[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Snakes On A Tor Scanner - 0.0.3

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Snakes On A Tor Scanner - 0.0.3
From: Mike Perry <mikepery@xxxxxxxxxx>
Date: Sat, 14 Oct 2006 15:40:12 -0500
Delivered-to: archiver@seul.org
Delivered-to: or-talk-outgoing@seul.org
Delivered-to: or-talk@seul.org
Delivery-date: Sat, 14 Oct 2006 16:42:53 -0400
In-reply-to: <20061014042041.GF10171@fscked.org>
References: <20061014042041.GF10171@fscked.org>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Mutt/1.4.1i

Thus spake Mike Perry (mikepery@xxxxxxxxxx):

> Over the past month or so I've been testing and improving my Tor
> network scanner, and it seems to be shaping up pretty nicely.
> 
> http://fscked.org/proj/minihax/SnakesOnATor/SnakesOnATor-0.0.3.zip

Found another DNS poisoner/injector/evil upstream ISP. Exit node
Andrewgao poisoned the scanners access of
http://linuxmafia.com/faq/Debian/installers.html

to give me instead:

http://fscked.org/proj/minihax/SnakesOnATor/linux-mafia.Andrewgao.html

Seems to be a javascript popup to set a cookie and then close the
window. Seems to be slightly broken (the window is never closed for
me), but the scary thing is if it worked, the user's experience would
be that they had accessed the page un-hindered.



Also, as an FYI, I'm exporting my scanner's failure statistics to
http://fscked.org/proj/minihax/SnakesOnATor/fail_rates

Right now it's probably difficult to do anything with that. I will
try to enhance it to be broken down by failure type RSN, then it 
should be more clear which nodes are failing circuits/streams and 
why.

-- 
Mike Perry
Mad Computer Scientist
fscked.org evil labs

References:
- Snakes On A Tor Scanner - 0.0.3
  - From: Mike Perry

Prev by Author: Snakes On A Tor Scanner - 0.0.3
Next by Author: Re: Snakes On A Tor Scanner - 0.0.3
Previous by thread: Snakes On A Tor Scanner - 0.0.3
Next by thread: Re: Snakes On A Tor Scanner - 0.0.3
Index(es):
- Author
- Thread