[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-dev] Development of an HTTP PT

To: tor-dev@xxxxxxxxxxxxxxxxxxxx
Subject: Re: [tor-dev] Development of an HTTP PT
From: Kevin P Dyer <kpdyer@xxxxxxxxx>
Date: Mon, 25 Nov 2013 11:29:05 -0800
Delivered-to: archiver@xxxxxxxx
Delivery-date: Mon, 25 Nov 2013 14:29:36 -0500
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :content-type; bh=vE97BMTe+L5ot6HdJG29Knw8pKnqrfc3eJ5uSd0gowc=; b=JkXgz8+yE9z0BC5Z5fatTRNc065XH4oXOvUtaIHYM9wpdyhsEmkhD2cKcmHrRsQFBQ XuSlmupzlzZHj+GFY3UscgDo/y1NUnx69A48HZbhJ6mAaYtrkyKINy8dp7bPaCZmw+49 MOEO1OgR+FpUGeE2jQLkcm/5ViB4zNszOxtNWRKlmIKUKWPaaLXh9/YPssEqkbbec3RN Hyo8qSBEmtyp6FrOqHd68IfD859P2izlW4el9Tx8hwiyxqkQtRLlAn9SiLnV0KSlxLHf bCNoPbVcdHiSYFHGiBdgRLkiTmrH4p53jYoLO9lGvaivxBCQbIiePne3G5zlF1vM0NaG kowg==
In-reply-to: <5288D134.1060604@xxxxxxxxxx>
List-archive: <http://lists.torproject.org/pipermail/tor-dev/>
List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>
List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>
List-post: <mailto:tor-dev@lists.torproject.org>
List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>
List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>
References: <526AB868.6060308@xxxxxxxxxx> <87r4b2fzvf.fsf@xxxxxxxxxx> <5288D134.1060604@xxxxxxxxxx>
Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx
Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>

Hi dardok,

Thanks for thinking about HTTP pluggable transports. It turns out to
be a deceptively hard problem!

Do you have any initial high-level goals? Or are you just trying to
figure out *some* way to bootstrap an existing HTTP client/server
architecture to tunnel arbitrary data streams?

