SCIENCEAuthor: Arnel C. Reyes
Published: 25 August 2024
Last Updated: 27 August 2024
The Darknet (a.k.a. Dark Web) refers to a hidden part of the internet that is not indexed by traditional search engines and requires specific tools and configurations to access. It is a subset of the Deep Web, where users can navigate websites and services anonymously. To explore the Darknet, specialized tools is needed. The most common method of accessing the Darknet is through the ToR Browser, which routes internet traffic through a series of encrypted relays to mask and obscure the user's location and activity.
To further enhance anonymity, users often combine VPN (Virtual Private Network) with ToR. This method adds an additional layer of encryption, making it more difficult for third parties to track the user's internet activity. For users seeking a more secure operating environment, Tails Linux is a popular choice. This portable operating system is designed to preserve privacy and anonymity, running from a USB stick without leaving traces on the host computer.
Background
The Darknet is a complex and controversial segment of the internet. Initially, it gained notoriety for illegal activities such as drug trafficking, weapon sales, and other illicit transactions. However, it also serves as a haven for whistleblowers, journalists, and activists in oppressive regimes, offering them a platform to communicate securely and anonymously. The ToR network, which underpins the Darknet, was originally developed by the U.S. Naval Research Laboratory and is now maintained by the non-profit ToR Project.
To securely share files or communicate on the Darknet, tools like OnionShare have been developed. OnionShare allows users to share files, host websites, and even chat anonymously over the Darknet without relying on centralized servers or third-party services. Setting up a web server on the Darknet involves configuring Nginx to serve websites over ToR. This process includes setting up ToR Hidden Services, which enable the creation of websites and services that can only be accessed through the ToR network. For those looking to personalize their Darknet presence, mkp224o is a tool used to generate vanity onion domains, which are custom onion addresses that add an extra layer of identity, personalization and security to the hidden service.
The Internet in a Nutshell
The internet is often described in layers, with the Surface Web, Deep Web, and Darknet representing different levels of accessibility, visibility, and privacy.
- Surface Web: The visible part of the internet, easily accessible and indexed by search engines.
The Surface Web refers to the portion of the internet that is easily accessible to the general public and indexed by traditional search engines like Google, Bing, and Yahoo. This includes websites and content that can be found and accessed using standard web browsers without any special configurations.
Examples:
» News websites (e.g., CNN, BBC)
» Social media platforms (e.g., Facebook, Twitter)
» E-commerce sites (e.g., Amazon, eBay)
» Blogs and personal websites
Characteristics:
» Publicly Accessible: Anyone with an internet connection can access the surface web.
» Indexed by Search Engines: Search engines can crawl and index these websites, making them easily discoverable.
» Limited Privacy: Since the surface web is open to everyone, privacy and anonymity are minimal unless additional measures (like encryption or private browsing) are used.
- Deep Web: A larger, hidden part of the internet not indexed by search engines, containing private or restricted-access information.
The Deep Web consists of parts of the internet that are not indexed by search engines. This includes content that is hidden behind paywalls, requires login credentials, or is otherwise restricted. The deep web is much larger than the surface web, but the content here is generally not illegal or malicious -- it's just not accessible without the right permissions.
Examples:
» Online banking portals
» Private databases and archives
» Academic journals and libraries
» Email services (e.g., Gmail)
» Subscription-based websites
Characteristics:
» Restricted Access: Requires specific credentials or permissions to access.
» Not Indexed: Search engines cannot index this content, so it remains hidden from public search results.
» Legitimate Use: Most of the deep web is used for legitimate purposes, such as accessing private information or services.
- Darknet: A small, encrypted part of the deep web that requires special tools to access, offering strong anonymity but often associated with both legitimate and illicit activities.
The Darknet is a small part of the deep web that is intentionally hidden and requires special software or configurations to access. It operates on encrypted networks, most commonly the ToR network, and is designed to provide anonymity and privacy to its users. While the darknet is often associated with illegal activities, it also serves as a platform for privacy-focused individuals, activists, and those seeking to bypass censorship.
Examples:
» ToR Hidden Services: Websites with .onion domains that can only be accessed via the ToR Browser.
» Illegal Marketplaces: Platforms for buying and selling illicit goods and services.
» Anonymous Communication Platforms: Forums and chat services where users can communicate without revealing their identity.
Characteristics:
» Requires Special Tools: Accessing the darknet typically requires software like the ToR Browser or I2P.
» Strong Anonymity: Users and website operators are often anonymous, with their identities protected by layers of encryption.
