Generating a Vanity Address for Version 3 Onions

Tor Hidden Services are accessed through a web address ending in .onion. Generally speaking these appear to be random strings of letters and numbers, though they're actually a representation of the public key generated when the operator created their hidden service.

Whilst it's possible to generate a V2 vanity .onion address with eschallot, V3 Onions use ed25519 requiring use of a different tool.

This documentation details how to generate a vanity .onion address for Version 3 Onions

 

 

Install Dependencies

First we start by installing a couple of dependencies

 

Debian

apt-get install gcc libsodium-dev make autoconf

 

CentOS

yum install libsodium-devel
yum groupinstall "Development Tools"

 

Install mkp224o

mp224o is the workhorse that'll be doing the backbreaking work of generating key combinations, so we need to grab and install it

git clone https://github.com/cathugger/mkp224o.git
cd mkp224o/
# Configure and compile
./autogen.sh 
./configure 
make

Once that's completed, we should be ready to try and generate our first URL

./mkp224o filter ben -t 4 -v -n 4 -d /tmp/
set workdir: /tmp/
sorting filters... done.
filters:
	ben
	filter
in total, 2 filters
using 4 threads
benyfkc7gc2pptco6hx7t3sk57q7ahzz6fjtur36ar3pm5euvbwx5pqd.onion
ben3jyzyjq7tfzswwfftgylgrphsjf5wpperztzusnes5e4mc7cfftqd.onion
ben4xyknoitu7qk5gt7t55l25cl35bk3dgxj7y5jdb5v3l2c46aglvad.onion
ben24n2tfjdw23zfysv5frttdbpqkteco4edqrnoay4elywz7wverbyd.onion
waiting for threads to finish... done.

The options passed are

  • filter ben: Look for the string ben - our vanity string
  • -t 4: use 4 threads
  • -v: Be verbose
  • -n 4: Generate 4 suggestions
  • -d /tmp/: Write generated keymatter out to directories under /tmp

The output directory (in the example above /tmp) will have a directory created within it for each of the found suggestions. Copy this to your tor server and put into /var/lib/tor (or wherever you've configured Tor to run) and rename the directory to be that of your hidden service (as defined in torrc - in the tutorial I posted previously, this was /var/lib/tor/myonion/), then fix permissions

mv benyfkc7gc2pptco6hx7t3sk57q7ahzz6fjtur36ar3pm5euvbwx5pqd.onion /var/lib/tor/bens_new_hs
chown -R tor: /var/lib/tor/bens_new_hs
chmod -R u+rwX,og-rwx /var/lib/tor/bens_new_hs

If you've not already added the service to torrc then add it

vi /etc/tor/torrc
HiddenServiceDir /var/lib/tor/bens_new_hs
HiddenServiceVersion 3
HiddenServicePort 80 127.0.0.1:80

Then, either way, restart or reload tor

systemctl reload tor

Once TOR restarts, your new service should come up

Things to note

  • It gets progressively harder to bruteforce the keys, the more characters you specify (god only knows what resources Facebook's facebookcorewwwi.onion took to generate!)
  • If you've any config that relies on a specific hostname (such as an NGinx server block, remember to change it if you change the URL!)
  • It might take multiple attempts to find a vanity URL that you actually like

 

 
 Share