How to create a Tor SSL hidden service – Termux

Hello ladies and gentlemen, boys and girls, to tonight’s show. I will be your host. Now, let me explain to you how to create a Tor hidden service, and as a bonus, I will teach you how to set SSL to it to encrypt the connection. Enough of the bullshit, let’s roll.

Now, you will need a LOT. As always, the requirements must meet in order for it to be successful:

Packages
nginx: to deploy the web server.
tor: to act both as a proxy and a hidden service provider.
openssl to generate a self-signed SSL certificate.

Others
The Tor browser to check if your results are responsive.

Done. Now to the actions.
First of all, you gotta have to generate your SSL certificate and private key. Keep both of this in a safe and secluded directory. Use this set of commands in the correct order:

$ openssl req -x509 -newkey rsa:16384 -keyout certkey.pem -out cert.csr -days 365 -verify -set_serial 740340178739478 -sha512

$ mv certkey.pem /data/data/com.termux/files/usr/etc/nginx/

$ mv cert.csr /data/data/com.termux/files/usr/etc/nginx/

The next thing you wanna do is to go to the nginx config file and edit it with the command:
$ nano /data/data/com.termux/files/usr/etc/nginx/nginx.conf

Then, uncomment everything from line 98 to the end (HTTPS server section). Next, modify it as I say.


# HTTPS server
#
server {
listen 8443 ssl;
server_name localhost;

ssl_certificate /data/data/com.termux/files/usr/etc/nginx/cert.csr;
ssl_certificate_key /data/data/com.termux/files/usr/etc/nginx/certkey.pem;

ssl_session_cache shared:SSL:1m;
ssl_session_timeout 5m;

ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;

location / {
root share/nginx/html;
index index.html index.htm;
}
}

}

Next, you configure Tor to do what you want. Use the command:
$ nano /data/data/com.termux/files/usr/etc/tor/torrc

Now, locate the section where it says hidden service and modify it as I say:

############### This section is just for location-hidden services ###
## Once you have configured a hidden service, you can look at the
## contents of the file ".../hidden_service/hostname" for the address
## to tell people.
##
## HiddenServicePort x y:z says to redirect requests on port x to the
## address y:z.

HiddenServiceDir /data/data/com.termux/files/usr/var/lib/tor/hidden_service/
HiddenServicePort 443 127.0.0.1:8443

#HiddenServiceDir /data/data/com.termux/files/usr/var/lib/tor/other_hidden_service/
#HiddenServicePort 80 127.0.0.1:80
#HiddenServicePort 22 127.0.0.1:22

Now, you gotta create a directory at the specified place. Use these command in the specific order:

$ cd /data/data/com.termux/files/usr/var/lib/
$ mkdir -p tor/hidden_service/

Now the configuration is pretty much done. You just gotta do these last commands:

$ nginx
$ tor

Wait for it to finish, then use this command:
$ cat /data/data/com.termux/files/usr/var/lib/tor/hidden_service/hostname
Copy that into your clipboard.

Last step: Paste the .onion link into the Tor browser I asked you to install. You’re done here.

I hope you enjoy this tutorial. If you find it helpful, why not share it around. Always remember, Hackingarise is never responsible for any of your malicious acts. Have a nice night. Stay safe, stay ethical.

pentester