[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

[or-cvs] r14741: Modified soat to scan for exit node port inconsistencies. Te (in torflow/branches/gsoc2008: . TorCtl)



Author: aleksei
Date: 2008-05-26 10:49:08 -0400 (Mon, 26 May 2008)
New Revision: 14741

Removed:
   torflow/branches/gsoc2008/getExitsToPort.py
Modified:
   torflow/branches/gsoc2008/TorCtl/TorUtil.py
   torflow/branches/gsoc2008/bw-informer.py
   torflow/branches/gsoc2008/metatroller.py
   torflow/branches/gsoc2008/nodemon.py
   torflow/branches/gsoc2008/soat.py
   torflow/branches/gsoc2008/statsplitter.py
Log:
Modified soat to scan for exit node port inconsistencies. Temporarily moved some config stuff to TorUtil.

Modified: torflow/branches/gsoc2008/TorCtl/TorUtil.py
===================================================================
--- torflow/branches/gsoc2008/TorCtl/TorUtil.py	2008-05-26 14:26:50 UTC (rev 14740)
+++ torflow/branches/gsoc2008/TorCtl/TorUtil.py	2008-05-26 14:49:08 UTC (rev 14741)
@@ -20,6 +20,12 @@
       "BufSock", "secret_to_key", "urandom_rng", "s2k_gen", "s2k_check", "plog", 
      "ListenSocket", "zprob"]
 
+meta_port = 9052
+meta_host = '127.0.0.1'
+
+control_port = 9051
+control_host = '127.0.0.1'
+
 class Enum:
   """ Defines an ordered dense name-to-number 1-1 mapping """
   def __init__(self, start, names):

Modified: torflow/branches/gsoc2008/bw-informer.py
===================================================================
--- torflow/branches/gsoc2008/bw-informer.py	2008-05-26 14:26:50 UTC (rev 14740)
+++ torflow/branches/gsoc2008/bw-informer.py	2008-05-26 14:49:08 UTC (rev 14741)
@@ -23,15 +23,13 @@
 import traceback
 
 from TorCtl import *
+from TorCtl.TorUtil import control_port, control_host
 from TorCtl.TorUtil import *
 
 # Set the version here
 VERSION = "0.0-alpha"
 
 # Move these to a config file:
-# Tor host and port
-control_host = "127.0.0.1"
-control_port = 9051
 # Listen host and port
 listen_host = "137.226.12.177"
 listen_port = 9053

Deleted: torflow/branches/gsoc2008/getExitsToPort.py
===================================================================
--- torflow/branches/gsoc2008/getExitsToPort.py	2008-05-26 14:26:50 UTC (rev 14740)
+++ torflow/branches/gsoc2008/getExitsToPort.py	2008-05-26 14:49:08 UTC (rev 14741)
@@ -1,47 +0,0 @@
-#!/usr/bin/python
-
-import sys
-import socket
-from TorCtl import PathSupport, TorCtl, TorUtil
-from TorCtl.TorUtil import *
-from TorCtl.PathSupport import *
-from TorCtl.TorCtl import Connection
-
-control_port = 9051
-
-def main(argv):
-    try:
-        port = int(argv[1])
-    except IndexError:
-        plog('INFO', 'No port number supplied as an argument. Using 80')
-        port = 80
-    except:
-        plog('ERROR', 'Port number must be an integer')
-        exit()
-
-    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
-    try:
-        s.connect(("127.0.0.1", control_port))
-    except:
-        plog('ERROR', 'Couldn\'t connect to the control port. Port ' + control_port + ' was used')
-        exit()
-
-    c = Connection(s)
-    c.debug(file("exits.log", "w"))
-    c.authenticate()
-
-    plog('INFO', 'Connection established')
-
-    routers = c.read_routers(c.get_network_status())
-    good_exits = []
-
-    exit_restriction = FlagsRestriction(["Exit"],[])
-    port_restriction = OrNodeRestriction(
-            [ExitPolicyRestriction('255.255.255.255', port)])
-    for router in routers:
-       if exit_restriction and port_restriction.r_is_ok(router):
-           good_exits.append(router)
-    plog('INFO', 'Total routers with given exit policy: ' + len(good_exits))
-
-if __name__ == "__main__":
-    main(sys.argv)

Modified: torflow/branches/gsoc2008/metatroller.py
===================================================================
--- torflow/branches/gsoc2008/metatroller.py	2008-05-26 14:26:50 UTC (rev 14740)
+++ torflow/branches/gsoc2008/metatroller.py	2008-05-26 14:49:08 UTC (rev 14741)
@@ -27,14 +27,9 @@
 from TorCtl import TorUtil, PathSupport, TorCtl
 from TorCtl.TorUtil import *
 from TorCtl.PathSupport import *
+from TorCtl.TorUtil import meta_port, meta_host, control_port, control_host
 
 mt_version = "0.1.0-dev"
-
-# TODO: Move these to config file
-control_host = "127.0.0.1"
-control_port = 9051
-meta_host = "127.0.0.1"
-meta_port = 9052
 max_detach = 3
 
 # Do NOT modify this object directly after it is handed to PathBuilder

Modified: torflow/branches/gsoc2008/nodemon.py
===================================================================
--- torflow/branches/gsoc2008/nodemon.py	2008-05-26 14:26:50 UTC (rev 14740)
+++ torflow/branches/gsoc2008/nodemon.py	2008-05-26 14:49:08 UTC (rev 14741)
@@ -10,6 +10,7 @@
 import socket
 import traceback
 import re
+from TorCtl.TorUtil import control_port, control_host
 from TorCtl.TorUtil import *
 import sched, time
 import thread
@@ -42,8 +43,6 @@
 name_to_key = {}
 
