This article can often contain rather random Tor .onion links. I’ll show you how to create a custom .onion address for use with Tor hidden services.

Custom .onion links often help other Tor users find and recognize your site.

For example, close the Facebook .onion hidden service that allows users to access the Facebook website securely. The Facebook .onion link is facebookcorewwwi.onion.

For a public key hash that is randomly generated, it doesn’t look very random, and many users wonder how they forward the full .onion link.

The article below explains more about the processes Facebook took to create its custom .onion link.

Quote from Tor “The short answer is that for the first half (“Facebook”), which is only 40 bits, they generated keys over and over until they got some keys whose first 40 bits of the hash matched the required string. “

https://blog.torproject.org/blog/facebook-hidden-services-and-https-certs

https://en.wikipedia.org/wiki/Birthday_attack

In this article, we will not be creating an .onion link like Facebook’s fancy .onion link because we don’t have that kind of computing power to process the entire address as it would take an immeasurable amount of time.

To create custom .onion links, we can use the open-source tool Shallot.

Shallot allows you to create custom .onion addresses for Tor hidden services.

Individual approach means that part of the address can be selected.

Selecting the entire address will take much longer, as stated above.

Shallot Installation

 # sudo apt-get install libcurl4-openssl-dev

# git clone https://github.com/katmagic/Shallot.git Shallot

# cd Shallot
# ./configure && make
# ./shallot 

Usage

 # ./shallot ^test

—————————————————————-
Found matching pattern after 99133 tries: testvztz3tfoiofv.onion
—————————————————————-
—–BEGIN RSA PRIVATE KEY—–
MIICXgIBAAKBgQC3R85m6NQaA1ZjaYqvz1hvFIjbL4RtKdJbG8hlC9xEBkvfr/BG
8Z5vDiUzdbDt8mEBuZUDanx80uGJvbXTgmczX0UlkEOgGiZ8RKpnsbKaf/EJNrIw
T7MSXQmWNcm22nDeViV7fwy+Usyal2RE5cdVCFsPtEbVZqCumlKkEgCyFwIDBAZ7
AoGBAJSa2cGuru/XhzJAEAIwHZbgPDnum9T/srOYxUKW6afHZeOu5S4Cclwb+xb/
pGOtzn71XZfCKMfiVdxB/f3XTcRrYB2VnBoNToTD7WfH6DksdDf4zunqiEjvxi9K
R+tKhxmF7OedrRt8wIhUmFd1E2Q9nbTHI6icdB4kR4QkYKZzAkEA5M6samK7+495
6SWpRXiePIs7sHKWuxdCrG7kW5RNJrv2CcGYwK46TPcaXBcRfM4eq9+9PGoKi0IO
gSpOZ5vRYQJBAM0QAZYTZ6ApD014x372MX1ZNofuYL/+XF8ZPZV6Sh4+9MUBuNPb
yL7BENDr6pX4Zm6OepvAphhCa4vGno2pHncCQQCQnfhUCHANU4bjtX4EOoI63WDq
UwBOeIWxu0YvGt7Z25Dg9CNz/aX8UZIoj6VyKxLRbR9+K3mNrNgaopW+ZDKzAkEA
ttgTK1ALe+3v+5H+Ez1SvFPREDFcHihrfD1Ipc5zicY9ixTArgdyZvk+Pi+AMBVV
sL2HWvjRLEAgRclvKfkwWwJAFtM+BIGRM5me+fMALuBBEtKnbJ6maflsyucErEb0
pIIBkovF5oyWO3lSBmtStJIANNkHOg8aXqjcgPKusDN7CQ==
—–END RSA PRIVATE KEY—–

About the security of generated key pairs

“It is sometimes claimed that private keys generated by Shallot are less secure than those generated by Tor.

This is incorrect. Although Shallot generates a key pair with an unusually large common exponent e, it performs all the sanity checks specified in PKCS#1 v2.1 (directly in sane_key), and then performs all the sanity checks that Tor does when it generates RSA (by calling the OpenSSL RSA_check_key function).

Adding a new RSA private key to the Tor hidden service

Setting up a Tor hidden service is fairly simple, it requires running a web server on the machine and setting the HiddenServiceDir and HiddenServicePort in the tor configuration file.

Location of torrc: /etc/tor/torrc

 # nano /etc/tor/torrc 

When Tor starts a hidden service, it generates a new public/private key pair for the hidden service.

The key pair is then written to the private_key file.

Webmasters are advised to keep this key safe from others to prevent an attacker from gaining access to these keys so that they can impersonate a hidden service and perform various Man-in-the-Middle and Downgrade attacks on the targeted Tor hidden service.

If you replace the RSA private key (including its header and footer) in the private_key file in the HiddenServiceDir specified in your torrc, then when you restart Tor, a hostname file will be created in HiddenServiceDir that contains your new .onion address.

The execution time required to create custom .onion links

Tor .onion connection generation time with a given number of initial characters on a 1.5 GHz processor

Generation time (approx.)

1 less than a second

2 less than a second

3 less than a second

4 – 2 seconds

5 – 1 minute

6 – 30 minutes

7 – 1 day

8 – 25 days

9 – 2.5 years

10 – 40 years

11 – 640 years

12 – 10 thousand years

13 – 160 thousand

14 – 2.6 million years

Shallot Git Repo

Scallion Oinionhash Generator

That’s all. Have a nice day, everyone!

❤️ If you liked the article, like and subscribe to my channel Codelivly”.

👍 If you have any questions or if I would like to discuss the described hacking tools in more detail, then write in the comments. Your opinion is very important to me!

Shares:

Leave a Reply

Your email address will not be published. Required fields are marked *