Some general background
Off course like any good story this starts with I was aksed by a friend. I started with some back ground checks on what I was lookin for here:
https://us.norton.com/internetsecurity-how-to-how-can-i-access-the-deep-web.html
The Most Dangerous Town On the Internet
https://www.youtube.com/watch?v=CashAq5RToM https://www.youtube.com/watch?v=un_XI4MM6QI
Setup of a browwser in a container
So a pretty nasty place. Might as well take some precaution. But in general as for illegality there is lots of that on the darkweb. The darkweb itself is not illegal and opening a site where you can buy a gun is also not illegal. If you buy it that might be illegal in your country like it is here in the Netherlands.
Why use a container? Since we are talking about “The Most Dangerous Town On the Internet” all sorts of nasty stuff can be found here. This is the place where people pay with “BitCoin” or even private coins like “Monero”. So this is also a good place to start for other people to start fishing for your private key to your bitcoin wallet. And you in many cases use a downloaded darkweb browser from a shady source. Install it onto your system and might be providing what ever information to whom ever if your in bad luck.
So using an OpenSource browser to start with is a good idea. The code can and will be verified by people smart enough to do so. But next to that installing the dark webbrowser into it’s own environment is also a good idea. I use containers for that sort of stuff.
Assuming you are on a windows machine your install starting point for docker is here:
https://docs.docker.com/docker-for-windows/install/
Now you’ll be starting to use a prepared docker image from this
https://github.com/DomiStyle/docker-tor-browser
https://hub.docker.com/r/domistyle/tor-browser
I tried the browser version but was not sure if it actually might still loads some scripts into your outside browser.
docker run -d -p 5800:5800 domistyle/tor-browser
After starting this docker you can actually browse to here:
http://127.0.0.1:5800
So I decide to use a VNC viewer that just transfers the grahic content to your host screen and is not able to load script as to my knowledge.
https://www.tightvnc.com/download.php
Is started like this.
docker run -d -p 5900:5900 --shm-size=2G domistyle/tor-browser
The VNC client can now be set to make a connection to 127.0.0.1:5900 from your local machine with TightVNC. Of course it’s not a bad idea that this is also a build for crash and burn you throw away the image and all history is also goner.
Where to start with those onion adresses
There is lots of stuff to be found out there. But if you are like me and just want to know how stuff works. Then just read some interesting stuff from here and browse onward to the “Uncensored Hidden Wiki”.
Cloaking your origin
Some are a huge fan of using a maskering service like a VPN so your ISP cannot see you are using ToR to go somehwere. I personaly think if you realy need to do stuff that doesn’t deserve to be in daylight don’t hire a men-in-the-middle service. Just like I personally do not like asking a home surveilance eavesdropping machine for a pancake recipe (Alexa , Goolge home asistent) Some people like those devices, I am not a big fan!
So I don’t use a VPN service. If you need to hide build a multi hop path of servers or containers. And access every hop through another ToR onion path that way. Or just configure your own stepping stone server that is reachable from a anonymously paid hosting provide like this:
https://bitcoinwebhosting.net/bitcoin-vps-hosting/
Yes you will not find source code from me how to setup this since, I didn’t see the need!
Hide your DNS querries
The idea of using Tor for the darknet is that you make a few hops and with every hop your traffic and your origin is encrypted. Anyone that doesn’t have “nation/state” compute power is not able to track that. And you have to by accident own the hops that my session have randomly selected. Tor doesn’t actully use pure DNS to resolve those onion adresses like this:
http://zqktlwi4fecvo6ri.onion/wiki/index.php/Main_Page
But still you will send some DNS queries. I’ll do a check with a sniffer to find out how that works one day.
Since I just encounter a article on cloudflare and I already am a fan of their services to actually cloack my home running webservices.(like this site) I found it great that they actually offer a onion powered TLS tunneled DNS service.
https://github.com/qdm12/cloudflare-dns-server
https://blog.cloudflare.com/welcome-hidden-resolver/
https://developers.cloudflare.com/1.1.1.1/fun-stuff/dns-over-tor/
I hope one day I have more time and will create a new docker container with both the tor browser and a DNS over onion.