» Mixed Use: While there is illegal activity on the darknet, it is also used for legitimate purposes, such as protecting free speech in oppressive regimes or ensuring privacy for sensitive communications.
How To Access the Darknet (3 Levels)
The Darknet is a segment of the internet that requires specific tools and configurations to access, offering a platform for both privacy-focused users and those engaging in illicit activities. Below are details on how to set up key tools for accessing and using the darknet securely.
- ToR Browser
The ToR Browser is a modified version of Mozilla Firefox that routes user internet traffic through the ToR network, which consists of a series of volunteer-operated servers (nodes). Each connection is encrypted and routed through multiple nodes, obscuring the user’s IP address and location. This anonymity allows users to access websites and services on the darknet without revealing their identity.
How to Set Up:
1. Download ToR Browser from the official ToR Project website [https://www.torproject.org].
2. Install the browser by following the installation instructions specific to the operating system.
3. Launch ToR Browser and allow it to connect to the ToR network.
4. Start browsing by entering a .onion URL in the browser’s address bar to access dark web services.
- VPN + Tor
Using a VPN (Virtual Private Network) with ToR adds an additional layer of security by encrypting the internet traffic before it reaches the ToR network. This setup hides the machine's real IP address from the ToR entry node and the internet service provider (ISP) from knowing that ToR is being used.
How to Set Up:
1. Choose a reputable VPN that supports anonymous browsing. The following are free VPN providers and software:
» ProtonVPN: Offers a free plan with unlimited data and access to servers in a few countries. Known for its strong privacy focus and no-logs policy.
» Windscribe: Provides a free plan with 10 GB of data per month and access to servers in multiple locations. They have a strong privacy policy and no logging.
» TunnelBear: Offers a free plan with 500 MB of data per month. It's user-friendly and has a decent privacy policy.
» Hide.me: Offers a free plan with 10 GB of data per month and access to servers in a few locations. Known for strong privacy features.
Open-Source VPN Software:
» SoftEther VPN: An open-source, free VPN software that supports a wide range of VPN protocols.
» OpenVPN: A popular open-source VPN protocol that is highly configurable and secure. Download the software and use it with free VPN server configurations.
» WireGuard: A fast, modern, and secure VPN protocol. Download the software and find free server configurations online.
2. Connect to the VPN by installing and launching the VPN software, then selecting a server.
3. Launch ToR Browser while connected to the VPN.
4. Browse securely, with the VPN providing an additional layer of encryption.
- Tails Linux
Tails Linux is a portable, privacy-focused operating system that runs from a USB drive or DVD. It is designed to leave no trace on the computer it runs on, ensuring that all internet traffic is routed through the ToR network.
How to Set Up:
1. Download Tails from the official website and use the Tails Installer or a tool like Etcher to write the Tails image to a USB drive.
2. Boot from the USB drive by restarting the computer and selecting the USB drive from the boot menu.
3. Configure Tails by following the on-screen prompts, including setting up an administrator password if needed.
4. Start using Tails, with all internet activity automatically routed through ToR.
How to Host Web Site, Share Files, and Chat on the Darknet
- The OnionShare
OnionShare is an open-source tool that allows users to securely host websites, share files, or chat over the ToR network without relying on third-party servers. It generates a .onion address that can be shared with others to access the files or services a user is hosting.
How to Set Up:
1. Install OnionShare by downloading it from the official website or installing it through a package manager on Linux.
$ sudo apt install snapd
$ sudo systemctl status snapd.service
$ sudo systemctl start snapd.service
$ sudo snap install onionshare
$ sudo systemctl daemon-reload
2. Launch OnionShare and select the type of service to create (file sharing, website hosting, or chat).
$ /snap/bin/onionshare
3. Configure the service, such as adding files or setting up a chat room.
4. Start the service to generate a unique .onion URL.
5. Share the URL with trusted individuals who can access the service through their ToR Browser.
- Sharing Files on the Dark Web with OnionShare
OnionShare allows user to share files over the dark web by hosting them on the local machine and providing access through a ToR hidden service.
How to Set Up:
1. Open OnionShare and select "Share Files" mode.
2. Drag and drop files into the interface or use the file picker.
3. Click "Start Sharing" to generate the .onion URL.
4. Send the URL to the recipient, who can access the files via ToR Browser.
- Chatting on the Dark Web with OnionShare
OnionShare can also be used to create anonymous, encrypted chat rooms on the dark web, accessible only via the .onion address.
