[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Crazy with Exit nodes

On 02.05.2007 12:00:33, Fabian Keil wrote:
> Benjamin Schieder <blindcoder@xxxxxxxxxxxxxxxxxxxx> wrote:
> 
> > On 02.05.2007 10:46:28, Fabian Keil wrote:
> > > "Mr. Blue" <trashdsfg@xxxxxxxxx> wrote:
> > > 
> > > > When I go to: 
> > > > http://www.whatismyipaddress.com.tamaribuchi.exit/
> > > > I get expected response AND IP.
> > > > But when I go to majority sites in form like:
> > > > http://www.domain.net.tamaribuchi.exit/
> > > > I get:
> > > > Index of /
> > > 
> > > Web servers that are responsible for more than one
> > > domain rely on the HTTP "Host" header to decide which
> > > content you're interested in.
> > > 
> > > If you use Tor's exit node notation in the URL,
> > > the browser will also append it to the Host header.
> > > 
> > > ...
> > > 
> > > The latter can be done automatically with Privoxy's
> > > hide-tor-exit-notation filter, you can also do it
> > > manually with Firefox extensions like "Tamper data".
> > 
> > The privoxy rule by itself won't work in most cases. At least my
> > installation of firefox does use this:
> > 
> > GET http://www.example.com.node.exit/path/to/somewhere HTTP/1.1
> > Host: www.example.com.node.exit
> > X-SomeHeaders: value
> > 
> > The Host: will be modified, but not the GET. This is still futile since
> > I encountered many a webserver ignoring the Host: header with the query
> > as above.
> 
> Please name at least one example of a web server that
> expects or relies on the host being part of the request line.

Full disclosure: this is my own webserver.

root@pallas:/etc/privoxy# tail user.action
# default policy to have a 'blank' image as opposed to the checkerboard
# pattern for ALL sites. '/' of course matches all URLs.
# patterns:
#
{ +set-image-blocker{blank} }
#/

## set vi:nowrap tw=72
{ +filter{hide-tor-exit-notation} }
/

root@pallas:/etc/privoxy# telnet localhost 8118
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
GET http://blog.crash-override.net.zwiebelsuppe.exit/ HTTP/1.1
Host: blog.crash-override.net.zwiebelsuppe.exit

HTTP/1.1 403 Forbidden
Date: Wed, 02 May 2007 10:19:33 GMT
Server: Apache
Content-Length: 343
Content-Type: text/html; charset=iso-8859-1
Connection: close

<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>403 Forbidden</title>
</head><body>
<h1>Forbidden</h1>
<p>You don't have permission to access /
on this server.</p>
<hr>
<address>Apache Server at <a href="mailto:webmaster@xxxxxxxxxxxxxxxxxx";>blog.crash-override.net.zwiebelsuppe.exit</a> Port 80</address>
</body></html>
Connection closed by foreign host.

Greetings,
	Benjamin
-- 
  ____  _        _    ____  _   _ _ _____ __  __ 
 / ___|| |      / \  / ___|| | | ( ) ____|  \/  |
 \___ \| |     / _ \ \___ \| |_| |/|  _| | |\/| |
  ___) | |___ / ___ \ ___) |  _  | | |___| |  | |
 |____/|_____/_/   \_\____/|_| |_| |_____|_|  |_|
 play online: telnet://slashem.crash-override.net
 view scores: http://slashem.crash-override.net
 watch deaths: irc://irc.freenode.net#slashem

Attachment: pgpmsl30jyroJ.pgp
Description: PGP signature