 # TODO: Move these to config file
-control_host = "127.0.0.1"
-control_port = 9051
 max_detach = 3
 
 def read_routers(c, nslist):

Modified: torflow/branches/gsoc2008/soat.py
===================================================================
--- torflow/branches/gsoc2008/soat.py	2008-05-26 14:26:50 UTC (rev 14740)
+++ torflow/branches/gsoc2008/soat.py	2008-05-26 14:49:08 UTC (rev 14741)
@@ -9,8 +9,12 @@
 import urllib
 import urllib2
 
-from TorCtl import TorUtil
+from TorCtl import TorUtil, TorCtl, PathSupport
+
+from TorCtl.TorUtil import meta_port, meta_host, control_port, control_host
 from TorCtl.TorUtil import *
+from TorCtl.PathSupport import *
+from TorCtl.TorCtl import Connection
 
 sys.path.append("./tools/BeautifulSoup/")
 from BeautifulSoup import BeautifulSoup
@@ -20,9 +24,6 @@
 
 # config stuff
 
-meta_port = 9052
-meta_host = '127.0.0.1'
-
 user_agent = 'Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.1) Gecko/20061010 Firefox/2.0' 
 
 wordlist_file = './wordlist.txt';
@@ -36,6 +37,21 @@
 doc_urls = ['http://www.torproject.org']
 doc_https = []
 
+# ports to test in the consistency test
+
+''' Check pop/pops, imap/imaps, telnet/ssh, smtp/smtps, http/https'''
+common_ports = [ExitPolicyRestriction('255.255.255.255', 110),
+    ExitPolicyRestriction('255.255.255.255', 143),
+    ExitPolicyRestriction('255.255.255.255', 23),
+    ExitPolicyRestriction('255.255.255.255', 25),
+    ExitPolicyRestriction('255.255.255.255', 80)]
+
+secure_ports = [ExitPolicyRestriction('255.255.255.255', 995),
+    ExitPolicyRestriction('255.255.255.255', 993),
+    ExitPolicyRestriction('255.255.255.255', 22),
+    ExitPolicyRestriction('255.255.255.255', 465),
+    ExitPolicyRestriction('255.255.255.255', 443)]
+
 # constants
 
 linebreak = '\r\n'
@@ -80,7 +96,7 @@
         
         # configure metatroller
         commands = [
-            'PATHLEN ',
+            'PATHLEN 2',
             'PERCENTFAST 88',
             'USEALLEXITS 1',
             'UNIFORM 0',
@@ -112,6 +128,35 @@
         plog('NOTICE','Current node: ' + self.__exit)
         return self.__exit
 
+    # finds nodes that allow connections over a common protocol
+    # while disallowing connections over its secure version
+    def check_all_exits_port_consistency(self):
+        s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+        try:
+            s.connect((control_host, control_port))
+        except:
+            plog('ERROR', 'Couldn\'t connect to the control port (' + `control_port` + ' was used)')
+            return 0
+        
+        c = Connection(s)
+        c.authenticate()
+
+        plog('INFO', 'Connection to control port established')
+
+        routers = c.read_routers(c.get_network_status())
+        bad_exits = []
+
+        for router in routers:
+            for i in range(0,len(common_ports)):
+                if common_ports[i].r_is_ok(router) and not secure_ports[i].r_is_ok(router):
+                    bad_exits.append(router)
+                    plog('INFO', 'Router ' + router.nickname + ' allows ' + `common_ports[i].to_port` + ' but not ' + `secure_ports[i].to_port`)
+                    break
+    
+        plog('INFO', 'Total exits: ' + `len(routers)`)
+        plog('INFO', 'Good exits: ' + `(len(routers) - len(bad_exits))`)
+        plog('INFO', 'Bad exits: ' + `len(bad_exits)` + ' (~' + `(len(bad_exits) * 100 / len(routers))` + '%)')
+
     def check_http(self, address):
         request = urllib2.Request(address)
         request.add_header('User-Agent', user_agent)
@@ -128,7 +173,7 @@
         content = f.read()
         content = content.decode('ascii', 'ignore')
 
-        socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5, "127.0.0.1:9060")
+        socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5, "127.0.0.1:9050")
         socks.socket = socks.socksocket
 
         try:
@@ -225,10 +270,12 @@
 
 def main(argv):
     scanner = ExitNodeScanner(meta_host, meta_port)
+    scanner.check_all_exits_port_consistency()
+
+    '''
     scanner.get_exit_node()
     scanner.check_http("http://www.ee.ee";)
 
-    '''
     global doc_urls
     doc_urls.extend(load_url_list())
     doc_urls = list(Set(doc_urls))

Modified: torflow/branches/gsoc2008/statsplitter.py
===================================================================
--- torflow/branches/gsoc2008/statsplitter.py	2008-05-26 14:26:50 UTC (rev 14740)
+++ torflow/branches/gsoc2008/statsplitter.py	2008-05-26 14:49:08 UTC (rev 14741)
@@ -4,13 +4,14 @@
 import math
 #from TorCtl import *
 from TorCtl import TorUtil, PathSupport, TorCtl
+from TorCtl.TorUtil import control_port, control_host
 from TorCtl.TorUtil import *
 from TorCtl.PathSupport import *
 
 TorUtil.loglevel = "NOTICE"
 
 s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
-s.connect(("127.0.0.1",9051))
+s.connect((control_host,control_port))
 c = Connection(s)
 c.debug(file("control.log", "w"))
 c.authenticate()