![]() There is no other way except by bruteforce which also doesn't work in next generation onion services in which size of onion address is 54chars. HSDir are sitting at a position where they can index onion addresses from their public key. There are hidden services who don't want to reveal their onion addresses. Harvesting onion addresses has been addressed in Next Generation Tor Onion Services so you can no longer harvest onion addresses by hosting your own HSDir anymore. People have actually started making business models on this so TorProject has decided to end this. They wait for sometime and pretend to be as client to trawl onion services. They don't visit those onion addresses as soon as they harvest it. As mentioned in NorthSec: David Goulet - Deep Dive Into Tor Onion Services they are using some clever system to detect that which they keep it hidden because they don't want malicious HSDir to find a work around and start harvesting onion addresses without being detected. TorProject is actively monitoring such activities to block malicious HSDir. Harvesting onion addresses from HSDir violates Ethical Tor Research Guidelines so they will ban you once they find out. As they are responsible for holding descriptors, malicious HSDir can harvest onion addresses from their descriptors by deriving them from their public key. It is Hidden Service Directory which keeps descriptors for currently running onion services. Tor directory authorities don't keep onion addresses.
0 Comments
Leave a Reply. |