Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Adding v3 support to vanity address generation #5

Open
wants to merge 60 commits into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from 58 commits
Commits
Show all changes
60 commits
Select commit Hold shift + click to select a range
5326570
Added v3 adress support with mkp224o module (Just added the build mor…
ozeliurs Jul 6, 2021
23a1def
Update main.sh
ozeliurs Jul 6, 2021
b3a0b26
Update main.sh
ozeliurs Jul 6, 2021
695f235
adapt to the way mkp224o makes torv3 adresses.
ozeliurs Jul 6, 2021
e4acb62
forgot to ditch some things
ozeliurs Jul 6, 2021
0077ee7
Trying to fix tor not working
ozeliurs Jul 6, 2021
918048a
Added port forwarding to docker.
ozeliurs Jul 6, 2021
4725d71
Update main.sh
ozeliurs Jul 6, 2021
d988cab
Forgot the most important ... :(
ozeliurs Jul 6, 2021
870c8e9
Didn't know the had to have a fucking order ...
ozeliurs Jul 6, 2021
da739ae
Trying to change version to fix the only v2 tor problem
ozeliurs Jul 6, 2021
590adec
Change in perms for /web/
ozeliurs Jul 6, 2021
770907c
Fucking perms. No info on minimum requirements.
ozeliurs Jul 6, 2021
ecb1c8d
You get nothing
ozeliurs Jul 6, 2021
e0013c0
Update main.sh
ozeliurs Jul 6, 2021
9c5dc7d
sure ther is a better way for perms
ozeliurs Jul 6, 2021
05a4674
Update main.sh
ozeliurs Jul 6, 2021
a1166c0
Update main.sh
ozeliurs Jul 6, 2021
69048c0
Update main.sh
ozeliurs Jul 6, 2021
b6f850f
Update nginx.conf
ozeliurs Jul 6, 2021
839a2fe
Update nginx.conf
ozeliurs Jul 6, 2021
cb51e29
FUCK security I want this to work.
ozeliurs Jul 6, 2021
0619410
Update README.md
ozeliurs Jul 6, 2021
5622231
Update README.md
ozeliurs Jul 6, 2021
f20e284
Update README.md
ozeliurs Jul 6, 2021
beb4536
Update README.md
ozeliurs Jul 6, 2021
da3e392
Update README.md
ozeliurs Jul 6, 2021
0cff1fa
Update main.sh
ozeliurs Jul 6, 2021
544f3dd
Update Dockerfile
ozeliurs Jul 6, 2021
a02b33d
Update nginx.conf
ozeliurs Jul 6, 2021
f7cf022
Update main.sh
ozeliurs Jul 6, 2021
b7ac25b
Update Dockerfile
ozeliurs Jul 6, 2021
c6bcf44
Update nginx.conf
ozeliurs Jul 6, 2021
d3b8dd8
Update main.sh
ozeliurs Jul 6, 2021
c7cc2e7
Update main.sh
ozeliurs Jul 6, 2021
5a8c22e
Update Dockerfile
ozeliurs Jul 6, 2021
f642d7e
Removed output of command mkp224o
ozeliurs Jul 6, 2021
2ff7efd
Update main.sh
ozeliurs Jul 6, 2021
f7e5f74
Update README.md
ozeliurs Jul 6, 2021
7f38a3d
Update README.md
ozeliurs Jul 6, 2021
c34e20a
Update README.md
ozeliurs Jul 6, 2021
72eb2b8
Update README.md
ozeliurs Jul 6, 2021
7189a0b
Updating mkp224o
ozeliurs Jan 25, 2022
9dbb89c
add mkp224o as submodule
ozeliurs Sep 19, 2022
729e1ac
fix: Dockerfile to reduce vulnerabilities
snyk-bot Dec 7, 2022
a9b3c93
Merge pull request #1 from ozeliurs-MaximeBilly/snyk-fix-3b480b5c7403…
ozeliurs Dec 7, 2022
c5a95e9
ci: add sonarlint to remove possible vulns
ozeliurs Dec 14, 2022
2f1ecf9
fix: Dockerfile to reduce vulnerabilities
snyk-bot Dec 22, 2022
5adea2f
fix: Dockerfile to reduce vulnerabilities
snyk-bot Dec 28, 2022
02fe9a4
Merge pull request #3 from ozeliurs/snyk-fix-d756896aa83c58fb5c2de029…
ozeliurs Dec 28, 2022
64a94d4
Merge pull request #2 from ozeliurs/snyk-fix-10ce410a62a0b5a29bf451db…
ozeliurs Dec 28, 2022
a40a75e
pruned old v2 onion example
danielcharrua Jan 5, 2023
2dba596
add docker image ci
danielcharrua Jan 5, 2023
1526b95
Merge pull request #4 from danielcharrua/pi-armv8-support-ci
ozeliurs Jan 8, 2023
83b9cea
Delete build.yml
ozeliurs Jan 8, 2023
eae9d8d
Merge pull request #5 from ozeliurs/hotfix-remove-sonrqube-integration
ozeliurs Jan 8, 2023
af6f570
Update README.md
ozeliurs Jan 8, 2023
86aca8d
Merge pull request #6 from ozeliurs/hotfix-remove-sonarqube-badge
ozeliurs Jan 8, 2023
696e92b
Create sonarqube.yml
ozeliurs Nov 2, 2023
1d21f2b
Merge pull request #10 from ozeliurs/ozeliurs-patch-1
ozeliurs Nov 2, 2023
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
33 changes: 33 additions & 0 deletions .github/workflows/build-docker.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,33 @@
name: Build docker image CI

