Welcome to The Forum

Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to

existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile

and so much more. This message will be removed once you have signed in.

Active Hackers

The best community of active hackers. This community has been working in hacking for more than 10 years.

 

Hacker Forum

Hacker from all countries join this community to share their knowledge and their hacking tools

    Hacking Tools

    You can find thousands of tools shared by hackers. RAT's, Bot's, Crypters FUD, Stealers, Binders, Ransomware, Mallware, Virus, Cracked Accounts, Configs, Guides, Videos and many other things.

      PRIV8

      Become a Priv8 user and access all parts of the forum without restrictions and without limit of download. It only costs 100 dollars, and it will last you for a lifetime.

      Read Rules

      In this community we follow and respect rules, and they are the same for everyone, regardless of the user's rank. Read the rules well not to be prohibited.

      dEEpEst

      Cómo crear un sitio de servicio oculto Tor para configurar un sitio web o servidor anónimo

      Recommended Posts

      Staff

      Hidden Content

        Give reaction to this post to see the hidden content.
       es una red segura y anónima que permite a cualquier persona acceder a sitios web con anonimato. La gente normalmente usa Tor para acceder a sitios web normales, pero no es necesario. Si desea configurar su propio sitio web anónimo, puede crear un servicio oculto en el sitio Tor. Su sitio web de servicio oculto se ejecuta completamente dentro de Tor, por lo que nadie sabrá quién creó y ejecuta el sitio web. Sin embargo, solo las personas que usan Tor pueden acceder a él. Servicio oculto Los sitios Tor son ideales para cualquiera que desee crear un sitio web anónimo, como activistas políticos en 

      Hidden Content

        Give reaction to this post to see the hidden content.
       .

       

      No todos los servicios ocultos tienen que ser sitios web. Puede crear un 

      Hidden Content

        Give reaction to this post to see the hidden content.
       , un 

      Hidden Content

        Give reaction to this post to see the hidden content.

      Hidden Content

        Give reaction to this post to see the hidden content.
       o cualquier otro tipo de servidor y ofrecerlo como un servicio oculto en Tor. Este tutorial se centrará en la configuración de un sitio Tor oculto utilizando el servidor web Savant , que Tor recomienda, en Windows. Los pasos también se pueden aplicar a otros sistemas operativos y servidores web. 

      Hidden Content

        Give reaction to this post to see the hidden content.

      Hidden Content

        Give reaction to this post to see the hidden content.
       , que Tor recomienda, en Windows. Los pasos también se pueden aplicar a otros sistemas operativos y servidores web.

      Paso 1: instala Tor

      Para comenzar, tendrá que 

      Hidden Content

        Give reaction to this post to see the hidden content.
       en su computadora. Si ya lo tiene instalado, puede omitir este paso. Por defecto, Tor instala el 

      Hidden Content

        Give reaction to this post to see the hidden content.
       , que incluye un navegador Firefox especialmente configurado.

      Hidden Content

        Give reaction to this post to see the hidden content.

      Verá un icono de cebolla verde en la bandeja del sistema cuando esté conectado a la red Tor.

      Hidden Content

        Give reaction to this post to see the hidden content.

      Hidden Content

        Give reaction to this post to see the hidden content.

      Tor siempre debe estar ejecutándose en su sistema para que el servicio oculto sea accesible. Si su computadora está apagada, desconectada de Internet o si Tor no está funcionando, no se podrá acceder al lado oculto Tor del servicio. Esto tiene algunas implicaciones de anonimato: teóricamente es posible inferir si su computadora ejecuta o no el servicio oculto al ver si está accesible cuando su computadora está apagada.

      Paso 2: Instalar y configurar un servidor web

      Necesitará un servidor web para servir el sitio de servicio oculto de su sistema. 

      Hidden Content

        Give reaction to this post to see the hidden content.

      Hidden Content

        Give reaction to this post to see the hidden content.
       para servir el sitio de servicio oculto de su sistema. 

