EurAsiayour console hacking resource
Select topic
  Create an account Home  ·  Your Account  ·  Online Shop  ·  Forums  ·  Downloads new  ·  Wiki  
Main Menu
· Home
· About Us
· Downloads
· FAQ
· Forums
· Info Pages
· Members List
· Online Shop
· PDA - AvantGo
· Private Messages
· Search Stories
· Statistics
· Stories Archive
· Submit Story
· Top 10
· Topics
· Upload
· WAP
· Web Links
· Wiki
· Your Account
· Switch to HTTPS!

Online Shop
Credit Card

Bitcoin

EurAsia Online Shop
enter

new products
· HAKKO SSPON 18G
· NS-Atmosphere
· PsNee modchip PSX
· R4i Gold 3DS RTS
· Mars Pro GM-816HD
· EurAsia File Collection 2017
· Matrix Infinity 2.0
· Modbo 5.0
· Screwdriver GC/SNES
· X360ACE V3
· E3 NOR Flasher
· Corona Postfix Adapter V2
· SuperCIC cart key
· SuperCIC SNES kit
· Gateway 3DS
· X360ACE V1
· 3k3y 3KR (SATA)
· Mtx Glitcher v1
· HAKKO WICK
· HAKKO PRESTO 980

complete price list

Tor Hidden Service
Tor Project
EurAsia Onion URL: wrqgfbrcgttkp6pi.onion

Who's Online
There are currently 1059 guest(s) and 8 member(s) online.

chaaren - chalabione - garyopa - gross7 - konkz - korigan - lpa - ptirta

Welcome honored guest. You can register for free by clicking here.

Site Protection
INFOSEC
BM

Hot Wikis
Xbox One Dev Mode
PS4 Exploit using Raspberry Pi
Switch Key List
PS4 firmware updates
3k3y nokeys ISO tutorial
3DS game fw updates
3k3y microSD recovery
PS3 SKU Models
PS3 Metldrpwn
Xk3y microSD recovery
Xbox360 motherboards
Xbox360 Reset Glitch Hack
PS3 Blu-ray Drive
Homemade Sputnik360
PS3 BD drive swap
PSP Crypto Keys
PS3_Crypto_Keys
PS3 Hypervisor RE
PS3 Dongle User Guide
PSGroove tutorial
Xecuter LT Fakir
PS3 YLOD Fix
NSMB Modchip Tutorial
PS3 Glitch Hack
Xbox360NoDvdRom
Ps3FactoryRestore
Free60JtagHack
Ps3HddDecrypt
WiiKey2EjectFix
SaveMiiFree
WiiHwDiagram
Ps3OsRels
PandoraNoHomebrewPsp
GcOsMultiGameWiiHowTo
Xbox360LinuxBurn
Xbox360EraserFix
Xbox360Kernel
Xbox360DisasmXtreme
Ps2HdlPatchTutorial
Ps2VersionTable
XboxErrorCodes
XboxVersionTable
GameCubeLaserTweak
ModchipSolderingGuide
PspUmdIsoHaxorLinux

RSS Feed
News & Downloads & Wiki

IRC
#eur
EFnet

Hosted By

Ad

Respected Sites
Home of the Hitmen
radare
gc-forever
pouet.net
English Amiga Board
GXArena OFW Repo
WiiBrew
WiiUBrew
3DBrew
SwitchBrew
Games and Consoles
Maxconsole.com
Console Wizard
GameCube Linux
Xbox Linux
Xbox-Scene.com
XboxHacker.Net
xbins.org
Doom9.net
bunnie's blog
debugmo.de
GX-Mod.com
ElOtroLado.net
uCON64
GBADEV.ORG
GBAtemp.net
PocketHeaven.com
PDRoms
GameSX.com
ASSEMbler
phrack.org
Woz.org

Support...