on:
push:
branches: master

jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3

- name: Set up QEMU
uses: docker/setup-qemu-action@v2

- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v2

- name: Login to Docker Hub
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}

- name: Build and push
uses: docker/build-push-action@v3
with:
context: .
push: true
platforms: linux/amd64,linux/arm64/v8
tags: ${{ secrets.DOCKERHUB_USERNAME }}/tor-hiddenservice-nginx:latest
3 changes: 3 additions & 0 deletions .gitmodules
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
[submodule "mkp224o"]
path = mkp224o
url = https://github.com/cathugger/mkp224o.git
39 changes: 11 additions & 28 deletions Dockerfile
Original file line number Diff line number Diff line change
@@ -1,26 +1,16 @@
FROM debian:jessie
FROM debian:bullseye

LABEL maintainer "[email protected]"
LABEL maintainer="[email protected]"

# Base packages
RUN apt-get update && \
apt-get -y install \
nginx \
tor torsocks ntpdate

# Compile shallot
ADD ./shallot /shallot
RUN apt-get -y install \
build-essential \
libssl-dev && \
cd /shallot && \
./configure && \
make && \
mv ./shallot /bin && \
cd / && \
rm -Rf /shallot && \
apt-get -y purge build-essential libssl-dev && \
rm -Rf /var/lib/apt/lists/*
apt-get -y install nginx tor torsocks ntpdate sudo \
gcc libsodium-dev make autoconf

ADD ./mkp224o /mkp224o
ADD ./main.sh /main.sh
ADD ./torrc /etc/tor/torrc
ADD ./nginx.conf /etc/nginx/nginx.conf

# Security and permissions
RUN useradd --system --uid 666 -M --shell /usr/sbin/nologin hidden
Expand All @@ -29,19 +19,12 @@ RUN useradd --system --uid 666 -M --shell /usr/sbin/nologin hidden
RUN ln --symbolic --force /dev/stdout /var/log/nginx/access.log
RUN ln --symbolic --force /dev/stderr /var/log/nginx/error.log

# Main script
ADD ./main.sh /main.sh

# Tor Config
ADD ./torrc /etc/tor/torrc

# Add nginx default configuration
ADD ./nginx.conf /etc/nginx/nginx.conf

# Configuration files and data output folder
VOLUME /web
WORKDIR /web

EXPOSE 9050

ENTRYPOINT ["/main.sh"]
CMD ["serve"]

85 changes: 16 additions & 69 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,44 +1,41 @@
# Easily create and run hidden services
[![Docker Pulls](https://img.shields.io/docker/pulls/strm/tor-hiddenservice-nginx.svg?style=plastic)](https://hub.docker.com/r/strm/tor-hiddenservice-nginx/)
[![Docker Pulls](https://img.shields.io/docker/pulls/ozeliurs/tor-hiddenservice-nginx.svg?style=plastic)](https://hub.docker.com/r/ozeliurs/tor-hiddenservice-nginx/)
![License](https://img.shields.io/badge/License-GPL-blue.svg?style=plastic)

This is a fork of opsxcq's project. This docker image now supports tor v3
adresses and shallot has been replaced by mkp224o (v3 compatible).
Feel free to open issues on this project if you see something wrong.

