Diferencias

Muestra las diferencias entre dos versiones de la página.

--- darknet [2020/04/18 02:41] – gregkedro
+++ darknet [2020/04/18 02:43] (actual) – gregkedro
@@ Línea 231: / Línea 231: @@
 Technical Investigation of a .onion site:
   - Check out the http headers
+    * You might get lucky and get the "Client-Peer" IP address
   - See what kinds of software they are running and their current version
+    * Server Version | PHP App Server (etc.)
   - Are there vulnerabilities in that version? is it old? exploits available?
+    * You can get a search warrant here to break into the machine (hack in) if you have jurisdiction over the location of the server.
+    * If not then.... go to Shodan.io
   - Go to Shodan search engine (searches IoT - Internet of Things)
   - Enter the combo of software and versions to see what machines out there are running that particular combination and open to the Internet.
   - From the results, find out which serve up .onion sites.
+    * Few results: do it "by hand"
+    * Many results: write a script
   - Query the servers that host .onion sites and "ask" if they serve up your particular .onion site address. If you get a "yes," bingo.
 **Learn:**
   - Use a VM (or Tails) and get on the DarkNet
+    * If VM: take a snapshot when it's set up like you want it
+    * Then after use it, revert back (rollback) to your clean snapshot
   - Install ZeroNet, Tribler, I2P, et al
   - Experiment (by safely: use a machine and ID you only use for DarkNet)
+    * Google: "Find me DarkNet markets"
+    * Reddit: check out the subreddits...
+    * https://www.darkowl.com (comprehensive search engine for various DarkNets)
+    * Ahmia: https://ahmia.fi
+    * Shodan: https://www.shodan.io
+    * Tor2Web (converts .onion URLs to open Internet URLs)
+      * https://onion.to
+      * https://onion.link