Bitcoin

Namecoin

radare

OpenCores
LibreCores
Electronic Frontier Foundation
Amnesty International

Nectarine Radio

Demovibes Radio

GNU
Linux
Mozilla

Total Page Views
We received
162825918
page views since June 2002


Moderated by: Robert

EurAsia : Index Site info Reach EurAsia through Tor Hidden Services
New Topic   Post Reply
Author Reach EurAsia through Tor Hidden Services
modrobert



donor

Registered: 2003-10-17
From: Bangkok
Messages: 6479
Status: Offline
 _#35090 posted 2017-01-22 @ 22:40 GMT   


I have installed Tor hidden services and adapted the website PHP code so any user can reach EurAsia via this Onion URL:

wrqgfbrcgttkp6pi.onion

Save the link somewhere safe as it also serves as a public key which is unique to identify EurAsia. You need either the Tor Browser or Tor (standalone) installed to access our onion URL linked above. You can download the needed tools and find more information at the official Tor Project website.

What the hidden service provide is decent anonymity through forward secrecy using relays over the Tor network and an additional layer providing a tunnel via TLS encryption point-to-point between the user and our web server. The last part is similar to HTTPS but doesn't rely on a broken system with compromised cert authorities where it is possible to spoof protected websites.

Note that in order to download properly over the Tor network when accessing our download section you need to click on the icon next to the file title, clicking the title text link will fail since it uses FTP.

I have tested most of the EurAsia website general functionality using the hidden service such as the download section, forums, wiki, online shop, and it seems to work OK.

Let me know if you find any problems.

[ This message was edited by modrobert on 2017-01-22 @ 22:41 GMT ]
  _____________________________ ____________     __________________ /\________
  \    __________________      \      _____/____/     _    \       /_        /
 /     /       |       l/     _/    ____)     _/      _     \     \/  cREAM /
/______________l_______/       \______________\_______|      \_   /________/
 -+--Mo!-------------- \________/ ------------------- l_______/_____\ -----+-

 Profile  pm  www    Quote
modrobert



donor

Registered: 2003-10-17
From: Bangkok
Messages: 6479
Status: Offline
 _#35102 posted 2017-01-24 @ 19:51 GMT   
Forgot to mention; you can get Orbot and Tor Browser from Google Play to access EurAsia via Tor on Android devices, and for iOS you can use the Onion Browser.

[ This message was edited by modrobert on 2018-11-28 @ 11:12 GMT ]
  _____________________________ ____________     __________________ /\________
  \    __________________      \      _____/____/     _    \       /_        /
 /     /       |       l/     _/    ____)     _/      _     \     \/  cREAM /
/______________l_______/       \______________\_______|      \_   /________/
 -+--Mo!-------------- \________/ ------------------- l_______/_____\ -----+-

 Profile  pm  www    Quote
hacktheplanet



lt

Registered: 2017-03-12
Messages: 82
Status: Offline
 _#35200 posted 2017-03-13 @ 01:32 GMT   
Been a long time customer of Robert's. Just went out of my way to make a new account, now that the site is accessibe via the deep web. Seeing as nobody else commented yet here, I just wanted to make it known that I'm very happy to see Eurasia set up a hidden services url. This not only gives customer's an extra layer of security, but also will help in the event the clear net site ever goes down for any reason, considering the grey market stuff available here . Keep up the asweome work Robert! I will continue to purchase from youj via the .onion link from now on using BTC. I really hope you keep the hidden service going. If other's are as enthusiastic about this as I am, speak up!

 Profile  pm    Quote
modrobert



donor

Registered: 2003-10-17
From: Bangkok
Messages: 6479
Status: Offline
 _#35204 posted 2017-03-13 @ 07:20 GMT   
Thanks for the positive feedback, it really hit the spot.
  _____________________________ ____________     __________________ /\________
  \    __________________      \      _____/____/     _    \       /_        /
 /     /       |       l/     _/    ____)     _/      _     \     \/  cREAM /
/______________l_______/       \______________\_______|      \_   /________/
 -+--Mo!-------------- \________/ ------------------- l_______/_____\ -----+-

 Profile  pm  www    Quote
hacktheplanet



lt

Registered: 2017-03-12
Messages: 82
Status: Offline
 _#35224 posted 2017-03-24 @ 01:33 GMT   
No problem, you deserve it for all ypur hard work. How many other scene websites have been around without domain hopping and/or changong for well over a decafe. Few and far between.also your product knowledge is inctedible, because you actually use the stuff yoursekf too instead of just selling it like some other shops, so if i ever have a technocal question about something, you always email me back with a vrry helpful and knowledgable response

 Profile  pm    Quote
modrobert



donor

Registered: 2003-10-17
From: Bangkok
Messages: 6479
Status: Offline
 _#35365 posted 2017-05-26 @ 09:39 GMT   
I just updated the login pages for the main site and online shop with a simple indicator.



