moubik Posted January 29, 2008 Report Share Posted January 29, 2008 -------------------------------------------------------Greetz to kw3rln, nemessis, slick, flama, zbenghttp://rstcenter.com - Romanian Security Team-------------------------------------------------------Tor - un proxy pe care toata lumea ar trebui sa-l cunoascaCreaza chain proxy prin care poti sa navighezi pe net.Recomand folosirea lui cu firefox + torbutton addon.Poti sa aflii daca cineva iti navigheaza siteul cu tor ?Se poate.Tor blocheaza anumite requesturi. De exemplu daca ai tor activat si accesezi http://adrieu.org/Fpoll/poll.phpApare mesajulPrivoxy blocked [url]http://adrieu.org/Fpoll/poll.php[/url].See why or go there anyway.Unde textul "go there anyway" este linkat catre http://adrieu.org/PRIVOXY-FORCE/Fpoll/poll.phpPRIVOXY-FORCE - acest string ce este inclus in requestul GET forteaza proxy-ul sa se duca pe paginahttp://adrieu.org/Fpoll/poll.phpPractic stringul "PRIVOXY-FORCE" este sters din request.Nu se mai ofera nici un warning, pur si simplu se acceseaza.Ce s-ar intampla daca as crea acest director pe site-ul meu ?As putea asa sa aflu daca un user imi navigheaza site-ul prin Tor ?Am creat acest director, astfel:http://websecurity.ro/PRIVOXY-FORCE/Acum o sa adaug 2 fisiere cu exact acelasi nume in directoare diferite.Unul este in http://websecurity.ro/si celalalt inhttp://websecurity.ro/PRIVOXY-FORCE/Am creat pagina http://websecurity.ro/pocs/proxytest.html care contine:<iframe src="/PRIVOXY-FORCE/tortest.php" border="0" frameborder="0"></iframe>Fisierul http://websecurity.ro/PRIVOXY-FORCE/tortest.phpcontine:<div>[b]<font color="#ff0000">You are using Tor</font>[/b]</div>Iar http://websecurity.ro/tortest.php<div>[b]<font color="#00ff00">You are not using Tor</font>[/b]</div>Se intampla chestia asta:- daca nu ai tor activat vei accesa normalhttp://websecurity.ro/PRIVOXY-FORCE/tortest.php- daca ai tor activat in loc dehttp://websecurity.ro/PRIVOXY-FORCE/tortest.phpvei accesahttp://websecurity.ro/tortest.phpPentru ca el va interpreta "PRIVOXY-FORCE" ca pe o comanda si il va scoate din request-ul propriu-zisArticolul original si PoC:http://websecurity.ro/blog/2008/01/28/how-to-find-out-if-a-user-is-navigating-with-tor/ Quote Link to comment Share on other sites More sharing options...
VoRTeX Posted January 29, 2008 Report Share Posted January 29, 2008 Good post. Bun tutorialul Quote Link to comment Share on other sites More sharing options...
amprenta Posted January 29, 2008 Report Share Posted January 29, 2008 Please VoRTeX stop this post hunting , if you wanna` add something to what moubik said or if you spotted a mistake then leave a comment . Cut this shit with "good , beton ,super , marfa " ,... moubik knows he`s good and so do others. P.S. moubik i wanna ask you . for salvia which is better a glass bong or a wooden one ? Quote Link to comment Share on other sites More sharing options...
kw3rln Posted January 29, 2008 Report Share Posted January 29, 2008 frumos moubik. felicitari inca odata Quote Link to comment Share on other sites More sharing options...
CrazyNET Posted February 29, 2008 Report Share Posted February 29, 2008 Ms bun tutorial Quote Link to comment Share on other sites More sharing options...
