[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: Re: TorChat is a security hazard (Answer)
On Dec 12, 2010 7:20pm, Michael Blizek <michi1@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx> wrote:
> I meant that A will connect intentionally to B, e.g. A wants to talk to B. B
>
> can then send messages to C which seem to came from A. However, C will talk
>
> back directly to A and the manipulation will most likely be detected...
Yes. The innocent client C will then start talking with A and send its own address. A will then directly connect back to C and complete the handshake with C.
I'm not 100% sure without looking into the sourcecode now (2 years since i wrote it) what exactly will happen with the wrong pong message from C that should have come as the ping response from B. It should ignore it because pong sender does not match the initial ping recipient. But I'm 100% sure that it would *not* lead to a stable connection (status: online, nomal behavior) or even a completed handshake at all.
It might be suitable for some kind of DOS attack against a connection between A and C.
Bernd