Yes, you have an encrypted session and relatively anonymous access through the TOR network, congratulations! To get this you need to access EurAsia through the wrqgfbrcgttkp6pi.onion URL.




Your connection is standard HTTP and not encrypted, which is OK, but not great.

[ This message was edited by modrobert on 2018-03-11 @ 06:15 GMT ]
  _____________________________ ____________     __________________ /\________
  \    __________________      \      _____/____/     _    \       /_        /
 /     /       |       l/     _/    ____)     _/      _     \     \/  cREAM /
/______________l_______/       \______________\_______|      \_   /________/
 -+--Mo!-------------- \________/ ------------------- l_______/_____\ -----+-

 Profile  pm  www    Quote
hacktheplanet



lt

Registered: 2017-03-12
Messages: 82
Status: Offline
 _#35366 posted 2017-05-26 @ 12:08 GMT   
I actully just noticed that, pretty cool!

 Profile  pm    Quote
modrobert



donor

Registered: 2003-10-17
From: Bangkok
Messages: 6479
Status: Offline
 _#35482 posted 2017-06-26 @ 06:07 GMT   
When using Tor the standard download link/function now automatically selects HTTP (instead of failing over FTP).
  _____________________________ ____________     __________________ /\________
  \    __________________      \      _____/____/     _    \       /_        /
 /     /       |       l/     _/    ____)     _/      _     \     \/  cREAM /
/______________l_______/       \______________\_______|      \_   /________/
 -+--Mo!-------------- \________/ ------------------- l_______/_____\ -----+-

 Profile  pm  www    Quote
hacktheplanet



lt

Registered: 2017-03-12
Messages: 82
Status: Offline
 _#35483 posted 2017-06-26 @ 13:22 GMT   
Sweet thx for that robert! Haven't been able to dloaf anytging via tor...

 Profile  pm    Quote
modrobert



donor

Registered: 2003-10-17
From: Bangkok
Messages: 6479
Status: Offline
 _#35886 posted 2018-03-11 @ 07:21 GMT   
In case anyone using the hidden service through Tor local socks proxy (as opposed to the Tor browser) is worried that their browser still regards the page as "Not secure", that is because the browser only detects HTTPS (and evaluates the CA cert security wise).

When you are using a Tor socks proxy on your localhost (eg. 127.0.0.1:9050) and connecting to the EurAsia hidden service through wrqgfbrcgttkp6pi.onion you have an encrypted tunnel all the way from your client to the web server. The unsecure HTTP connection in this case is only between localhost and the Tor deamon running on the same host, this is true for the server side as well.

There are websites with Tor hidden service who accept HTTPS within the already encrypted Tor session, besides being unnecessary it compromises the privacy by relying on CA cert authorities, so I decided not to do that.


A bit off topic, but somewhat related...

Currently over half of the HTTPS websites out there with high traffic are using Cloudflare which effectively is a "man in the middle" (MITM) of the secure session. Also, there is no notification visible to the browser user that their HTTPS session goes through Cloudflare before reaching the target website (as seen in browser URL), it will still be regarded as "Secure connection" by the browser.

Why am I concerned about this? Because if Cloudflare is compromised (which it already has been, do a search for 'cloudbleed', or read this post), either by hacking or under gag order from US government, then your connection is not secure while the browser still happily reports it as "Secure connection".

More on cloudbleed...

Quote:
We're talking full https requests, client IP addresses, full responses, cookies, passwords, keys, data, everything.

...

In effects, Cloudbleed is similar to the 2014 Heartbleed bug in allowing unauthorized third parties to access data in the memory of programs running on web servers, including data shielded by TLS. The extent of Cloudbleed also could have impacted as many users as Heartbleed since it affected a security and content delivery service used by close to 2 million websites.



