The dark web was originally created by the Advanced Research Projects Agency which is an arm of the US Defense department to aid in cold war intelligence. The dark web is essentially an evolution of the ArpaNet.
To access the Dark Web, all you need is a TOR or Onion browser. I like the Brave Browser which is available for all platforms.
With the Brave Browser, go to the Brave Browser. In the Brave Menu, choose
“New Private Window with Tor”
As a test, go to:
https://www.facebookcorewwwi.onion/
Yes, Facebook has a dark web address. As you can see from the resultant page, Facebook has no idea where or who you are before you sign in.
Tor browsing is necessarily slow and all dark web addresses end in “.onion” and can only be accessed with a TOR browser.
Linux lets you create a “Tor” or “Onion” hidden services. “TOR” is an acronym for “The Onion Router”. Like the many layers of an Onion, TOR routing anonymizes a service offered on it and the clients navigating to it. TOR services are unique because there is no DNS directory to index them or tie them back to an IP address.
Basically, any website can be offered via the Dark Web if you install TOR.
When you have a TOR site, it goes out on the dark web and randomly chooses three onion routing introduction points which form what is called an Onion circuit. The Introduction points, in turn, each choose three random relay points. The three introductory points and the three relay points form chains back to the target TOR server on the Dark Web. This multipoint, random relay system makes it pretty darned impossible to identify a dark web website location or its ownership unless the website has indicative data.
The three introduction points and the Onion chains to them become the “Onion Service Descriptor”. It also adds a public key and it signs it with a private key to encrypt the traffic and its route.
The completed “Onion Service Descriptor” is then uploaded to a distributed hash table which is a table of dark web websites distributed to the onion network routers. There really aren’t any search engines to find dark web websites because it is not indexed at all. So, you generally have to know an onion address to get to it.
To get to a dark web node from a TOR browser, you type in the address which is something like 3g2tyesfh6tyd7m.onion.
The TOR browser searches the hash table for the website and finds the three introductory nodes. It then chooses one at random and then forms the onion circuit that will be used to contact the target system through multiple relay points.
The TOR browser then makes a second connection randomly through multiple relay servers to a “rendevouz” point which is essentially a request to contact the dark web node. The client also implants a “passphrase” at the rendevouz point. Then using the initially chosen introduction point of the Onion Service, the location of the rendevouz point and the passprase are sent.
The dark web website also has a similar onion circuit to the introduction point. The rendevouz point and the passprhase are sent over the onion circuit to the dark web webserver telling the web server where to contact. At this point, the webserver makes its own onion circuit back to the client randomly through the dark web via the Rendevouz site. If the passphrase is correct, the connect is made.
All this multilayer, complex routing makes both clients and webservers completely anonymous with no way to trace the route to the server and no routing table or name server lookup. For this reason, the dark web is highly secure and encrypted, but lacks speed and performance.
I have also discovered that there is no need to open ports or define routing rules to Dark Web sites hosted on your network. The reason is that the circuit is initiated by your Website and carries bidirectional traffic.
To install the “TOR” service on your website:
sudo apt install tor
sudo nano /etc/tor/torrc
Uncomment these two lines:
HiddenServiceDir /var/lib/tor/hidden_service/
HiddenServicePort 80 127.0.0.1:80
sudo service tor stop
sudo service tor start
To see your onion address:
sudo cat /var/lib/tor/hidden_service/hostname
In my case, I created a phpBB and its Onion address on the Dark Web is:
5kxymuorerk6luzq7lsepfvd6wrymgtsxx3orwlyttumrtsb4xoil6yd.onion
You should be able to reach this address in your Brave browser via a private window with TOR.
phpBB is a good choice for the Dark web because it works by default without SSL or a domain name,
To create your own myPHP bulletin board server, start with an Ubuntu 18.04 LTS server instance and ssh into it:
sudo apt-get update
sudo apt-get upgrade
sudo apt-get install apache2
sudo apt-get install mysql-server
sudo mysql -uroot -p
You will be prompted to key in the root password of the MySQL server. Then, hit Enter to continue
Once the MySQL command line prompt appears, run the SQL command below to create phpBB database:
mysql> Create database phpbb CHARACTER SET utf8 COLLATE utf8_general_ci;
The database will be accessed via a privileged user. To create one, run the command below:
mysql> create user ‘phpbb_user’@‘localhost’ identified by ‘PASSWORD’;
Replace ‘PASSWORD’ with a strong value.
Then, grant all privileges on the ‘phpbb’ database to ‘phbb_user’ using the command below:
mysql> Grant all privileges on phpbb.* to ‘phpbb_user’@‘localhost’;
Then, reload MySQL privileges for the changes to take effect
mysql> flush privileges;
Exit from MySQL command line tool:
mysql> exit;
Step 4: Installing PHP
phpBB is written in PHP and we need to install this general purpose programming language on our server in order for the source files to be executed correctly.
Run the command below to install PHP:
$ sudo apt-get install php
Press Y and hit Enter when prompted to confirm the installation
We also need to run the command below to install all PHP module that phpBB requires to run in our server environment:
$ sudo apt-get install libapache2-mod-php php-curl php-json php-cgi php-xml php-mysql php-mbstring
Press Y and hit Enter to continue.
Restart Apache web server
$ sudo service apache2 restart
Step 5: Installing phpBB software
Our server environment is ready to run phpBB. We can now go ahead and download the bulletin board software using Linux wget command.
First, navigate to the /tmp folder directory using the CD command:
$ cd /tmp
Then, use wget to download the latest versions as shown below:
$ wget https://download.phpbb.com/pub/release/3.3/3.3.4/phpBB-3.3.4.zip
The latest version by the time of writing this guide was phpBB 3.3.4. You can always check if there is a newer version on the official download page (phpBB • Download phpBB 3.3)
Once the download is completed, you will have an archive file on the tmp directory named ‘phpBB-3.3.4.zip’.
We will unzip this file and send the contents to the root of the web server. First, we need to install the unzip utility:
$ sudo apt-get install unzip
Then, use the unzip command to unpack the archive file
$ sudo unzip phpBB-3.3.4.zip
The files will be unzipped to a directory named phpBB3. We can now copy those files to the root of our website:
$ sudo cp -R phpBB3/* /var/www/html
We also need to remove the default Apache file so that it does not interfere with our files;
$ sudo rm /var/www/html/index.html
Step 6: Setting phpBB File Permissions
Since Apache web server runs under the username and group www-data, we need to give it the appropriate file permissions using the commands below:
$ sudo chown -R www-data:www-data /var/www/html/
$ sudo chmod 660 /var/www/html/images/avatars/upload
$ sudo chmod 660 /var/www/html/config.php
$ sudo chmod 770 /var/www/html/store/
$ sudo chmod 770 /var/www/html/cache
$ sudo chmod 770 /var/www/html/files
Reboot the Server
Step 7: Running phpBB Setup Wizard
On a web browser, enter the domain name or public IP address followed by /install to finalize the setup.
http://ip_address/install
After you are done with the setup:
cd /var/www/html
sudo mv install renamed-install