Easily run a hidden service inside the Tor network with this container


Generate the skeleton configuration for you hidden service, replace <pattern>
for your hidden service pattern name. Example, if you want to your hidden
service contain the word 'boss', just use this word as argument. You can use
regular expressions, like ```^boss```, will generate an address wich will start
with 'boss'. Be aware that bigger the pattern, more time it will take to
generate it.
service contain the word 'boss', just use this word as argument. Be aware that
bigger the pattern, more time it will take to generate it.

```sh
docker run -it --rm -v $(pwd)/web:/web \
strm/tor-hiddenservice-nginx generate <pattern>
docker run -it --rm -v $(pwd)/web:/web ozeliurs/tor-hiddenservice-nginx generate <pattern>
```


Create an container named 'hiddensite' to serve your generated hidden service

```sh
docker run -d --restart=always --name hiddensite -v $(pwd)/web:/web \
strm/tor-hiddenservice-nginx
docker run -d --restart=always --name hiddensite -v $(pwd)/web:/web ozeliurs/tor-hiddenservice-nginx
```

## Example

Let's create a hidden service with the name beginning with strm.

```sh
docker pull strm/tor-hiddenservice-nginx
docker pull ozeliurs/tor-hiddenservice-nginx
```

Wait to the container image be downloaded. And them we can generate our site
skeleton:

```sh
$docker run -it --rm -v $(pwd)/web:/web strm/tor-hiddenservice-nginx generate ^strm
$docker run -it --rm -v $(pwd)/web:/web ozeliurs/tor-hiddenservice-nginx generate strm
[+] Generating the address with mask: ^strm
[+] Found matching domain after 137072 tries: strmfyygjp5st54g.onion
[+] Generating nginx configuration for site strmfyygjp5st54g.onion
Expand All @@ -49,8 +46,7 @@ $docker run -it --rm -v $(pwd)/web:/web strm/tor-hiddenservice-nginx generate ^s
Now we have our skeleton generated, we can run the container with:

```sh
docker run -d --restart=always --name hiddensite \
-v $(pwd)/web:/web strm/tor-hiddenservice-nginx
docker run -d --restart=always --name hiddensite -v $(pwd)/web:/web ozeliurs/tor-hiddenservice-nginx
```

And you have the service running ! :)
Expand All @@ -67,69 +63,20 @@ And you have the service running ! :)

# FAQ

## Anti-Pattern

While is not a good thing to run everything in one container, this is a easy way
to get started if you don't have that much experience with docker and hidden
services. If you want to use something more elaborated, check this
[repository](https://github.com/opsxcq/docker-tor).

Here is an example of how a deploy using this other image looks like.

```yml
version: '3'

services:
tor:
image: strm/tor
restart: always
depends_on:
- backend
environment:
LISTEN_PORT: "80"
REDIRECT: "backend:80"
PRIVATE_KEY: |
-----BEGIN RSA PRIVATE KEY-----
MIICXQIBAAKBgQDSqBzjGxL+UFdrFJSdc+LJn3RrXiaZ7k6kgSw8KqOCSRgIr2qO
XZrCa3YHE+PqsfbDVF0GO0Xy3A9fsIxRFMUo3K++3BaVJslUbqK2TH9fJt5Ji1b6
N5UzXsEzf73atXwMF63hgVFZFLhfSWH8jGE1svwDXn0YQWP88PVX34SrWQIDASsd
AoGAUWdd+/m9TrTQyqK0IbzIr0fYQ5gDq4mv1GLEYjR4SWF8pSCxL1yOBsmQ02sj
BSS2Vw4dpFfloCrRw2ipM8ac4kdLGCoYefQHwW2Kfdf9raVfPDP7vcxrs37sOgOh
2rSXCOOrmcoMrEka2/OTGW15jaNUEEoWacS3YL1Fj0Bi6g0CQQD4ZmBiF6qu2XnT
8lMr1Asdz3K8fYiyfl6CzHItUubAbQ8ipv12q8CerJqk3dO98V+w8llAsQ7BT5wq
8AZOPQR3AkEA2RobnACDvb2Jw+dYSFsqrHyIDojKsrNiDEFedkiFijRFqme+nrif
kJ4yTnSiphC+rSSBbvYMawsqiWBA7UPSrwJBAKXSVQClxNUpJ2PZt91HZAtuipRt
t8suGIY4mot1iDRN0XdiNN8TNZ3qLag7wUU4or+Yn/3Xae1euHpyftTxmYsCQQCd
oJxsGotYx62ULxPqz0um7yEWOU6hUAy8MB3X3FcTCjGO0PPKpfJ2ntXo0Ajcp5ci
msi81/e9DTnF9mPjtsY9AkAUG6heBlETMFzyka9FHPgu9aN2kRwvJ3QZDHuPxYG4
VZwljLxstlx57+N74D0aj6wrJw+iBH2BI+b+ZpnLXyy7
-----END RSA PRIVATE KEY-----
```

To make it work you should also add a webserver with the name `backend`, and add
your content there. There are more moving pieces using a deploy like this, so
this is the justification for this repository, for people who never put anything
on the deep web being able to enjoy it without busting their asses debugging
some infrastructure.


## Build
## Build Docker image

