3.0 KiB
Tor setup
Checking to see if tor is running
The following command could be used to get the status of the tor service.
sudo service tor status
The following command can be used to see if tor is actually useable. The command will look for any open ports.It should say that tor is listening on port 9051 or 9050. But the port could be changed to any port.
sudo netstat -tulpn | grep LISTEN
The next commands could be used to start tor as a service,
sudo service tor start
Depending on the machine you are using it might not work. Here are a few other commands that can be used to start tor.
sudo systemctl tor restart
Restarting tor.
sudo systemctl restart tor
Tools
docker-onion-nmap
BurpSuite
BurpSuite is a hacker's best friend, it can do pretty much any web attack. BurpSuite can also be used with tor.
Here are some guides on how to set up with TOR:
- https://brezular.com/2020/01/02/how-to-configure-burpsuite-to-use-tor-as-proxy/
- https://kalinull.medium.com/how-to-intercept-tor-hidden-service-requests-with-burp-proxy-6214035963a0
The creators of BurpSuite also have a site where you can practice your skills and do labs... https://portswigger.net/web-security/all-labs
Dirsearch
Dirsearch Make sure to is running & installed,
sudo systemctl tor start
The command above could be used to start the tor service.
sudo python3 dirsearch.py -u link.onion --proxy 127.0.0.1:9051
The command above can be used to scan a dark web site. We used the --proxy
so the tool can access the onion.
Shodan
Shodan is a great tool. The tool is free for the first couple of results but if you have a paid account you can view all the pages. During Black Firday, they have a killer dealer where you can buy it for like 10$. A couple of years ago I got a life time subscription for $5. If you cant pay, don't worry there are other sites that can be used.
Once a while I like to search for keywords like:
- onion
- look for open ports, 9001, 9030, 9040, 9050
- names of services
- the Onion URL to the site
In the past there has been a couple of times where a site's testing server was exposed on the internet. Sites like Shodan are constantly scanning the internet and cralwing each page that they show on the platform. Sometimes the web site owner will not set up the web server correctly so the IP will leak and the site will have its IP eposed.
OnionScan
dirstalk
This tool has built in ways to use with tor. - https://github.com/stefanoj3/tordock
docker run -d -p 127.0.0.1:9150:9150 stefanoj3/tordock:latest
After running you the docker you should run this command.
dirstalk scan http://some.onion --dictionary mydictionary.txt --socks5 127.0.0.1:9150