When you want to launch your business in deep web there are a lot of things to worry about like hosting, privacy, anonymity and getting an onion URL. The first step to launching a startup is creating a website. So in this article, we teach you how to easily achieve that first step in 3 minutes.
OnionShare is a tool that emerged in 2014 and, according to experts in ethical hacking, in principle only fulfilled the function of sending files anonymously and securely. This tool compresses the files, starts a local server on the user’s machine that includes a link to the compressed file, converts the website into a Tor onion service, and displays the webserver URL. The user sends this .onion URL, loading it into the Tor browser to finally download the compressed file. When the file is downloaded, OnionShare closes this service.
Since its launch, OnionShare has grown and evolved. Now you can not only share files privately, but it always works the same way, hosting an anonymous website locally. Recently, a team of experts has tried to host real websites using OnionShare, making some interesting findings.
According to ethical hacking experts, OnionShare has implemented the new “Publish Website” feature. Simply put, OnionShare will launch a server to host a static website and provide a .onion URL. The site created in this way will only be accessible through the Tor network; in addition, visitors will not have access to data such as location, identity or IP address, so the website will not be subject to censorship.
When you share something that is not public, OnionShare uses basic HTTP authentication. In this way, the URLs shared in this way appear in a format similar to: http://onionshare: [password]@[address].onion. When the URL is loaded in the Tor browser, the user will be asked if they want to sign in first, as shown below:
When you click OK, the URL in the address bar does not contain the OnionShare part: [password], which makes it look like a conventional website.
In addition, in the website settings menu, it is possible to enable “Public Mode” so that any user has access to the website without the URL displaying the username and password.
On the other hand, if the user wants to use the OnionShare service to publish a website that will remain online for a long time, they should remember that the computer is acting as a web server, so if the computer is turned off or goes inactive, the website will be closed, mention the specialists in ethical hacking.
To prevent this from happening, it is preferable to use a computer dedicated specifically to this work. Another way to keep this service active is to go to the OnionShare settings and choose the “Use Persistent Address” option. In case the computer shuts down or suspends, the next time you use the service the URL will remain the same. Otherwise, each URL generated by OnionShare will be temporary and non-reusable.
One of the new features of OnionShare is the ability to collect all requests that visitors make on one of these websites. For example, below is a website hosted on OnionShare scanned with the Nikto web vulnerability analysis tool.
Finally, the International Institute of Cyber Security (IICS) ethical hacking specialists mentioned that you can browse through the lists of folders shared by OnionShare so that anyone can see exactly what files will be downloaded before the process begins.
In addition, by visiting OnionShare settings and disabling the “Stop Sharing after File Send” feature, people will also be able to download shared files individually instead of downloading them all on one occasion.