News Feed
  • DrugHub has agreed to fully refund all users who lost money in the SuperMarket exit scam.  
  • Retro Market has gone offline. Circumstances of the closure unknown.  
  • SuperMarket has closed following an exit scam by one of the admins.  
  • The admin of Incognito Market, Pharoah, has been arrested by the FBI several months after exit scamming.  
  • Silk RoadTorhoo mini logo
  • darknet markets list
  • Popular P2P exchange LocalMonero has announced it is closing.  

Finally I may have the explanation why I2P is so encouraged by some. : OpSec | Torhoo darknet markets

People if you like myself often thought why are some markets pushing people to use I2P this may be the reason and its not a good one. By default the I2P bundle which includes FireFox has HUGE vulnerability which was confirmed by https://torhoo.cc/go.php?u=TDNVdlVHRnlhWE09#. Use your I2P browser to navigate to a clearnet site I used www.Whoer.net and it displayed my real IP. If your browser does the same then I2P websites that you browse can call a request within there source code to lookup your real ip. You need to route all traffic through your I2P proxy to fix this, but for me setting up the I2P setup as instructed did not do this which allowed any site I visited on the I2P network open to get my realip... You should check this now and think back who encouraged I2P and wonder why
/u/dont_be_an_eep
4 points
2 years ago
/u/HackerRequiredForJob

So, this shows a fundamental misunderstanding of I2P and the I2P browser bundle.

First, the I2P browser bundle.
Where did you find this I2P browser bundle? Was it on github? The thing is, there is no official I2P browser. Any browser bundle you find is either developed by some passionate I2P user, or from the I2P developer "IDK". Either way, the fact that you could navigate to a clearnet website in the browser shows that the browser you are using is configured to use both clearnet and I2P proxies. Meaning, of course that website would display your real IP, as you are NOT using I2P to access that website. There are only 2 "outproxies" that let you access clearnet while first going through the I2P network, and if you were properly using one of those outproxies, the website would have displayed one of the two outproxies IP's. Think of it like an exit node on Tor, if you accessed that website through Tor, the IP that website would give you would be the exit nodes IP.

Second, I2P and your IP.
I2P is decentralized. That is a key misunderstanding here. Tor is centralized, which means that there is a select list of IPs that you can use while you are using Tor. There is a "central list". Decentralized means there is no "central list". Since every I2P user is also a router (think of that as like a Tor relay), there are as many IPs you can use as there are I2P users. If no one was connected to I2P, there would be no I2P. If only 2 people were connected to I2P, then those 2 people would be helping to route each others traffic. Since there are almost 5000 I2P users, then you could potentially use 5000 IPs while using I2P. This is very important to understand, because this means 2 important things: 1/You CANNOT hide your IP from other I2P routers, unless you hide your IP prior to entering the I2P network either with Tor or a VPN, or if you go into your routers settings and set your router to "hidden mode" (this means that you will only use other I2P users routers but don't allow other I2P users to use your router as a hop in their tunnel. This is considered "leeching", or only using the I2P network without contributing to the I2P network). And 2/When you access an I2P eepsite, the IP that the website can see CANNOT be your real IP. You cannot route your own traffic, your router must use other routers to form tunnels and connections. The IP that the I2P website will see is the LAST hop of your last tunnel. This is identical to Tor: If you use Tor to access a clearnet site, the exit node IP is the IP that they see. If you access an Onion site, the Onion site can only see the last relay in your circuit, the relay that shakes hands with the Onion sites circuit at the rendezvous point.

So, based only on the information provided by you in this post, the "huge vulnerability" is in the I2P browser itself, and it sounds like the vulnerability is that the I2P browser also allows clearnet traffic. Even the I2P devs recommend that for high risk security threat-models to configure a browser YOURSELF to your liking and needs instead of just trusting some preconfigured browser.
/u/HackerRequiredForJob 📢
1 points
2 years ago
granted there is no official I2P, and im not sure why everyone is arguing. If you goto whoer.net can you see your real IP? if you can so can every I2P site you browse can do the same.
/u/dont_be_an_eep
1 points
2 years ago
Did you even read my comment? lol.

