Onion-Hunter 2.0

Table of Contents

• About
• Requirements
• Usage
  • Mandatory Configurations
  • Optional Configurations
  • Use AWS EC2
  • Use AWS S3
• Examples
• Contact

About

This package is designed to help anyone hunt for Onion addresses subject to a set of keywords set by the user. The primary design characteristic is to enable the user to define attributes/keywords that they would like to hunt on. All customizable attributes are located within the src/config.py python file. This is the only object that should be edited by the user.

Requirements

• Python Version: Python 3+

• Packages: See Requirements.txt

• Tor: Must be able to route traffic via a Tor Proxy. You can use:

  • Whonix

  • Tails

  • See my AWS EC2 Setup below

Usage

The src/config.py has several configurable options that you can use.

Mandatory Configurations

• Install all requirements: pip install -r requirements.txt

• Create a Reddit API Token

• Add Reddit API objects to src/config.py

self.r_username = ""
self.r_password = ""
self.r_client_id = ""
self.r_client_secret = ""

• Add Keywords to Hunt on to src/config.py. These keywords will be compared against TOR site source to and saved the the SQLITE3 DB.

Optional Configurations

• Ability to use the Polipo Proxy (See AWS EC2 Setup).

# Network Setup
## True = I am using the polipo Proxy on a Linux Host
## False = I am using Tails or Whonix
self.use_proxy = False

• Upload the Database to S3

# AWS Credentials
self.aws_access_key = ""
self.aws_secret_key = ""

• Save all TOR HTML source as Base64 to the ONIONS table.

  • NOTE: This will bloat the DB significantly

# Database Setup:
## True - Will save the HTML source as B64 to ONIONS table (Will Bloat the DB!)
## False -Will not save the HTML source at all.
self.save_html_source_to_db = False

self.keywords = ["Example_keyword_1", "Example_keyword_2"]

Use AWS EC2

Details

It’s totally understandable if you don’t want TOR to be running in your LAN. As such, here are instructions on how to get running in AWS (Or any other cloud provider).

1. Create an Ubuntu 18.04 LTS host (I used AWS t2.small)

2. Install the TOR service per TOR’s Documentation

3. Install Polipo: apt-get install polipo

wget http://archive.ubuntu.com/ubuntu/pool/universe/p/polipo/polipo_1.1.1-8_amd64.deb
sudo dpkg -i polipo_1.1.1-8_amd64.deb

1. Edit Polipo’s config: /etc/polipo/config

allowedClients = 127.0.0.1, 192.168.1.0/24 # Expose your network (modify accordingly)
socksParentProxy = "localhost:9050"
socksProxyType = socks5
proxyAddress = "127.0.0.1"    # IPv4 only

5. Restart the Polipo service: systemctl restart polipo

6. Edit Onion-Hunter config to use the proxy

# Network Setup
# True = I am using the polipo Proxy on a Linux Host
# False = I am using Tails or Whonix
self.use_proxy = True

Use AWS S3

Details

Onion-Hunter now has an option to upload the onion.db to S3 after each scan interation. To use this feature you must edit the config src/config.py and add your AWS access and secret keys.

# AWS Credentials
self.aws_access_key = "access_key"
self.aws_secret_key = "secret_key"

Examples

python Hunt.py -h
usage: Hunt.py [-h] [-s | -f  | -p | -n] [--s3]

optional arguments:
  -h, --help    show this help message and exit
  -s, --scan    Scan All The Things
  -f, --file    Import Onions from txt file
  -p, --purge   Purge the whole database
  -n, --new     Create a fresh/new Database
  --s3          Upload onion.db to S3

Figure 1. Reddit Search

Figure 2. Purging the Database

Contact