Introduction to the hidden services of the Tor network.

This is a project developed in the cybersecurity bootcamp of 42Madrid.

Subject:

The objective of this project is to create a web page and make it accessible from the Tor network by creating a hidden service.

The hidden service is a web service that is hidden in the Tor network, But what is Tor?

Tor is an application that takes the data that enters and exits through your Internet connection and passes it through a circuit of servers around the world. This makes your traffic completely anonymous.
A little-known use of Tor is anonymous access to the Deep Web or Darknet, a little-known part of the Internet, inaccessible from search engines such as Google, and hosting content of often questionable legality.

Requirements:

• The HTTP service must have a static web site with a single index.html file and will only be accessible from a url xxxxxxxxx.onion.
• A Nginx service will be used to configure the web server.
• The page can be accessed via HTTP through port 80.
• The access to the server via SSH on port 4242 must be enabled.
• No other ports should be opened and no firewall rules should be set.

Files to submit:

index.html
nginx.conf
sshd_config
torrc

Bonus part:

• SSH fortification.
• An interactive website, more impressive than a sad static page. You can use external libraries for it, but not a framework.

Project:

This project was developed with docker containers to perform all the connection and configuration tests, without damaging the system. It has a Server container and a Client container.

• The Server executes the necessary services and configurations.
• The Client was created to perform SSH connection tests to the configured hidden service.

Server

Based on a debian docker container generated by the following Dockerfile:

FROM debian:latest

# Installation packages
RUN apt-get update -y && apt upgrade -y
RUN apt-get install nginx tor openssh-server vim -y

# Copy sshd_config file
COPY sshd_config /etc/ssh/sshd_config

# Copy torrc file
COPY torrc /etc/tor/torrc

# Copy index.html file
COPY index.html /usr/share/nginx/html/index.html

# COPY nginx file
COPY nginx.conf /etc/nginx/nginx.conf

# SSH user configuration
RUN useradd -m sshusr
RUN echo "sshusr:onion" | chpasswd

# Service startup.
ENTRYPOINT service ssh start; nginx; tor  

The following packages are installed and configured:

• Nginx [port 80:80].
• Openssh-server (Server) [port 4242:4242].
• Tor

With the COPY commands that are indicated in the Dockerfile, the files are sent to the directory paths where they should replace the original files, loading the requested settings.

The following steps were followed to enable all services:

• A static test website was developed according to the requirements of the subject in an index.html file.
• By editing the torrc file we enabled the hidden services for HTTP and SSH.
• The nginx.conf file was configured to enable the web server and host a previously developed static web page.
• By modifying the sshd_config file we changed the default port and fortified the security of the SSH server.

In addition to installing the necessary applications and copying the configuration files into the container, an user is created which has the privileges to access the SSH service when fortifying. [user=sshusr, pass=onion]

Client:

Based on a debian docker container generated by the following Dockerfile:

FROM debian:latest

# Installation packages
RUN apt-get update -y && apt-get upgrade -y
RUN apt-get install tor ssh -y

# Service startup.
ENTRYPOINT service ssh start; tor

The following packages are installed:

• Ssh (Client)
• Tor

To speed up the deployment and execution of the containers, a Makefile was configured with the following instructions:

- make:        Generates the Server container, the Client container and both images.
- make server: Generates the Server container image.
- make client: Generates the image of the Client container.
- make exe:    Runs the Client container and returns a Bash.
- make clean:  Stops and removes the Server and Client containers. 

When executing the server, a Volume is generated in the Server container synchronizing the directory /url, this will return the directories where the hostname files are located, these contain the url’s xxxxxxxxx.onion for the HTTP and SSH.

• hidden_service -> HTTP
• other_hidden_service -> SSH

Docker test

Dependencies:

• You must have Docker Desktop and make [optional] installed on your computer.
• You must also have Tor browser installed for the HTTP test.

Execution Instructions:

1. Clone the repository

   git clone https://github.com/goldcod3/Ft_onion.git
   

2. Inside the cloned repository run:

   make && make exec
   

3. The Server container generates in the srv/url directory the HTTP and SSH urls for the hidden tor services.
   • srv/url/hidden_service/hostname -> HTTP
   • srv/url/other_hidden_service/hostname -> SSH

Access to the Services:

• To access the HTTP service, you must run the Tor browser and enter the url found in srv/url/hidden_service/hostname in the repository folder.
• To access the SSH service run the Client container and inside the container run the command:

  torify ssh sshusr@xxxxxxxxx.onion -p 4242
  

  Where:

  • The user’s name is [sshusr].
  • The user’s password is [onion].
  • The port of the SSH connection is [4242].
  • The url xxxxxxxxx.onion is located in srv/url/other_hidden_service/hostname within the repository.

Enjoy it!

View the source code here

Project completed

Rating: