Creating an Invisible Darknet Server for Secure Remote Access (Tor "Stealth" Hidden Service)

Thanks, man! Appreciate your feedback!

Thanks for watching, Jonathyn!

@@IPvZero You know what just occurred to me... why not just buy a server computer, have VPN routers behind it, use a TOR bridge, use Ubuntu or Debian for the OS, and do it that way? If you have something like Verizon Fios at your home, would that slow your internet down? Or, I'm not sure. I'm very new to the whole notion of TOR. I'm just thinking it might be easier for the layman to just buy a whole server tower.

@@jonathynblythe8096 Hey Jonathyn. In order to get the NAT traversal (ie no need to open ports on your home firewall) you would have to configure a Hidden Service. Simply using a Tor bridge would not involve vital components such as persistant outbound connections to Introduction Points, etc, which would be required for this effect. And configuring a regular hidden service can be scanned and found. The point here is that no one can even discover the service, even if they know the URL, or the IP address. Since the server will only open once the client has a correctly configured cookie.
I know it's a little confusing but I hope that helps haha :)
-John

@@IPvZero Wow, that's amazing. I've never even heard of anything like this until now. So someone can put a phpbb forum on this server for the world to access? In other words, host your very own website and not be traced?

@@jonathynblythe8096 Correct. People with the address will be able to reach your introduction point, which is just a random node in the Tor network. For the connection to open, they must have the authentication cookie must be present but the actual hidden service will open a connection to the request via another completely random node in the network (the Rendezvous Point). If you're interested you can read more here:
WIRED: www.wired.com/2016/07/now-can-hide-smart-home-darknet/
SYMANTEC: www.symantec.com/connect/blogs/tor-hidden-services-home-device-and-services-security-and-privacy
Have fun exploring :)
-John

Hey, Broad Rama! Thanks so much!
re: the Reverse Proxy. I've never attempted such a configuration so I'd need to properly look into it!
If you don't mind me asking, what would be the use case?
I only ask because the implementation would be pretty insecure in that the Reverse Proxy operator would have full visibility of your Tor traffic. If you were operating the reverse proxy yourself and then this particular issue wouldn't be such a problem. If you were simply trying to enter the Tor network unnoticed (ie hiding your use from an ISP) then I would recommend using Obs4proxy bridges. If you just simply want a way to visit a Tor hidden service but don't want to download the Tor browser your local machine, you can access Onion addresses from a normal browser uses Tor2Web, however I would strongly discourage this as it can't be considered secure!
EDIT: Also, if you just have reservations about downloading Tor on your local machine, then downloading Tails OS on to a USB will allow you to boot from a USB in a forensically sound environment (with additional security hardening features).
I'll have a google around though since I'm curious to the answer too haha.
Thanks again.
-John

@@IPvZero Many thanks for your response!
I already know your mentioned points, google has helped me with that already :D
The actual purpose would be that the backend server don't see IPs of users, the users don't see the IP of the actual backend and that without the need to install Tor or something else.
I've already tried it with Nginx and HAProxy, but I have not gotten it to work yet.
And yes, I'm aware that such a setup is actually totally overkill, but this is also true for the SSH connection via Tor :'D
It's just really interesting to know what's technically possible and since you're a real pro in the network area, I just thought I'd ask :)

Haha that's cool, man. I like to geek out on the technical possibilities too.
If I'm understanding the use case correctly, it would basically be providing the Tor anonymity, without requiring the user base to install Tor (ie more user friendly). A normal user would request the reverse proxy server from a normal browser, the proxy would forward the request to the real server via Tor, thus, would have all the Tor security benefits? Would that be right?
Apologies if I'm misunderstanding.
If so, I'm unsure how to ensure the anonymity of the user. Whilst the backend server wouldn't see the user's IP address , the reverse proxy would. As such, the reverse proxy would in effect get to see the entire Tor transmission, as well as having the real IP address of the user through to relay the traffic back. Assuming the reverse proxy and the backend server are run by the same people, by default the backend server gets the users full logs, albeit indirectly from the proxy server. If the reverse proxy was run by and intermediary then the intermediary gets all the Tor traffic effectively in decrypted form, plus the user's IP address, whilst the backend server's actual location remaining hidden, as it only announces its presence via its cryptographic public key, rather than IP address.
If the goal is anonymity for both user and server, then you really want to be running the Tor software at the end points of the connection (client computer and server). Again, apologies if I'm misunderstanding haha!
-John

@@IPvZero Yes, you interpreted my message correctly but the reverse proxy would of course be hosted by the same person.
Maybe I did not express myself correctly, but a reverse proxy can see the IPs because the traffic is not analyzed and also not logged, so that should not be a problem.
It's more about that the backend server enjoying the full hidden service and even can be accessed over the normal web :)

@@broadrama43 Ah okay, I see! I reckon you could achieve what you're looking for using some HTTP proxy like Polipo.
However, I would caution that doing so would reduce the strength of the anonymity of both clients and server. Let's say for example your use-case was to provide a user-friendly website where people could post sensitive government leaks. The government could deanonymise the "hidden service" simply by investigating who owns the publicly available IP address of the Reverse Proxy relaying all of the traffic. That IP address would be public and the registration details could be obtained just like a normal clearnet website. Now they've found you. By contrast, having your clients use Tor on their own computer like a normal hidden service, they can contact the server via its cryptographic public key (since the .onion address is simply a hash of the public key appended to the .onion suffix). That way, users can reach the server without ever knowing any IP addresses. By introducing a public IP address through which to contact the server, a key Tor strength would be circumvented. Similarly, attackers could simply monitor inbound connections of the clearnet traffic going to the relay server (since it's IP address would be public), and be able to infer every IP address connected to the relay server is accessing your government leaks website, and would compromise the users. So the users would also be vulnerable to identification. And whilst they would get an increase in usability from not having to download Tor, they would subject to the bad aspect of Tor which is poor performance. Each connection would require going through multiple hops (your onion circuit hop count, plus an additional hop for the entrance via the relay), so in that sense user experience would be limited, but without the strength of Tor's proper anonymity.
Even from the point of view of a denial of service attack, the setup would become more vulnerable. Whilst you can certainly DDOS an onion address, it requires that the attack be large enough to knock multiple high bandwidth nodes offline (your Introduction Points). Whereas if your entrance is a public relay server, they can take down access to the site simply by attacking that.
Unfortunately, security and anonymity are difficult and don't go hand-in-hand with being very user-friendly.
Just look at PGP for example hahaha!
Again, by all means try it out for experimental purposes, just be aware of the weaknesses if security and anonymity are high priorities! Traffic correlation attacks have always been Tor's weakness, so introducing a public entry point could cause problems!
Hope that's been helpful man :)
-John

It looks like Ubuntu 18.04 to me

Were you able to get this to work? Having trouble because some of these configuration don't work anymore

@@scarthebadguy i wasnt able to set up authorized user, but wo it, ssh worked. The new formst is on the tor forum page, to set up auth user. Also needs config to load tor on reboot, for server

@@scarthebadguy also, its very very slow. I wanted to see if i could use it to upload files from off site, too slow for that. Vpn that allows port forwarding is a better option, but its a paid service. So, still looking for a solution.

All you would do is declare hiddenservicedir and port in Torrc.

Were you ever able to get it? If so do you have a link to an article

Hey, Z! I've not actually done that myself. I'd need to talk a look around and do some investigoogling. If I find anything concrete I'll post it :)
Thanks for watching!
-John

@@IPvZero Thank you a lot for your reply.

The problem with that is that in all practicallity- JS is not really usable for hidden services because most people using a hidden service also use noscript.

Assuming I am understanding right, you mean a Rest API over http written in node JS? I think you would just need to add another hidden service configuration in the torrc, with the local port your API runs on

Hey, Patrick. I ran into a similar problem in the video at around 14 min 45! The way I solved it was to restart the tor service by issuing the command "sudo systemctl restart tor.service". After restarting the service I could then issue the "sudo cat" command followed by the file path and get the onion address. In my case it's "sudo cat /var/lib/tor/ssh/hostname". Not sure if you're having the same issue but try that and let me know if you get it working or still having problems!
-John

@@IPvZero Hi, I'm getting the same problem listed above. I restarted the tor service using the command mentioned and still no luck. I'm using command "sudo cat /var/lib/tor/ssh/hostname" and when I cd into the tor file nothing is in there, my torrc file is configured properly as shown in the video. Help would be greatly appreciated! Thanks

@@jacobstrokus3712 Hey, Jacob. I'll quickly spin up a couple of VMs and try and the process again in case there is some type of bug and get back to you. Can I ask, what distro are you using, Ubuntu?
-John

@@IPvZero Hi John, Thanks for quick reply. I am running Kali, Could the problem be that I am root and not a user? I noticed from the video you were not root but instead using sudo to execute commands with root permissions. I will create a user and try commands again and see if that works. Thanks,
Jacob

@@jacobstrokus3712 Very possibly, Tor tries to block root users for security, so very well maybe that issue! I'm spinning up a Ubuntu machine just now and see how that goes. I'm curious now haha. Let me know how you get on!
-John

Hey man, you can email me at ipvzero@gmail.com

@@IPvZero thanks a loot i send you an email

Regular English. Scottish accent.