Setup a Tor Hidden Service

Detailed tutorial on creating your hidden service

Posted by BlackVikingPro on 2017-03-11 21:10:54

Installing Tor

First step is to install Tor. I personally am running Ubuntu, but this should be relevant to most other operating systems. Installing Tor is simple because you can retrieve it from the official Ubuntu and Linode PPA's. Simply type in the commands below to install Tor.

sudo apt-get update
sudo apt-get install tor

This should get the base package Tor installed. Next, we'll need an web server of some type or flavor. I use Apache2, but Nginx would do the same thing. To install and get Apache2 up and running, simply type:

sudo apt-get install apache2 apache2-utils

Great, now that these are installed and we have the Apache server up and running, we can get into configuring our server for opening a new Tor website.

Configuring Tor for a new Website

So here we need to modify some files and user permissions in for our website. For the most secure method, we take certain precautions.

First, start by creating a new user with a unique password that does not have root permissions. This will gain security while running this type of server, in the case of a breached server or so. You can accomplish this by using the command(s):

sudo adduser torserver
sudo chmod 700 /home/torserver/

So now that we have our user all setup for the service, we can get into setting up our config file controlling Tor in order to setup and initiate our service. The configuration file needed for this is located usually in /etc/tor/torrc. Modify it by using Nano or such.

sudo apt-get install nano
sudo nano /etc/tor/torrc

Then, modify lines 72, 73 using Nano. You should find the following there:

HiddenServiceDir /var/lib/tor/hidden_service/

HiddenServicePort 80

Modify the top line to point to our secure user's home directory:

HiddenServiceDir /home/torserver/

Boom, that's it! Now all you have to do is login to your secure account and we can get it setup to run persistently by executing:

sudo apt-get install screen
su -l torserver -p
(type in account password)

Let's break this down a little bit to understand it more.

The first line, sudo apt-get install screen is a command to install the 'screen' utility which can keep terminal sessions alive in the background as a daemon. This is useful for keeping our Tor service alive, as it cannot be run in the background and out of site.

Our second command su -l torserver -p is to login under the 'torserver' account so that we have A. access to our Tor Service directory, with the proper permissions so that no other user can view the contents of the directory without root permissions. B. so that we can run the Tor service under the closed user account, instead of the insecure method of running it under the root account.

The next couple of commands, 'screen', and 'tor' are to execute Tor under the screen application so that it can keep the session alive until it is forcefully stopped. In order to stop the session or exit out of it, then simply do:

To exit the open session of screen : 'CTRL + A + D'.

To close the session of screen : '(command) exit'

So, now that we have our server up and running, now to get the randomly generated hostname and private key of our server, simply (under the torserver or root account(s)) cat the files in the /home/torserver/ directory named hostname and private_key. This is the hostname or domain to your new server!

Setting up a custom domain

This is rather a simple process itself. For this one, we'll be compiling and installing a tool for this called Eschalot. This tool searches for custom .onion domains using a brute-force method. In order to setup and make this tool, we must hand compile it by using the following.

sudo apt-get install git libssl-dev gcc build-essential
git clone
cd eschalot/

Once everything is all finished up making and compiling. Just test that the executable works by running the application: ./eschalot. So now that we have this, and you see the help menu and such then we can use this information to come up with the following:

./eschalot --help
./eschalot -c -t <number_of_cpu_threads (default is 1)> -p <prefix of custom domain>

An example command (for a quad core machine) would be along the lines of:

./eschalot -c -t 4 -p blackviking

Running this will enable you to brute force search several domains starting with the prefix that you specify. Each result will give you the domain name, and an RSA private key. Example custom generated domain and key

Custom domain setup

After gathering your domain and private key, you'll need to setup the system to use the new details. Do such by simply changing the contents of the two known files in our secured user's home directory hostname and private_key to use the new details.

mv /home/torserver/hostname /home/torserver/hostname.old
mv /home/torserver/private_key /home/torserver/private_key.old
touch /home/torserver/hostname /home/torserver/private_key
echo <generated domain name> >> /home/torserver/hostname
nano /home/torserver/private_key
(paste in generated RSA key)

Then, if your service had already been online from the daemon running under the screen utility, simply type in screen -r to resume the session, close down Tor by doing ^C, then leave the session by doing (command) exit. Now, you'll need to restart the service, do such by running service tor restart, then onto starting up your new server's domain using screen. Go screen, then tor, then CTRL + A + D. Boom, you should be able to now type in your custom domain into the Tor browser and find your website up and running!

That's pretty much it, below are some official places to find more details on each utility and service used. Thanks!

Tor Browser Bundle

Tor on Debian

Screen Utility (Linux)

Eschalot README