3

I am interested in exploring a bit of the darknet, and I was wondering about the feasibility of running a Tor exit node from behind a local proxy like Burp Suite so that I could ID the destination URLs and look for hidden services, this could let me essentially develop the seed list for a "search engine" for the darknet. The only problem I'm having is that although I can route my own browsing through Burp Suite I can't get the traffic from the node running through it. Any ideas?

Edit: Also of interest is the same question for the general internet. I know there was the case where a guy was questioned for doing it. And disclaimer: I don't want to actually steal people's info or release it, more of a curiosity.

BSpiros
  • 175
  • 2
  • 7

3 Answers3

2

Have a look at this: http://www.ojscurity.com/2015/02/docker-zed-attack-proxy-with-tor.html

Not tried it myself, but it looks like it could be what you want :)

Simon Bennetts
  • 1,390
  • 7
  • 10
1

That's normal since your traffic is already encapsulated with several layers of encryption (a layer per node through which your traffic travels). You can only analyze Tor before the traffic enters the network or you could set up an exit node and find all traffic which is coming out of the Tor network (this would be less valuable in your case).

Have a read at this blog post I wrote a few months ago to see how Tor works.

Lucas Kauffman
  • 54,169
  • 17
  • 112
  • 196
  • Is this true even if my only goal would be to identify that a hidden service exists? Wouldn't my computer have to know the identity of the service to pass a connection to? I couldn't forward something to Silk Road without knowing that's where it was destined. Since I'm not concerned about the contents, just the destination, shouldn't I be able to make this work? – BSpiros May 06 '13 at 17:47
  • You would need to know the endpoint the problem is that there are no exit nodes in the tor network and nodes only know the previous and next hop. – Lucas Kauffman May 06 '13 at 17:52
  • If the layout is like this: User->Node->Node->Me->HiddenService, then I should know the ID of the service, just not the user right? – BSpiros May 06 '13 at 17:57
  • Nope, that's the whole point of tor, you don't know that. you only know the node which comes before you and the hidden service, but you don't know if there is a service on that machine, all you know is that you are handing of a packet to a nod. – Lucas Kauffman May 06 '13 at 20:07
1

You aren't understanding the concept of the darnket properly. There is no exit traffic for the darnket (as applied to TOR). All you would see is the encrypted traffic. Analysis of the sites on the general internet being hit through your exit node would be another story.

Tim Brigham
  • 3,762
  • 3
  • 29
  • 35