      Hidden Content

        Give reaction to this post to see the hidden content.
       recomienda no usar el 

      Hidden Content

        Give reaction to this post to see the hidden content.
       común . En cambio, Tor recomienda usar el 

      Hidden Content

        Give reaction to this post to see the hidden content.
       en Windows o el 

      Hidden Content

        Give reaction to this post to see the hidden content.
       en Mac OS X, Linux y otros sistemas operativos tipo UNIX. La documentación de Tor señala que Apache " [es] grande y tiene muchos lugares donde podría revelar su dirección IP u otra información de identificación, por ejemplo en 404 páginas", pero también señala que " Savant probablemente también tenga estos problemas 

      Utilizaremos Savant como ejemplo aquí, pero puede establecer las mismas opciones en otros servidores web. Para configurar Savant, inicie su ventana principal y haga clic en el botón Configuración.

      Hidden Content

        Give reaction to this post to see the hidden content.

      Desde la ventana de configuración, deberá configurar el cuadro " Server DNS Entry " en " localhost " para enlazar Savant con localhost. Esto garantiza que solo se pueda acceder a su sitio web desde su computadora local, para que la gente no pueda acceder a él a través de la Web normal y vea que está alojando el servicio oculto del sitio Tor.

      Hidden Content

        Give reaction to this post to see the hidden content.

      Después de configurar el servidor web , querrá agregar su contenido. De forma predeterminada, Savant usa el 

      Hidden Content

        Give reaction to this post to see the hidden content.

      Hidden Content

        Give reaction to this post to see the hidden content.
       configurado, querrá agregar su contenido. De forma predeterminada, Savant usa el directorio C: \ Savant \ Root(puede cambiar esto desde la pestaña Rutas ). Asegúrese de reemplazar el archivo index.html en este directorio con el archivo que desea como página de inicio.

      Hidden Content

        Give reaction to this post to see the hidden content.

      Hidden Content

        Give reaction to this post to see the hidden content.

      Paso 3: configura el servicio oculto

      Ahora que Tor está instalado y se está ejecutando un servidor web , todo lo que tiene que hacer es decirle a Tor al respecto. Debería poder agregar esta información al archivo torrc a través de la interfaz gráfica de usuario de Vidalia, pero experimenté errores y tuve que hacerlo a mano. 

      Hidden Content

        Give reaction to this post to see the hidden content.

      Hidden Content

        Give reaction to this post to see the hidden content.
       está ejecutando, todo lo que tiene que hacer es decirle a Tor al respecto. Debería poder agregar esta información al archivo torrc a través de la interfaz gráfica de usuario de Vidalia, pero experimenté errores y tuve que hacerlo a mano.

      Primero, cierra Tor si se está ejecutando.

      Hidden Content

        Give reaction to this post to see the hidden content.

      Luego, ubique su archivo torrc. Si instaló el paquete del navegador Tor, lo encontrará en el directorio Tor Browser \ Data \ Tor . Abra este archivo con el 

      Hidden Content

        Give reaction to this post to see the hidden content.
       .

      Hidden Content

        Give reaction to this post to see the hidden content.

      Agregue la siguiente sección al final del archivo:

      # 
      HiddenService HiddenServiceDir C: \ Users \ Name \ tor_service 
      HiddenServicePort 80 127.0.0.1:80

      Reemplace C: \ Users \ Name \ tor_servicecon la ruta a un directorio que Tor puede leer y escribir en su sistema. No use el directorio que ya contiene su sitio web. Esto debería ser un directorio vacío.

      Reemplace el  : 80 con el puerto que el 

      Hidden Content

        Give reaction to this post to see the hidden content.

      Hidden Content

        Give reaction to this post to see the hidden content.
       está usando en su sistema. Por ejemplo, si el servidor web se ejecuta en el puerto 5000, usaría la línea que el servidor web está utilizando en su sistema. Por ejemplo, si el servidor web se ejecuta en el puerto 5000, usaría la línea HiddenServicePort 80 127.0.0.1:5000.

      Hidden Content

        Give reaction to this post to see the hidden content.

      Guarde el archivo después de editarlo. También deberá crear el directorio que especificó, si aún no existe.

      Hidden Content

        Give reaction to this post to see the hidden content.

