The convenience of this tool is that it is made available in the form of a Docker image. To find out this information, we can use a tool, docker-onion-nmap, that Miles Richardson has been making available to the community for some years now. It can be interesting to understand which ports an onion site is exposed. In this specific case, the communication channel will be listened to on port 8080 and will connect us to the onion site of the Avos group through port 9050 (where the Tor service, by default, listens). We can then activate a communication channel, which will connect the Tor service with a socket to which we will connect to carry out our analysis activities. We can then install the tool: sudo apt install socat Sockets (UNIX, IP4, IP6 – raw, UDP, TCP).
Devices (serial line, pseudo-terminal…). There are many different types of channels that socat can connect, including: The socat utility is a relay for bidirectional data transfers between two independent data channels. To achieve this we can use a tool called socat. The answer lies in the use of any tools that are classically used to analyze websites outside the Tor network, redirecting their traffic within the channel managed by the previously installed Tor service. Now that we can access the Tor network, we might ask ourselves how we can deeply analyze a site with an onion extension, for example to verify the ports and services exposed by it or to identify the technologies used. When finished, you can run the Tor browser and access the Avos website url. If you are using a Linux Debian or derived distribution, you can use the following commands: sudo add-apt-repository ppa:micahflee/ppa To install the Tor browser you can go to and download for the package for your operating system. The site can be reached at the address and to access the site you need to use the Tor browser. Our point of reference will be the site of the Avos ransomware gang, which has just started its cyber criminal activity a few weeks ago. In this article we will see together how to perform an analysis of a site present on the Dark Web and more precisely of a site present within the Tor network. 2021 Massimo Giaimo Blue Team, SEC4U Analysis of a Dark Web site
0 kommentar(er)
