Ciikz
Governance Specialist
Divine
2
MONTHS
2 2 MONTHS OF SERVICE
LEVEL 1
100 XP
To hack onion sites, we will use the popular SQL injection scanner, sqlmap. To launch it for site scanning, simply execute the following command:
python sqlmap.py -u «.onion/qwertyqwerty.php» --data=«id=1» --tor --tor-port=9050 --tor-type=SOCKS5
However, with the scanner nmap, we'll have to do some extra work. So, first we need to:
Download and install a special version of nmap-nseportscan-socks4a.
Add a record "127.0.0.1 .onion" to the hosts file. This avoids name resolution errors for .onion.
Download and run Tor.
Run nmap with root privileges using the following parameters:
sudo ./nmap -sK --script connectscan, <script list> --proxy socks4a://127.0.0.1:9050 cx7b2vy6foxjlzsh.onion –F.
But what if none of the scanners worked? There are two options
Manually search for vulnerabilities.
Perform a DDoS attack.
I don't think it's worth describing how to manually search for vulnerabilities, as the process will not be any different from searching for vulnerabilities on a regular website. But with DDoS attacks, it will be much more interesting.
If you manage to perform a successful DDoS attack (and with the right tactics, it's possible), you can dump the database, demonize the site (as the FBI did), view the site's code, and, of course, make it unavailable. Taking down an onion site is easier than a regular one.
To do this, you will need 2 tools:
To get the maximum effect from the attack, you need to:
Direct the attack at the search form.
Direct the attack at the registration form (this is a vulnerable spot for many sites, especially Runion).
You can execute these two attacks with one tool, but we won't discuss it due to its simplicity. Now let's take a look at Tool 2, Torshammer.
This tool allows you to use a slow post attack to take down large sites with low power. Let's configure it for the attack:
In the file itself, use "find and replace" to change the three values of "9050" to "9150" and save.
Open CMD or Terminal and type without quotes: cd Desktop, and then: cd torshammer. Now open the TOR browser and wait for the new values to be assigned. To verify whether it worked, visit at least two different sites.
In CMD or Terminal, enter (again without quotes): ./torshammer.py -t example.com -r 300 -T.
python sqlmap.py -u «.onion/qwertyqwerty.php» --data=«id=1» --tor --tor-port=9050 --tor-type=SOCKS5
However, with the scanner nmap, we'll have to do some extra work. So, first we need to:
Download and install a special version of nmap-nseportscan-socks4a.
Add a record "127.0.0.1 .onion" to the hosts file. This avoids name resolution errors for .onion.
Download and run Tor.
Run nmap with root privileges using the following parameters:
sudo ./nmap -sK --script connectscan, <script list> --proxy socks4a://127.0.0.1:9050 cx7b2vy6foxjlzsh.onion –F.
But what if none of the scanners worked? There are two options
Manually search for vulnerabilities.
Perform a DDoS attack.
I don't think it's worth describing how to manually search for vulnerabilities, as the process will not be any different from searching for vulnerabilities on a regular website. But with DDoS attacks, it will be much more interesting.
If you manage to perform a successful DDoS attack (and with the right tactics, it's possible), you can dump the database, demonize the site (as the FBI did), view the site's code, and, of course, make it unavailable. Taking down an onion site is easier than a regular one.
To do this, you will need 2 tools:
You must upgrade your account or reply in the thread to view the hidden content.
You must upgrade your account or reply in the thread to view the hidden content.
Direct the attack at the search form.
Direct the attack at the registration form (this is a vulnerable spot for many sites, especially Runion).
You can execute these two attacks with one tool, but we won't discuss it due to its simplicity. Now let's take a look at Tool 2, Torshammer.
This tool allows you to use a slow post attack to take down large sites with low power. Let's configure it for the attack:
In the file itself, use "find and replace" to change the three values of "9050" to "9150" and save.
Open CMD or Terminal and type without quotes: cd Desktop, and then: cd torshammer. Now open the TOR browser and wait for the new values to be assigned. To verify whether it worked, visit at least two different sites.
In CMD or Terminal, enter (again without quotes): ./torshammer.py -t example.com -r 300 -T.