How to Set Up:
1. Open OnionShare and select "Chat" mode.
2. Click "Start Chat" to generate a .onion URL for the chat room.
3. Share the URL with participants who will join the chat via ToR Browser.
Alternatively, use CLI option:
$ /snap/bin/onionshare.cli --chat --public
╭───────────────────────────────────────────╮
│ * ▄▄█████▄▄ * │
│ ▄████▀▀▀████▄ * │
│ ▀▀█▀ ▀██▄ │
│ * ▄█▄ ▀██▄ │
│ ▄█████▄ ███ -+- │
│ ███ ▀█████▀ │
│ ▀██▄ ▀█▀ │
│ * ▀██▄ ▄█▄▄ * │
│ * ▀████▄▄▄████▀ │
│ ▀▀█████▀▀ │
│ -+- * │
│ ▄▀▄ ▄▀▀ █ │
│ █ █ ▀ ▀▄ █ │
│ █ █ █▀▄ █ ▄▀▄ █▀▄ ▀▄ █▀▄ ▄▀▄ █▄▀ ▄█▄ │
│ ▀▄▀ █ █ █ ▀▄▀ █ █ ▄▄▀ █ █ ▀▄█ █ ▀▄▄ │
│ │
│ v2.6.1 │
│ │
│ https://onionshare.org/ │
╰───────────────────────────────────────────╯
Connecting to the ToR network: 75% - Loaded enough directory info to build ciConnecting to the ToR network: 100% - Done
Give this address to the recipient:
http://The-Randomly-Generated-Onion-Address.onion
Press Ctrl+C to stop the server - Hosting Web Site in the Darkent Using Nginx
Nginx is a powerful web server that can be configured to serve websites on the dark web through a ToR hidden service. This allows a website to be accessed only through the ToR network.
A. Setting Up Nginx: Nginx is a powerful web server that can be configured to serve websites on the dark web through a ToR hidden service. This allows users' website to be accessed only through the ToR network.
1. Install Nginx on the server by using a package manager (this example is for Kali Linux).
$ sudo apt install nginx
$ sudo systemctl start nginx
2. Check if Nginx is running by navigating to http://localhost.
3. Create dummy file
$ sudo namo hello.txt /var/www/html
Hello Darknet!!!
4. Check if the file accessible by navigating to http://localhost/hello.txt.
5. Configure Nginx to serve the website by editing the configuration file (usually located in '/etc/nginx/sites-available/default').
$ sudo nano /etc/nginx/sites-available/default
6. Check Nginx configuration.
$ nginx -t
7. Restart Nginx service.
$ sudo systemctl restart nginx
B. Configuring ToR Hidden Services: ToR Hidden Services allow users to host services like websites, chat servers, or other applications on the darknet. These services are only accessible via the ToR network and provide anonymity for both the host and users.
1. Check Debian version.
$ cat /etc/debian_version
2. Add the ToR Project Repository into the 'sources.list.d/tor.list' file. to specify the ToR Project's software repository as a source for installing and updating ToR-related packages on the system.
$ sudo nano /etc/apt/sources.list.d/tor.list
deb [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org bookworm main
deb-src [signed-by=/usr/share/keyrings/tor-archive-keyring.gpg] https://deb.torproject.org/torproject.org bookworm main
3. Download ToR ASC signature file and add this GPG key to verify the authenticity of packages from the ToR Project repository.
$ sudo wget -qO- https://deb.torproject.org/torproject.org/A3C4F0F979CAA22CDBA8F512EE8CBC9E886DDD89.asc | gpg --dearmor | tee /usr/share/keyrings/tor-archive-keyring.gpg > /dev/null
4. Install ToR if it’s not already installed on the server.
$ sudo apt update
$ sudo apt install tor deb.torproject.org-keyring
5. Edit the ToR configuration file ('torrc') to include the hidden service configuration:
$ sudo nano /etc/tor/torrc
## Uncomment the following
HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 80 127.0.0.1:80
6. Restart ToR to generate the .onion address.
$ sudo systemctl restart tor
7. Find the .onion address in the file located at '/var/lib/tor/hidden_service/hostname'.
$ sudo ls /var/lib/tor
$ sudo ls /var/lib/tor/hidden_service
$ sudo cat /var/lib/tor/hidden_service/hostname
the-randomly-generated-onion-address.onion
8. Test the .onion address using ToR browser.
C. Vanity Onion Domains with mkp224o (Onion Supremacy): mkp224o is a tool used to generate custom, or "vanity," onion domains. These domains have a specific prefix or pattern of choice, adding a layer of personalization to the dark web service.