Source: https://en.wikipedia.org/wiki/Cloudbleed

[ This message was edited by modrobert on 2018-03-11 @ 07:44 GMT ]
  _____________________________ ____________     __________________ /\________
  \    __________________      \      _____/____/     _    \       /_        /
 /     /       |       l/     _/    ____)     _/      _     \     \/  cREAM /
/______________l_______/       \______________\_______|      \_   /________/
 -+--Mo!-------------- \________/ ------------------- l_______/_____\ -----+-

 Profile  pm  www    Quote
hacktheplanet



lt

Registered: 2017-03-12
Messages: 82
Status: Offline
 _#35897 posted 2018-03-16 @ 23:44 GMT   
yet another reason to use a VPN that accepts cryprocurrency b4 hitting ttor

 Profile  pm    Quote
modrobert



donor

Registered: 2003-10-17
From: Bangkok
Messages: 6479
Status: Offline
 _#36027 posted 2018-06-22 @ 15:23 GMT   


Against my better judgment, behold, HTTPS support!

https://www.eurasia.nu

Let me know if you find any errors.

The Online Shop is forced to HTTPS except for the main view, but the rest of the website can still be reached via HTTP. Thanks goes to letsencrypt.org for their free service.

[ This message was edited by modrobert on 2018-06-22 @ 17:28 GMT ]
  _____________________________ ____________     __________________ /\________
  \    __________________      \      _____/____/     _    \       /_        /
 /     /       |       l/     _/    ____)     _/      _     \     \/  cREAM /
/______________l_______/       \______________\_______|      \_   /________/
 -+--Mo!-------------- \________/ ------------------- l_______/_____\ -----+-

 Profile  pm  www    Quote
modrobert



donor

Registered: 2003-10-17
From: Bangkok
Messages: 6479
Status: Offline
 _#36032 posted 2018-07-05 @ 19:53 GMT   
Please note when accessing the EurAsia website via Tor hidden services (or "rendezvous points" as they call it now), then make sure you actually use Tor or the Tor browser from https://www.torproject.org/.

The fist part of the URL should be:
http://wrqgfbrcgttkp6pi.onion/

There are lots of proxies out there for Tor hidden service sites which usually show up during searches. These HTTP/HTTPS proxies end up with names like "wrqgfbrcgttkp6pi.onion.xxx/" in tbe browser where 'xxx' can be anything. Whatever you enter or do through a proxy like this can be seen/logged by the proxy server admin, effectively a "man in the middle" (MITM), they can grab login details or anything they want, so don't use it.

Unfortunately the login icon...



...will be shown when using a proxy like this, because the system can only detect that you are using Tor hidden service from server side. When using a proxy it will only be secure between the proxy server and the EurAsia server, the connection between you and the proxy server is compromised, in other words you are at the mercy of the proxy operator/admin.

[ This message was edited by modrobert on 2018-07-05 @ 20:03 GMT ]
  _____________________________ ____________     __________________ /\________
  \    __________________      \      _____/____/     _    \       /_        /
 /     /       |       l/     _/    ____)     _/      _     \     \/  cREAM /
/______________l_______/       \______________\_______|      \_   /________/
 -+--Mo!-------------- \________/ ------------------- l_______/_____\ -----+-

 Profile  pm  www    Quote
modrobert



donor

Registered: 2003-10-17
From: Bangkok
Messages: 6479
Status: Offline
 _#36250 posted 2018-11-28 @ 01:41 GMT   
If you are running the Tor daemon (at default socks port) and want to use the Chrome/Chromium browser, then use this command line.

Code:
chromium-browser --proxy-server=socks5://127.0.0.1:9050 --host-resolver-rules="MAP * ~NOTFOUND , EXCLUDE 127.0.0.1"



The "resolver" part routes DNS requests through the Tor proxy as well.

More info here:
https://www.chromium.org/developers/design-documents/network-stack/socks-proxy
  _____________________________ ____________     __________________ /\________
  \    __________________      \      _____/____/     _    \       /_        /
 /     /       |       l/     _/    ____)     _/      _     \     \/  cREAM /
/______________l_______/       \______________\_______|      \_   /________/
 -+--Mo!-------------- \________/ ------------------- l_______/_____\ -----+-

 Profile  pm  www    Quote
_
New Topic   Post Reply
Jump To
 

All trademarks and copyrights on this page are owned by their respective owners.
Comments and forum messages are owned by the Poster.