I2P browser bundle and I2P are different. I2P is a network, they have no official browser. Whichever browser you are using is independent of the I2P network, and is accessing the CLEARNET and NOT I2P. If the I2P eepsite requests to see the IP connecting to them, it will give them the I2P router your router is using to form the tunnel. NOT YOUR IP. You cannot route your own traffic.
/u/HackerRequiredForJob 📢
1 points
2 years ago
yes I did, and maybe doesnt effect your setup, but of the 5 people I have spoken to IT DID and why do you think people shouldn't know this, please read my chat with Paris.


https://torhoo.cc/go.php?u=TDNVdlVHRnlhWE09# A
If you look on Dread's html source you will see that we don't request anything outside of the site. Dread's requests stay within the i2p network or tor network (depending on how you are accessing). Generally speaking if you are using i2p you would want to block outside connections within your browser. Just setup a proxy connection to direct all traffic on your browser over i2p. That way you won't have any leaks when visiting i2p sites.
Report
1 day ago
/u/HackerRequiredForJob
thanks, but that is a bad vuln people should know about.. but thankyou and understood.
1 day ago
/u/HackerRequiredForJob
Have now fixed but can you please confirm for me, could a i2p web site call an external request to get my ip if I had not forced all traffic through the i2p proxy... The reason I ask is this is very dangerous and people should be aware of this, should they not?
1 day ago
25th November, 2022
https://torhoo.cc/go.php?u=TDNVdlVHRnlhWE09# A
Yes that's completely possible. If you are not properly routing your requests over the anonymizing layer of course you are putting yourself at risk.
/u/dont_be_an_eep
2 points
2 years ago
" Yes that's completely possible. If you are not properly routing your requests over the anonymizing layer of course you are putting yourself at risk. "

That should be completely obvious if you are willing to commit felonies on the internet. An insecure set up is...insecure.

I am not trying to argue so I apologize if my tone is coming across as combative. This is definitely something that I2P users should be very aware of if they decide to use some experimental browser bundle. However i do take issue with your language in statements similar to "finally I know why I2P is encouraged" "some markets are pushing I2P even with this vulnerability" (not exact quotes). It very much leads people to believe that the I2P network itself has this major security vulnerability, and that LE controlled markets can exploit this vulnerability to learn your real IP. Both of which are just categorically false, I have explained. A much more constructive post would be to warn other users that the experimental browser is not hardened enough for high risk darknet operations. Using this alarmist language and blaming I2P for a browser bundle they aren't in control of, and drawing connections to the possibility that LE can somehow gain your IP if you use I2P properly is why this is being called FUD.
/u/newbieforever2018 P "You've got ★bail★"
2 points
2 years ago
I am using the firefox browser i2p bundle and it will not even let me view clearnet sites including www.Whoer.net. and instead generates a "Proxy error: Outproxy failure" if I attempt to do so. Just my experience. YMMV
/u/GOUPIL
1 points
2 years ago
i2p will never hide your IP. but it will hide everything you do on the internet!

That's why use a VPN is highly recommended with i2p.
/u/genz
1 points
2 years ago
I agree! I personally used it in Whonix so everything is routed through TOR.

(You seem to know a lot about this stuff, are you an expert, or interpol?) :)
/u/GOUPIL
1 points
2 years ago
the only move to win is not to play.

Because that's exactly what interpol could say!!!
/u/azrael13
1 points
2 years ago
I2P doesnt hide your ip its not tor but unlike tor its uses users devices as router to bounce traffic so the more people use I2P the more secure and decentralized it gets.
/u/HackerRequiredForJob 📢
3 points
2 years ago
yes but if you have a rouge market, or site that was actively pushing users to use I2P they can establish the users real IP, therefore a rouge site (im thinking of 1 in particular suspect and its not DREAD) could be matching vendors and users to there IP's. do you agree?
/u/Paranoia
1 points
2 years ago
First off this is FUD.

