiki\/index.php?rest_route=\/wp\/v2\/posts\/694\/revisions\/2842"}],"wp:attachment":[{"href":"https:\/\/dft.wiki\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=694"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dft.wiki\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=694"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dft.wiki\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=694"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}