Anonymous Web Resource In TOR

ViNand

Пользователь
Регистрация
30.04.12
Сообщения
15.276
Реакции
0
Баллы
22
Why do you need this?
TOR can hide the actual location of the site, which means that they cannot turn it off, and the creator can find and punish / eliminate (subject to certain rules). In addition, the TOR address in the .onion domain zone cannot be stolen / assigned / revoked until you lose the secret key for this domain (more on this later).
Configure the web server
We skip this section and go to the TOR configuration section if the web server is already configured.
Python Single Line
If you have static html files with a website (ideal for security) and not a lot of resources, then you can simply run a one-liner in Python, which will give the user content.
To do this, go to the directory with html files and run the following command:

$ cd /var/www/site1$ python -m SimpleHTTPServer 80
You can run several sites in parallel, changing only the destination directory and port. For example:

$ cd /var/www/site2$ python -m SimpleHTTPServer 81
Nginx
If the site is more complex and has enough resources – you can configure nginx.
We put:

$ sudo apt-get install nginx

It is recommended that the following values be changed in the /etc/nginx/nginx.conf file:

https {
...
# we do not provide a version of the software used
server_tokens off;
# disable logging
#access_log /var/log/nginx/access.log;
#error_log /var/log/nginx/error.log;
error_log /dev/null crit;
...

Next, create a new virtualhost file:

/etc/nginx/sites-available/site1
server {
listen 127.0.0.1:80 default_server;
server_name localhost;
root /var/www/site1;
index index.html index.htm;
location / {
allow 127.0.0.1;
deny all;
}
}

Turn it on:

$ cd /etc/nginx/sites-enabled
$ sudo ln -s ../sites-available/site1 .

Restart nginx and add it to autoload:

$ sudo service nginx restart
$ sudo update-rc.d enable nginx

Create a directory with a future site:
$ sudo mkdir /var/www/site1

We put the necessary files there and change the owner:

$ sudo chown -R www-data:www-data /var/www/site1


TOR setting
Configuring TOR comes down only to installing it and adding 2 lines to the config.

$ sudo apt-get install tor

Open /etc/tor/torrc:

HiddenServiceDir /var/lib/tor/site1 # the directory will create automatically
HiddenServicePort 80 127.0.0.1:80

Restart TOR:
$ sudo /etc/init.d/tor restart
The first line in the config indicates the path to the private key, which is created automatically by TOR at the first start after the configuration is modified and plays the role of the onion domain. Let’s look at the contents of the directory for a better understanding:

$ sudo ls /var/lib/tor/site1
hostname private_key
The hostname file contains the domain address of the private_key key generated on the basis of the hash, which, in turn, was randomly generated at the first start.
pigf5kfufjz63s5z.onion
deleting / modifying the hostname file does not entail any consequences, the next time you restart TOR, it is again created based on the key. This is more of a help file for you.
But the private_key must be kept secret. As long as you are the sole owner of this file – no one will ever steal your domain.
The key has a standard view:

-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQCiwfOmTC3c02kaz/BGftIXLafz4z6sTbufBpM/usaQAFdbW072
xZ0ds2ZEVbQNOjewU9QihrtA25v20ZblbEZfrLkPytKzb/ghCIEQN/mbSsnBcJ9b
JJa0OzhUy+V9uuXrO0afpk7eCB/EPNdwugfKu/G9JaBirWrRMkkAozhKjwIDAQAB
AoGBAJlFVwMzWDlN6fvy+E4a3hQvzauSRBIVPevbUE3CwX0YpSuGSE2B+Zzfth4C
K4YNXiYyO2KsSKkiZrS/2X+CQJ4WLy87VCkoF2TF5C4MKF3SOhGPorO4TCtxkhnN
7tprZFIlT7/cP45XretG+i6ZuksZtv2Oje0r1oCwxv0F4V5BAkEA0rVve2Q0x5EG
nZrBPFgsdPm6ikutuMUBFbNxv71ILbh3f+qePpH6wZIjgQ7FJXGXarC1DcyaPT52
QQWWnhGCYQJBAMW97zxTD+9klPBisZ7ClFWh88VBCPVeyz5AS2oQdNtRaJeKyiiS
JhtNIq5yPabCZ/JecqbtCoMY/pdJeJNs0u8CQFyAgG+YHz+ZYGEiRkDaqLG1zHnY
HWznN8GyJHa7fwtrVzLV6iCn74C5SlLnDA+THZkd+G4Va4UFfd6vuF6uayECQD9Q
aWFvVxLXqbiuYSDsPIKOsHbgM/YcvAban0r+qevvTQX4snH7Gah0Mj6Y5ZSXeqDo
DN3V2B/RyPK325uYpJECQQCs/Ko0Z2LIk+fDaHRsWI00DbflRK8jptnjArVTrabs
0Os5jX+UFum0kGRlNKQPV8suucP/5y6FanlmTs3RFwpt
-----END RSA PRIVATE KEY-----
It is recommended to make a copy of the key, pre-encrypting for example GPG, using a cryptographic password (or your key) and copy it somewhere:

$ sudo gpg -c /var/lib/tor/site1/private_key
If you clear the / var / lib / tor / site1 directory from the key, then the next time you restart TOR, it will generate a new key with a new random onion address.
Let’s go back to the config. The second line (HiddenServicePort 80 127.0.0.1:80) defines what port the onion resource will have and what address and port we will forward to it. In our case, we take the address / port 127.0.0.1:80 and forward it to pigf5kfufjz63s5z.onion:80.
Let’s check if this is so. Open in tor-browser, or in any other browser, but with TOR configured and enter the address https://pigf5kfufjz63s5z.onion. A page should open that hangs at 127.0.0.1:80.
If there are not so many sites, then we add in the config, for example:

HiddenServiceDir /var/lib/tor/site2
HiddenServicePort 80 127.0.0.1:81
HiddenServiceDir /var/lib/tor/site3
HiddenServicePort 80 127.0.0.1:82
restart TOR, after which the keys are created in the corresponding directories.
Despite the fact that the addresses are generated randomly – they can be selected. We will talk about this in a separate article.
 

Статистика форума

Темы
200.635
Сообщения
380.523
Пользователи
327.874
Новый пользователь
katelyn
Сверху Снизу