I2P was never designed to be used as an outproxy to browse the web like tor so that's why you see your ip when you visit sites like that. If you look at how I2P works everything is end to end encrypted between clients and hidden services with a number of hops between both for up and down stream. No hop knows its position in the chain so they don't know if they're first, middle, or last. I2P should be used with something like whonix to mask your ip as an added layer of security.

Read this post /post/41282f7396a961d7be13
/u/HackerRequiredForJob 📢
2 points
2 years ago*
How is it FUD?? its a fact that sites hosting I2P can easily request your IP , please explain how that is FUD? its either true or false, and its true... It may be FUD that they will do it , or have already done it. But I never said that they have, I said that they COULD, and they can.

Lets go back in time when LE took control of HANSA, (or is LE controlling markets FUD as well?) if HANSA was hosted on I2P they could have easily maintained most of the users IPS.
/u/dont_be_an_eep
1 points
2 years ago*
This is FUD because your "major security flaw" is actually integral to how I2P operates.

EDIT: To clarify, even if LE took control over a markets I2P endpoint, the IP that they record cannot possibly be the original requests IP (meaning YOUR IP), because you cannot route your own traffic. They would record the final I2P router that connected you to the eepsites IP. HOWEVER, this also means that your IP could be recorded when some other I2P user visits that market, if your I2P router is the final hop in the final tunnel that connects to the market. Which sounds scary at first, but remember, the IP that the market records cannot possibly be the original source IP. So if LE records your IP because some other I2P user is trying to connect to the market, then the absolute most LE can say is "well at least we know this IP we recorded cannot possibly be the IP of the user trying to access this market". This is why I2P is decentralized, because it gives you incredible plausible deniability. There is no difference between an I2P user just connected to I2P, an I2P router actively using I2P by visiting an eepsite, or if you are physically hosting the I2P website on your router in your house. In all three situations, it looks exactly the same to LE trying to monitor I2P.
/u/HackerRequiredForJob 📢
0 points
2 years ago
ok so you wouldnt have considered it a "major security flaw" if you were using HANSA and they obtained your IP?
/u/dont_be_an_eep
1 points
2 years ago
did you see the edit i made to this comment?
/u/HackerRequiredForJob 📢
1 points
2 years ago
Furthermore if you cant see that you have a service which the user assumes they are on the I2P network and therefore feel secure, BUT THAT SERVICE CAN CALL A REQUEST OUTSIDE THE I2P network on the same browser without the user being aware they have made a clearnet request and obtain information such as the IP and all of the accurate system info (see whoer.net) is not a "MAJOR SECURITY FALL" then we why do we even bother having a 'darknet' we may as well be on the clearnet.

/u/dont_be_an_eep
/u/dont_be_an_eep
1 points
2 years ago
If you downloaded firefox and configure it correctly, this would not be a problem at all. A properly configured browser would not allow any connections that do not use the I2P proxy. Whatever browser you are using clearly allows clearnet connections along side I2P connections. Which, as i said before, the I2P developers do not recommend using any experimental browser bundles or firefox plugins if your threat-model requires high security. The biggest issue here is user error. The browser bundle that some novice developer built is NOT secure enough for DNM activities. But that is not I2P's fault in any way. Your expectations and information level is the problem.
/u/4444
1 points
2 years ago
As far as i understand it is visible on the clearnet that one runs an I2P daemon, but from the inside of the i2p network the ip cannot be seen.
/u/HackerRequiredForJob 📢
1 points
2 years ago
like emails contain images to obtain your IP even though GMAIL hides your IP, so can the I2P source code call an request and it will display your real IP.
/u/4444
1 points
2 years ago
I do not understand. The whole trafic of my browser is guided through an i2p daemon. How can the browser leak the ip by loading an image from the clearnet?
/u/aswcdtrl
1 points
2 years ago
A clearnet site that can see your real IP just means that the traffic isn't being routed through I2P network. If viewing clearnet is your aim then tor is king.
  • Sponsors
VigorSwap Instant Crypto Exchange
FraudGPT

  • Explore Torhoo!

© Torhoo! 2025

All links are for educational and research purposes only. Torhoo! does not vouch for any site.

Advertise on Torhoo