[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] Source code modifying for testing



Thanks Robert.
I know that there was several attacks with control of both exit and entry node. 
And I just want to test that attack and evaluate its effectiveness.
Regards.
2011/5/11 Robert Ransom <rransom.8774@xxxxxxxxx>
On Wed, 11 May 2011 10:11:07 +0200
NGUYEN Quoc Viet <quocviet.pfiev@xxxxxxxxx> wrote:

> I'm now researching an attack against Tor.
>
> *Resume of Attack*: We control exit node and entry node. Upon receiving a
> RELAY BEGIN cell,the exit node will forger  a malicious webpage to client.
> The webpage contains some empty gif files. The entry node will be able to
> detect a distinctive pattern of the connection to that malicious webpage,
> basing on number of relay cells backward and forward.

If you can control both the entry and exit nodes, you don't even need
to perform an active attack -- a purely passive timing attack will
identify the client.  That's why each Tor client selects a few relays
to use as ‘entry guards’ -- see
<https://www.torproject.org/docs/faq#EntryGuards> and
<http://freehaven.net/anonbib/#hs-attack06>.


> For implementation, it's needed to modify a piece of Tor source code at the
> exit node, to forger a malicious webpage to client. Notice that this is not
> modifying webpage response from the server, but forger attacker's webpage to
> the client. Could some one please give a hint about where I need to modify.

No.


Robert Ransom

_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk




--
Nguyen Quoc Viet

_______________________________________________
tor-talk mailing list
tor-talk@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk