Install the Tor command line tool
You can install from MacPorts or Homebrew on OS X, from aptitude in Debian/Ubuntu, from rpms in Fedora/RedHat, or download directly for Windows (you need the "expert bundle").
These instructions assume you are using Homebrew and OS X, so:
brew install tor
Run Tor:
tor
Tor is now listening on port 9050. Your computer won't use Tor by default; you have to manually route apps through Tor.
With Tor running, open a new tab and run curl. This should echo HTML from broniesaustralia.com.au.
curl --socks5-hostname 127.0.0.1:9050 broniesaustralia.com.au
Creating a hidden service .onion domain
Tor allows you to expose a web service anonymously. First lets set up a very simple webserver in a new terminal tab.
mkdir simple-service cd simple-service echo "Hello, Tor!" > index.html python -m SimpleHTTPServer 8000
Test that it is working by opening a new tab and running:
curl localhost:8000
Edit your torrc:
vi /usr/local/etc/tor/torrc
and add the following lines:
log info file /usr/local/etc/tor/tor.log # hidden services! HiddenServiceDir /usr/local/etc/tor/hidden_http_service/ HiddenServicePort 80 127.0.0.1:8000
This will take the server running on localhost port 8000 and make it available as a Tor hidden service
Restart Tor for the changes to take effect:
tor
You can't choose your onion domain name for your hidden service (yet). It is generated by Tor. To find your domain name, read the contents of the hostname file:
cat /usr/local/etc/tor/hidden_http_service/hostname
You can test your service using curl through Tor (where xxxxxxxxxxxxxx.onion is the result of the previous command):
curl --socks5-hostname 127.0.0.1:9050 xxxxxxxxxxxxxx.onionYour service is published! You can now access the .onion link from someone else's machine.
Congratulations! You have a Tor hidden service running.
People can anonymously connect to it and get your hello message but won't be able to identify your machine.
Now you've got the basics set up, you'll want to get it hosted somewhere reliable. The next page shows you how to set up and pay for a web server anonymously. This will provide better reliability for your service and if done correctly will provide a second anonymous shield between you and anyone trying to learn your identity.
Next
Anonoblog | Robin Doherty | robindoherty.com | @rdoh | rdoherty@gmail.com | PGP