So you thought Tor was bad enough. Check out Tor’s Hidden Web Services.

Recently and article appeared at NPR titled “Senators Target Internet Narcotics Trafficking Website Silk Road”. I only bothered to hit the link because I saw it mentioned on the website Anit-forensics.com. The short article complained of drugs blatantly sold on the Internet and something needed to be done about it and Congress is going to solve that one for us. Although selling drugs on the Internet is nothing new, the place on the Internet “openly” selling drugs was on the Tor network through the use of Tor’s “Hidden Services” function.  The “Silk Road” is an online market open for the sale of goods and named after the ancient road used to bring goods from the orient to the west.

For the power user of the Tor network Hidden Services is probably nothing new. For the average online investigator though you may have heard of Tor and may have even tried to use it (especially of you read my last article on using Tor in your investigations). But were you aware that webpages can be hidden within the Tor network? Have you ever seen a .onion domain name? if you haven’t then read on.

Hidden services were introduced to the Tor network in 2004. Tor’s Hidden Services are run on a Tor client using special server software. This “Hidden Service” uses a pseudo top-level-domain of “.onion”. Using this domain, the Tor network routes traffic through its network without the use of IP addresses.

To get to these hidden services you must be using the Tor Network and have your browser enable to use Tor.  How do you find sites using the hidden services? Start at the core…

http://eqt5g4fuenphqinx.onion/ 

Welcome to .onion Welcome to .onion

Core.onion according to its hidden services site has been in the network since 2007.

Once in the Core.onion you find a simple directory to start exploring Hidden Services on the Tor network.

TorDir TorDir

TorDir is a directory of Hidden Services. It gives you access to a variety of sites that offer instant messaging services, email, items for sale, social media type sites and marketplaces.

Black Market Black Market

 

In the markets a variety of things are for sale, most look to be illegal though. File sharing also looks to be popular and can be found in several .onion sites.

File Sharing File Sharing

 

To make purchases bitcoin seems to be the most popular virtual currency and is regularly mentioned throughout the .onion sites.

Bitcoin Bitcoin

 

Another good location to start finding out about what Tor’s Hidden Services have to offer is a wiki located at:

http://xqz3u5drneuzhaeo.onion/users/hackbloc/index.php/Mirror/kpvz7ki2v5agwt35.onion/Main_Page

 

Also, if you are an IRC fan Tor hidden services can be used there also. The Freenode website gives the instructions on how to access Freenode IRC servers on Tor’s Hidden Services.

If you are interested in learning more about Tor’s Hidden Services here are a few sites that can get you on your way:

http://www.onion-router.net/Publications/locating-hidden-servers.pdf

http://www.irongeek.com/i.php?page=videos/tor-hidden-services

http://www.torproject.org/docs/tor-hidden-service.html.en

 

Not to make it any worse but if you have not heard Ip2 (another anonymizing network that is becoming increasingly popular) also has its own “eeepsites” similar to the Hidden Services offered in Tor that a user can post content to like a website.

Hidden Services are going to increasingly become a location that will be misused by many. It will also become a place on the Internet that investigators will need to become increasingly familiar with if they are to further their online investigations.

Tags: , , , , , , , , , , , ,

13 Responses to “So you thought Tor was bad enough. Check out Tor’s Hidden Web Services.”

  1. A B says:

    1. It’s I2P not IP2

  2. What light are you trying to shine on this? Your article comes off like you’re attacking the premise of there being a ‘darknet’.

    Look, it’s a granted that any way humans have of perverting the law, or an angle that they can take advantage of, they will. But, there’s also many benign things that TOR and the DarkNets are used for. Legitimate things. And I hate to break it to you, but this technology was *created by the FEDs*:

    [History]
    An alpha version of the software, with the onion routing network “functional and deployed”, was announced on 20 September 2002. Roger Dingledine, Nick Mathewson and Paul Syverson presented “Tor: The Second-Generation Onion Router” at the 13th USENIX Security Symposium on 13 August 2004. Though the name Tor originated as an acronym of The Onion Routing project, the current project no longer considers the name to be an acronym, and therefore does not use capital letters.

    Originally sponsored by the US Naval Research Laboratory, Tor was financially supported by the Electronic Frontier Foundation from 2004 to 2005. Tor software is now developed by the Tor Project, which has been a 501(c)(3) research/education nonprofit organization based in the United States of America since December 2006 and receives a diverse base of financial support; the U.S. State Department, the Broadcasting Board of Governors, and the National Science Foundation are major contributors.

    In March 2011 The Tor Project was awarded the Free Software Foundation’s 2010 Award for Projects of Social Benefit on the following grounds: “Using free software, Tor has enabled roughly 36 million people around the world to experience freedom of access and expression on the Internet while keeping them in control of their privacy and anonymity. Its network has proved pivotal in dissident movements in both Iran and more recently Egypt.”
    [End of history-paste; see http://en.wikipedia.org/wiki/Tor_(anonymity_network) for more info]

    So I’ve gotta ask… with elements of our own government funding and cooperating in the development of The Onion Router (TOR), which is one of the core technologies that allows the DarkNets to exist in the first place, why would they have any interest whatsoever in stopping it, ever? Wouldn’t that defeat their first and foremost purpose of an untraceable communications channel? So, cyber criminals use it as well… criminals also use guns, but you don’t see the feds making any moves to end the production of those, do you?