1. Install mkp224o by cloning the repository from GitHub and compiling it on the machine.
$ sudo apt install gcc libc6-dev libsodium-dev make autoconf
$ git clone https://github.com/cathugger/mkp224o.git
$ cd mkp224o
$ sudo ./autogen.sh
$ sudo ./configure
$ sudo make
2. Run mkp224o with desired pattern (e.g., './mkp224o mycustomprefix').
$ sudo ./mkp224o hello -v -n 1 -d ~/supremeonionkey -t 4
set workdir: /home/kali/supremeonionkey/
sorting filters... done.
filters:
hello
in total, 1 filter
using 4 threads
hello-the-randomly-generated-onion-address.onion
waiting for threads to finish... done.
3. Wait for the tool to generate a .onion address that matches the pattern.
4. Copy the generated keys to the ToR hidden service directory ('/var/lib/tor/hidden_service/').
$ sudo cd supremeonionkey/hello-the-randomly-generated-onion-address.onion/
$ sudo ll
total 12
-rw-r--r-- 1 root root 63 Aug 24 22:52 hostname
-rw-r--r-- 1 root root 64 Aug 24 22:52 hs_ed25519_public_key
-rw------- 1 root root 96 Aug 24 22:52 hs_ed25519_secret_key
$ sudo cp * /var/lib/tor/hidden_service/
5. Restart ToR to start using the vanity onion domain.
$ sudo systemctl restart tor
6. Test the .onion address using ToR browser.
Setting up and using the dark web requires a strong understanding of the tools and configurations necessary to maintain privacy and anonymity. Whether using the ToR Browser, combining it with a VPN, or running a secure operating system like Tails Linux, each tool plays a vital role in safeguarding the user's identity. For those interested in sharing files, hosting services, or even setting up custom onion domains, OnionShare, Nginx, ToR Hidden Services, and mkp224o offer robust solutions to operate securely within the darknet. However, it's important to approach these activities with a clear understanding of both the technical and ethical implications.
Other Darknet Alternatives
When exploring the landscape of anonymous online communication, several alternatives to the TOR network offer unique approaches to privacy and security. These "darknet alternatives" provide diverse methods for protecting users' identities, securing data, and circumventing censorship. Whether a user is looking for decentralized browsing, encrypted peer-to-peer communication, or platforms resistant to surveillance, each of these networks offers distinct features that cater to different privacy needs.
- Lokinet: Lokinet is a privacy-focused network that operates on the Oxen blockchain. Unlike traditional internet networks, Lokinet routes data through a decentralized onion-routing protocol, ensuring anonymity and resistance to censorship. It allows users to browse websites, send messages, and access services without revealing their IP addresses or compromising their privacy. Lokinet also supports the creation of hidden services, similar to TOR, providing a secure platform for hosting websites and applications in a private and anonymous manner.
- I2P (Invisible Internet Project): I2P is a robust and decentralized network designed for anonymous communication. It uses multiple layers of encryption to route traffic through a series of volunteer-run nodes, obscuring both the source and destination of data. I2P supports a range of applications, including anonymous web browsing, file sharing, and messaging. It operates independently of the regular internet, providing a separate network where users can interact without fear of being tracked or surveilled. I2P is especially popular for secure peer-to-peer communications and hosting hidden services.
- Freenet: Freenet is a peer-to-peer platform designed to resist censorship and ensure privacy. It operates by storing and sharing data across a distributed network, making it difficult to trace content back to its origin. Users can anonymously publish websites, share files, and communicate through forums without revealing their identity. Freenet's unique structure allows it to function even in environments with severe restrictions on free speech, making it a vital tool for activists and journalists. The network is designed to protect users from surveillance and censorship, enabling free and open communication.
Conclusion
The Darknet is a double-edged sword, offering both anonymity for those in need and a platform for illegal activities. Tools like the ToR Browser and VPNs are essential for navigating this hidden part of the internet securely. For those looking to share files, host services, or communicate securely, OnionShare and the configuration of ToR Hidden Services provide robust solutions. However, it is important to approach the Darknet with caution, understanding both its potential and its risks.
Disclaimer: This documentation is intended for educational purposes only. The content provided herein is meant to inform and educate individuals about security practices, techniques, and tools. Security-Science does not support, endorse, or encourage any illegal or unethical activities, including but not limited to unauthorized access to computer systems, networks, or data. Users are advised to apply the knowledge gained responsibly and ensure compliance with all applicable laws and regulations. Security-Science shall not be held liable for any misuse of the information provided.