Hidden Web Page: A Modern Alternative to Numbers Stations by GreyS3c
The dark web is often associated with illegal practices or activities, and is generally portrayed by the mainstream media as a sort of black market bazaar which focuses on illegal purchases. While this may be true for a few out there, the special configurations required to access the dark web offer many advantages – this being the main concern of users no matter their reason for visiting.
One such advantage is that hidden sites can only be hosted and/or accessed using Tor connections and browsers, granting both the host and the visitor a fairly high level of security through anonymity and encryption, as well as privacy. With this requirement, hidden sites are not indexed by Google, Bing, Yahoo, DuckDuckGo, Yandex or other search engines, meaning that an automated effort by big-tech to index, suppress or stop certain phrases or patterns will not stop dark web hosts from sharing or passing information with their network or consumers, nor is there anyone to send a take-down order to, like on the open (or “normal”) web.
In this post, we will cover potential use-case scenarios for hosting hidden (Tor) websites then I’ll share my personal set up and provide a simple walk-through for setting up your own hidden site (in 10 steps). I’ve provided command line samples to copy/paste into your own terminal, making this project ‘Easy’ to ‘Extremely Easy’ for those with no Linux experience.
Share This Story, Choose Your Platform!
About the Author: admin
5 Comments
Comments are closed.
GUNS N GEAR
Using something like steganographr could even obscure the message even further.
https://neatnik.net/steganographr/
Zero width characters are still completely visible to a computer, aren’t they? If I understand the concept, they’re only unseen by human eyes when you’re looking at a monitor, because the monitor doesn’t display them with any width.
Opposition bots and scrapers can still read & copy zero width characters, right?
The idea is hide your OTP message in the zero width characters. That way, a casual observer has no idea what’s going on. A OTP message might flag you as someone who needs more assets put on them..
That’s almost the sense I get if you use things that improve your commo security like DMR. The signature itself screams to have more attention paid to it.
For your last question, it doesn’t seem that way. But, we’re not hiding plain text in the characters either.
A little off track here – when Cuba was having their thing with protests and all, the Cuban govt shut down all internet except Twitter. So, if you are forced into using only one website, can you see the application for passing hidden messages?
So what the author did was modify a Raspberry Pi 4 to function as a tiny mobile web server, right?
If I understood his description correctly, the broadcaster would configure the hardware & software as described, come up with a message to post on his darkweb site, and (while out & about) surreptitiously connect the Pi to the internet during prearranged comms windows. In turn, the intended audience would visit the prearranged Tor URL at the right time, read the message on the Pi, and copy it down. Then the audience and the broadcaster would disconnect from the internet and go about their business.
Am I understanding this correctly?
I believe your recap to be correct. One could up the ante by using keywords, trigrams and one time pads.