      Reinicia Tor después de hacer esto. Una vez que lo haya hecho, querrá verificar el Registro de mensajes para ver si hay algún mensaje de error.

      Hidden Content

        Give reaction to this post to see the hidden content.

      Si el registro de mensajes no contiene errores, está listo para continuar. Echa un vistazo al directorio de servicios ocultos que has creado. Tor habrá creado dos archivos en el directorio - hostname y private_key. No le dé a nadie el archivo private_key o podrá hacerse pasar por su sitio oculto de servicio Tor.

      Hidden Content

        Give reaction to this post to see the hidden content.

      Querrá abrir el archivo de nombre de host en el Bloc de notas u otro editor de texto. Le dirá la dirección de su nuevo sitio oculto de servicio Tor. Conecte esta dirección en su navegador web Tor y verá su sitio web. Dé la dirección a otras personas para que puedan acceder a su sitio. Recuerde, las personas deben estar usando Tor para acceder a su sitio de servicio oculto.

      Hidden Content

        Give reaction to this post to see the hidden content.

      ¿Has usado Tor o has configurado un sitio Tor oculto? ¡Asegúrate de compartir tus experiencias y cualquier consejo que tengas en los comentarios!

      Share this post


      Link to post
      Share on other sites
      Guest
      This topic is now closed to further replies.

      • Similar Content

        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. Ethical Hacking for Complete Beginners
          What you’ll learn
              In this course, you will learn some of the most common Web Application Vulnerabilities and how to submit them to Bug Bounty Programs, all while building a strong foundation for furthering your education.
          Requirements
              There are no prerequisites for this course! All you need is a computer and an internet connection.
          Description
          In this course, we will cover all that is required for you to begin your Bug Bounty career! We will set up your working environment and learn how to do recon on the target application. Some of the Vulnerabilities that are covered include: URL manipulation, IDOR’s, Business Logic Errors, SQL injection, XSS and more! No prior experience is necessary.
          I have designed this course knowing that there will be many students who want to learn bug bounty hunting, who do not have any knowledge of programing or programming languages. Therefore, this course was developed in such a way that you do not need to possess any coding skills. (However, in a separate intermediate level course, it will be advantageous that you have some basic programming skills in order to follow along.) I will walk you through finding programs that you are interested in researching and help you understand what vulnerabilities are permitted on the application, as well as which ones are labeled as out of scope.
          I update this course regularly and respond to questions as soon as I can. I encourage my students to ask questions when you don’t understand a concept. Please let me know if a video is out of date or the instruction is not clear so I can update the videos and make this the best possible learning experience for you!
          Who this course is for:
              This course is for beginner students interested in Bug Bounty Hunting & Web Application Testing.
          Hidden Content
          Give reaction to this post to see the hidden content.
          Content:

          Hidden Content
          Give reaction to this post to see the hidden content.
          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. What you'll learn
              WordPress Core Architecture
              How to find Vulnerabilities in WordPress Sites
              How Hacker Exploit Vulnerabilities in WordPress
              How to Increase Security of WordPress Sites
              How to Defend Against WordPress Attacks
          This course includes:
              1.5 hours on-demand video
              14 downloadable resources
              Full lifetime access
              Access on mobile and TV
              Certificate of completion
          Requirements
              Basic Ethical Hacking Knowledge
              Basic knowledge of websites and web applications
              Knowledge of PHP Language
          Description
          Did you know that more than 30% of websites on internet are based on WordPress and more than 42% of online shopping sites are using WordPress as E-commerce solution.
          WordPress is robust and powerful open source website creation tool. In this course we are going to see the vulnerabilities in WordPress based sites We will start this course by looking into the core architecture of WordPress like How WordPress works? How themes work in WordPress? What are plugins and how to create plugins? Then will looking into information gathering phase of WordPress. We will see how to do version detection and how to gather user information. We will also try to find vulnerabilities in WordPress themes and plugins.
          After that we will see how to exploit these vulnerabilities and gain access to WordPress site. We will also try and gain access to complete server using WordPress site. Then Will see how to write malware code and exploit WordPress site on different levels. After looking into WordPress vulnerabilities we will see how to secure WordPress sites. We will provide you step by step information to secure your new WordPress site as well as existing WordPress sites.   
          Who this course is for:
              Web developers interested in WordPress Security
              Ethical Hackers who wants to learn about WordPress Security
              People who wants to Secure their own or company WordPress site
          Hidden Content
          Give reaction to this post to see the hidden content.

