Jump to content
moubik

Cum sa identifici userii ce folosesc Tor

By moubik, in Tutoriale in romana

Recommended Posts

moubik Newbie

moubik

Posted
Posted

-------------------------------------------------------

Greetz to kw3rln, nemessis, slick, flama, zbeng

http://rstcenter.com - Romanian Security Team

-------------------------------------------------------

Tor - un proxy pe care toata lumea ar trebui sa-l cunoasca

Creaza chain proxy prin care poti sa navighezi pe net.

Recomand folosirea lui cu firefox + torbutton addon.

Poti sa aflii daca cineva iti navigheaza siteul cu tor ?

anonymous.JPG

Se poate.

Tor blocheaza anumite requesturi. De exemplu daca ai tor activat si accesezi http://adrieu.org/Fpoll/poll.php

Apare mesajul

Privoxy blocked [url]http://adrieu.org/Fpoll/poll.php[/url].
See why or go there anyway.

Unde textul "go there anyway" este linkat catre

http://adrieu.org/PRIVOXY-FORCE/Fpoll/poll.php

PRIVOXY-FORCE - acest string ce este inclus in requestul GET forteaza proxy-ul sa se duca pe pagina

http://adrieu.org/Fpoll/poll.php

Practic stringul "PRIVOXY-FORCE" este sters din request.

Nu se mai ofera nici un warning, pur si simplu se acceseaza.

Ce s-ar intampla daca as crea acest director pe site-ul meu ?

As putea asa sa aflu daca un user imi navigheaza site-ul prin Tor ?

Am creat acest director, astfel:

http://websecurity.ro/PRIVOXY-FORCE/

Acum o sa adaug 2 fisiere cu exact acelasi nume in directoare diferite.

Unul este in

http://websecurity.ro/

si celalalt in

http://websecurity.ro/PRIVOXY-FORCE/

Am creat pagina http://websecurity.ro/pocs/proxytest.html care contine:

<iframe src="/PRIVOXY-FORCE/tortest.php" border="0" frameborder="0"></iframe>

Fisierul

http://websecurity.ro/PRIVOXY-FORCE/tortest.php

contine:


<div>[b]<font color="#ff0000">You are using Tor</font>[/b]</div>

Iar

http://websecurity.ro/tortest.php

<div>[b]<font color="#00ff00">You are not using Tor</font>[/b]</div>

Se intampla chestia asta:

- daca nu ai tor activat vei accesa normal

http://websecurity.ro/PRIVOXY-FORCE/tortest.php

- daca ai tor activat in loc de

http://websecurity.ro/PRIVOXY-FORCE/tortest.php

vei accesa

http://websecurity.ro/tortest.php

Pentru ca el va interpreta "PRIVOXY-FORCE" ca pe o comanda si il va scoate din request-ul propriu-zis

Articolul original si PoC:

http://websecurity.ro/blog/2008/01/28/how-to-find-out-if-a-user-is-navigating-with-tor/

amprenta Newbie

amprenta

Posted
Posted

Please VoRTeX stop this post hunting , if you wanna` add something to what moubik said or if you spotted a mistake then leave a comment . Cut this shit with "good , beton ,super , marfa " ,... moubik knows he`s good and so do others.

P.S. moubik i wanna ask you . for salvia which is better a glass bong or a wooden one ?

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...