```
docker build -t strm/tor-hiddenservice-nginx .
docker build -t ozeliurs/tor-hiddenservice-nginx .
```

## Run
## Run Docker container

```
docker run -d --restart=always --name hiddensite \
-v $(pwd)/web:/web strm/tor-hiddenservice-nginx
docker run -d --restart=always --name hiddensite -v $(pwd)/web:/web ozeliurs/tor-hiddenservice-nginx

```
## Shell

```
docker run -it --rm -v $(pwd)/web:/web \
--entrypoint /bin/bash strm/tor-hiddenservice-nginx

docker run -it --rm -v $(pwd)/web:/web --entrypoint /bin/bash ozeliurs/tor-hiddenservice-nginx
```
33 changes: 24 additions & 9 deletions main.sh
Original file line number Diff line number Diff line change
Expand Up @@ -12,13 +12,27 @@ then
echo '[-] You dont provided any mask, please inform an mask to generate your address'
exit -1
else
echo "[+] Building mkp224o"
cd /mkp224o
./autogen.sh
./configure
make
mv ./mkp224o /bin
cd /
rm -Rf /mkp224o
apt-get -y purge gcc libsodium-dev make autoconf
rm -Rf /var/lib/apt/lists/*

echo '[+] Generating the address with mask: '$2
shallot -f /tmp/key $2
echo '[+] '$(grep Found /tmp/key)
grep 'BEGIN RSA' -A 99 /tmp/key > /web/private_key
rm -rf /tmp/keys && mkdir /tmp/keys

mkp224o $2 -n 1 -d /tmp/keys &> /dev/null
echo '[+] Found '$(cat /tmp/keys/*.onion/hostname)
cp /tmp/keys/*.onion/*secret_key /web/
cp /tmp/keys/*.onion/hostname /web/
fi

address=$(grep Found /tmp/key | cut -d ':' -f 2 )
address=$(cat /tmp/keys/*.onion/hostname)

echo '[+] Generating nginx configuration for site '$address
echo 'server {' > /web/site.conf
Expand All @@ -30,26 +44,27 @@ then

echo '[+] Creating www folder'
mkdir /web/www
chmod 755 /web/
chmod 755 /web/www
chmod 700 /web/
chmod 700 /web/www
echo '[+] Generating index.html template'
echo '<html><head><title>Your very own hidden service is ready</title></head><body><h1>Well done !</h1></body></html>' > /web/www/index.html
chown hidden:hidden -R /web/www
chown hidden:hidden -R /web/
fi

if [ "$1" == "serve" ]
then
if [ ! -f /web/private_key ]
if [ ! -f /web/*secret_key ]
then
echo '[-] Please run this container with generate argument to initialize your web page'
exit -1
fi
echo '[+] Initializing local clock'
ntpdate -B -q 0.debian.pool.ntp.org
echo '[+] Starting tor'
tor -f /etc/tor/torrc &
sudo -u hidden tor -f /etc/tor/torrc &
echo '[+] Starting nginx'
nginx &

# Monitor logs
sleep infinity
fi
1 change: 1 addition & 0 deletions mkp224o
Submodule mkp224o added at d20222
41 changes: 0 additions & 41 deletions shallot/CHANGELOG

This file was deleted.

Loading