          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content.
          Hidden Content
          Give reaction to this post to see the hidden content.
          Hidden Content
          Give reaction to this post to see the hidden content.
          Hidden Content
          Give reaction to this post to see the hidden content.
          Functional
          -Hidden download
          -Saving Users
          -Dynamic interchangeable links from the panel (DLR)
          -Auto run
          -CIS sorter
          C#, Framework 4, PHP 7.1
          Only for '.exe' files now.

          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. OpenDoor OWASP is a console multifunctional websites scanner. This application finds all possible ways to login, index of/ directories, web shells, restricted access points, subdomains, hidden data, and large backups. The scanning is performed by the built-in dictionary and external dictionaries as well. Anonymity and speed are provided by means of using proxy servers. The software is written for informational purposes and is an open-source product under the GPL license.
          Implements
               multithreading control
               scan’s reports
               directories scanner
               subdomains scanner
               HTTP(S) (PORT) support
               Keep-alive long pooling
               HTTP(S)/SOCKS proxies
               dynamic request header
               custom wordlst’s prefixes
               custom wordlists, proxies, ignore lists
               debug levels (1-3)
               extensions filter
               custom reports directory
               custom config wizard (use random techniques)
               analyze techniques
                  detect redirects
                  detect index of/ Apache
                  detect large files
                  heuristic detect invalid web pages
                  blank success page filter
                  certify required pages
               randomization techniques
                  random user-agent per request
                  random proxy per request
                  wordlists shuffling
                  wordlists filters
          Changelog v4.0.1
          – Python 2.6,2.7 is unsupported
          – Update directories.dat 36994 -> 37019
          – [enhancement] [#PR-40](https://github.com/stanislav-web/OpenDoor/issues/40) added encoding to setup.py
          – [bugfix] [#PR-48](https://github.com/stanislav-web/OpenDoor/issues/48) Python 3.9 / 3.10 compatibility
          – [bugfix] [#PR-20](https://github.com/stanislav-web/OpenDoor/issues/20) No timeout setup in request
          – [enhancement] [#PR-36](https://github.com/stanislav-web/OpenDoor/issues/36) Feature Request: Show only found items

          Hidden Content
          Give reaction to this post to see the hidden content.
        • By itsMe

          Hidden Content
          Give reaction to this post to see the hidden content. West Wind WebSurge
          Web Application Load Testing made easy
          Capture HTTP Requests
          Test HTTP Requests
          Play them back under Load
          Summarize Results
          Load Testing Web Sites shouldn't be difficult
          We believe that testing HTTP requests and load testing a site should be easy. It's something that should take a few minutes to set up and then run on a regular basis during the development process, so that you can monitor performance of your sites while you are building them.
          We built West Wind WebSurge with developers and testers in mind to make it easy to create HTTP requests or entire sessions, and then easily play back either individual URLs for API or response testing, or for full-on stress testing under heavy load. It's easy to share sessions that are plain text files and can be stored on disk with projects, shared folders or cloud drive storage or via source control for all users access.
          Features
          Easy to capture, easy to run tests
          Built-in capture tool to capture requests
          Capture Web browsers or Windows apps
          Filter captures by domain or process Id
          Import sessions from Fiddler
          Manually create and edit sessions
          Complete HTTP and SSL Support
          Test HTML, AJAX, REST and SOAP Services
          Test individual URLs
          Test with unlimited load
          Easy to read summarized results
          Charts to visualize results
          Export results to Xml,Json,Html
          Test locally and within your Firewall/VPN
          Command Line Interface
          Great for HTTP Request testing and managing
          more features...
          Hidden Content
          Give reaction to this post to see the hidden content.

          Hidden Content
          Give reaction to this post to see the hidden content.