-Kevin

On Sun, Nov 17, 2013 at 6:22 AM, dardok <dardok@xxxxxxxxxx> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> George Kadianakis:
>> dardok <dardok@xxxxxxxxxx> writes:
>>
>>> Hi, I am quite new in here but I am interested to help and
>>> improve the TOR system. I am interested in PTs and particularly
>>> in developing a HTTP PT.
>>>
>>> I've read some papers [0],[1],[2],[3] and the ticket #8676 and I
>>> consider that it would be a good idea to make an effort and try
>>> to implement the HTTP PT as is stated in the ticket, that is
>>> using real browser and server services.
>>>
>>> After talking with asn, we conclude that a good point to start
>>> this development may be to focus on the HTTP transport part, that
>>> is to know how to control the browser or the server and how to
>>> embed the TOR traffic into the HTTP protocol (requests and
>>> responses). Things such as the data obfuscation, the delays in
>>> the communications and the packet chopping won't be considered,
>>> because it may be used another PT such Scramblesuit to do that
>>> task.
>>>
>>> The CLIENT side:
>>>
>>> TBB <-> Scramblesuit PT <-> HTTP PT <-> CENSOR NET
>>>
>>> and the SERVER side:
>>>
>>> CENSOR NET <-> HTTP PT <-> Scramblesuit PT <-> TOR bridge
>>>
>>> The important is to know how to embed the TOR traffic already
>>> obfuscated into the requests and responses to avoid suspicion.
>>> Also as I said before, to know how to control a browser binary to
>>> make the HTTP traffic from the client side as much traditional as
>>> possible, for instance using a firefox binary or something like
>>> that. The same must be applied to the server side, implementing a
>>> real NGINX server or an Apache server on port 80 and writting
>>> some CGI to classify the traffic incoming from the TOR clients
>>> through the HTTP requests. The same server may have another CGI
>>> to write and send the HTTP responses to those TOR clients with
>>> the traffic into them.
>>>
>>> I would like to find someone interested to work on this topic.
>>>
>>
>> Hey there,
>>
>> we discussed this project on IRC and looking at your post it seems
>> that you understood things :)
>>
>> Like I told you, I'm interested in this topic, but my free time is
>> miniscule these days. Still, I'd like to help you out. Do you know
>> what you need help with?
>>
>> If you want, we can organize a meetup in IRC to discuss and plan
>> future work on this.
>>
>> It would be great if you prepared a bit of research on the basic
>> components of this project [0] so that we can discuss the various
>> options during the meeting. I'll send you an email to find the
>> right date and time for the meeting :)
>>
>> Cheers!
>>
>> [0]: ways to control a browser from within a PT (selenium?), HTTP
>> covert channels, designs of how a server-side CGI script would
>> work, etc. _______________________________________________ tor-dev
>> mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx
>> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
>>
>
> Hi,
>
> I've been reading about Selenium web-browser driver thing and I
> consider that is not very handy to do what an HTTP PT client side
> needs, that is to forge HTTP requests and embbed the TOR traffic into
> these HTTP requests.
>
> It is more oriented to emulated a web user interaction with a real
> browser (such as firefox, chrome, opera, ie, ...) and the interaction
> and testing of web apps from these browsers.
>
> Also I cannot see how to handle the responses from the server-side
> using this thing. Few functions seem to be interesting regarding HTTP
> protocol handling and manipulation, as I said before most of the
> functions present are related with the user interaction.
>
> The Python version can be installed easily: pip install selenium
>
> The already implemented functions can be read on this file:
> /usr/share/pyshared/selenium/selenium.py
>
> I didn't find any useful function to allow a HTTP PT (client side)
> embed the TOR traffic into HTTP requests (maybe some cookie function
> related) and extract the information sent by the HTTP PT server side
> (maybe some get_body_text() or get_text() funtion).
>
> So I am ready to consider that this option is not be useful to
> implement a HTTP PT client side. Anyway, I would like to discuss this
> point with someone interested in this topic.
>
> Thanks!
> -----BEGIN PGP SIGNATURE-----
>
> iQEcBAEBCgAGBQJSiNE0AAoJEFz9RJtDk2+MecQH/31EBnd7IVgoEOQGK60bmdY9
> JV6sRpd0JNgnV1au17GPOy+jcRUIHvL9dLWW1VJzf1wLk23wx2wb5xALBzpvwPiC
> TC32YWZBqqtalY8u2f3j7+ScjZdps69dIP3idp7P113nEogBV05pPxw2RKf2IaCM
> IUN9jvAsM7ITk3t+Oeg34BcW8CYJuTTyO87z7VfDiO8ZbyABC7fgpBOs5O0jWtps
> jXyY3HeExldmVBacPNqY5HAlJ5XHC9dQn14MtjCcoTxVY6lzn51RFZUDPjJxc5D9
> L5tGrB6dLcT/SUSU2jtHvrEN8tIQg5sGJHngfPurwO9gMhtbuKFLbKfwUB7Op+w=
> =vIHR
> -----END PGP SIGNATURE-----
> _______________________________________________
> tor-dev mailing list
> tor-dev@xxxxxxxxxxxxxxxxxxxx
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

Follow-Ups:
- Re: [tor-dev] Development of an HTTP PT
  - From: vmon

References:
- Re: [tor-dev] Development of an HTTP PT
  - From: dardok

Prev by Author: Re: [tor-dev] Transport composition
Next by Author: [tor-dev] FTE v0.2 Release Candidate
Previous by thread: Re: [tor-dev] Development of an HTTP PT
Next by thread: Re: [tor-dev] Development of an HTTP PT
Index(es):
- Author
- Thread