In April of 2016, a researcher launched a tool called OnionScan that probes darkweb sites for vulnerabilities and security threats. The tool, as we wrote, “lets you scan it automatically for common vulnerabilities and errors that can deanonymize the owner or users.” A new researcher has taken it upon himself to describe, to the public, how to deploy the tool using a Python script to help others scan sites in the same way.
The security researcher, Justin Seitz, tasked with helping others use OnionScan published the results of 8,000 site scans using this method. He told Motherboard that this “was to allow others to start more large-scale analyses that are usually too technically difficult for non-technologists to jump into to.” However, the creator of OnionScan is worried about this approach as she fears users of darknet sites could be quickly deanonymized if a large number of people were to use the tool.
OnionScan searches for information that could be sensitive in Tor hidden services, characterized by their .onion addresses. Metadata in uploaded images or exposed server status pages are two examples of what the tool hunts for. “When used against multiple targets, it can find shared encryption keys,