[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: How are hackers breaking Tor and trojan users?
-----BEGIN PGP SIGNED MESSAGE-----
Robert Hogan @ 2008/06/11 18:48:
> On Wednesday 11 June 2008 06:17:38 Roger Dingledine wrote:
>> He may also be referring to attacks where a local application (like the
>> browser, but it doesn't have to be) can be tricked into connecting to
>> your local Tor control port, like Kyle's attack from last year:
>> This was a great attack, but I think the latest versions of Torbutton
>> and Vidalia make it a non-issue going forward. I would love to hear if
>> you think otherwise.
> On a default Tor installation from source, i.e. with no authentication mechanism
> enabled, it is still possible successfully to send commands to the controlport
> if the 'authenticate' command is not preceded by any garbage.
> If someone were to develop a browser-based exploit that managed to get
> the 'authenticate', with no preceding bytes, to the controlport then they're in.
> I believe this is extremely difficult to do, and if such an attack was the
> subject of arrakis' and kyle's paper they would have much bigger fish to fry
> than just Tor.
like this? http://www.janusvm.com/goldy/vuln/tor-controlport.html
(posted earlier in the thread by Kyle Williams)
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----