    Sometime things have to be accepted. I believe the phrase is ‘acceptable collateral damage’.

  3. A says:

    So, I think that this is a very informative article, as I am new to TOR, but you just basically provided an instruction manual on how to use it, complete with links. I must say that I will only be using TOR, personally, for the purpose of attempting to assist abused women & girls in oppressive countries, but I am pretty blown away at a lot of the info which is available on TOR. You are right. It is, indeed, shocking and horrible, but at the same time, thanks for teaching me to use TOR better.

  4. Hi just thought i’d comment on your entry of So you thought Tor was bad enough. Check out Tor’s Hidden Web Services. WebCase WebLog to say a very well explained entry, its helped a lot :)

  5. Just A Girl says:

    HisInfernalMajesty – thank you for the historical information on Tor; it was interesting and enlightening. I’m relatively new to Tor and hidden web services and I had not had the chance to read up on the history yet. I’m unclear on why the author of the article believes that Tor is such a terrible technology. I understand that as an investigator it may make his job more difficult, however that goes with the territory. People have a right to privacy as well as the right to use legal technology to maintain it, that doesn’t make them guilty of criminal behavior. Excellent analogy relating cyber criminals and Tor and real world criminals and guns . Many more criminals commit crimes with guns that cause far greater harm to the public than there are cyber criminals using Tor to sell illegal contraband. Unfortunately the criminal element exists in all facets of life and will make use any and all tools available. You can’t fault the tool nor deprive the rest of the law abiding public of using it due to the illegal actions of a few.

  6. Justin Foravisit says:

    Thanks for the article.It was quiet helpful.I love My Vidalia Routing!

  7. PlainTalk says:

    It’s plain what this post espouses. Anything that facilitates freedom in general, freedom of speech and and the freedom to simply live without some control freak constabulary tossing out the baby just because the bathwater was cold, is bad. Bad Bad BAD!! The writer stares down his nose at the entire idea that anyone should be permitted to use the net without bigbrother oversight is laughable, when the technology was first introduced by the government expressly for the purpose of facilitating revolution in the middle east and enabling their own rogue agents to remain in the dark while they do what they do. That other crooks and guttersnipes should find the technology useful seems to be of little consequence to the government but serves as an excuse for blogging trolls like the above to sneer.

  8. I am new to tor, however, I think its fantastic. You talk about the hidden website, drugs, guns, what a person puts in there mouth, or body is there God given right, like the right to breath air. More important than your right to vote, What does this Government want to do, (micro manage the world)
    Like they say “If there were no bank robbers, there would be no need for banks. Larry

  9. TORIFIEDUSER says:

    Well you see. This is the part where the government begins to realize that you cannot control internet like you would control a street. At least, not TOR.

    TOR enables everyone to open up to what they really think to be honest with themselves, no matter what their society labels those behaviors or thoughts as. They are anonymous on a whole new level with little to no effort. Take TOR away from those people ( If that was even possible ) would cause these people to take part in the drug markets out there on the street, where people shoot eachother and stuff. I’ve never heard of someone getting shot through an anonymous network.

    Sure there’s CP there, but if someone is uploading those, they’re not doing it for the fame, drawing attention to yourself is usually a bad thing if you’re into that. That being said; Would you rather have your local pedos wanking at the few pictures online or actively go for your children because they don’t have a source of letting out those impulses.

    Some call it a mental problem, some say you’re just born like that. LEA/CIA/FBI could very easily just set up something to get information on the behaviors themselves (not TOR users) and seek to understand, diagnose and help those people who have impulses that have a negative impact on society.

    By actively curing crimes and things like that or finding solutions/grey areas by regulating specific markets, There wouldn’t be as much content for the media to have a topic like Catching a big drug cartel that would bring out our sense of nationality as they make it look like “We are fighting the bad behavior together as a nation”. No attachment to your government is usually a bad thing for them.

    You have it, in a nutshell, why the government will never help those people. They need a common enemy that cannot be defeated; Drugs, Piracy and I forget the third.

    TOR FOR THE WIN

  10. [...] “[t]here are no contenders for the throne in waiting”. Well Tor also has an area, called “hidden services”, where users can set up websites. These websites can only be found while one is using Tor and have [...]

  11. [...] that “[t]here are no contenders for the throne in waiting”. Well Tor also has an area, called “hidden services”, where users can set up websites. These websites can only be found while one is using Tor and have [...]

  12. Maverikk Boots says:

    Well.. most TOR hidden services died after the freedom hosting went down.
    Sad but I think its for the best.
    I’ve heard that 95% av all child porn on the net went offline.
    Thats nice. But some innocent sites also went dead.
    like tormail.

    Is there a replacement up yet? So journalists like you can report freely from inside china, north korea or some other totalitarian state.

  13. Lazoto says:

    I think people have a right to browse online in all privacy without the poking menace of some big brother overlooking our shoulders

Leave a Reply