Ha.ckers.org on: De-anonymizing Tor, or any HTTP Proxy

8 10 2007

Just a heads up for all you peeps seeking anonymity and or privacy on the net. I saw this article on Ha.ckers.org – De-anonymizing Tor and Detecting Proxies

This code (it takes a several seconds to load) uses a piece of JavaScript to instantiate a Java socket call back to the origin site. In doing so it bypasses the proxy settings of the browser, allowing you to de-anonymize people using proxies. It works great for Tor or just about any HTTP proxy that I can think of. Cool stuff.

Source – ha.ckers.org web application security lab

Daaaaaaamn!!  That’s some scary shit for those of us just trying to keep a bit of privacy on the net.  Some of us just want to look at some titties without the whole net following us around.  Some of us want to study some information perceived clandestine by our governments. (Note: Germany just made posting penetration testing tools illegal!! See Darknet)

There’s alot of information to cover here and some of it just plain confused me at first, so I summarized what I saw as potential  bullet points in the article.

Follow the jump to read the rest:

I read the whole article including the comments.  Check it:

Worried about cross browser possibilities? -

Giorgio Maone Says:
September 26th, 2007 at 5:02 pm

Nice and inspiring post.

I deferred my bedtime a bit to put up a cross-browser version: http://hackademix.net/2007/09/26/cross-browser-proxy-unmasking/

Rather than turning your JS+Java PoC into a Java Applet (too much easy), I used Flash.

Someone checked web based anonimizers -

Achraf Says: September 27th, 2007 at 4:21 am

it does seem to work with anonymizers
i tried this
http://anonymouse.org/cgi-bin/anon-www.cgi/http://ha.ckers.org/weird/tor.cgi

So that kinda sucks, but at least we know the fallibility of TOR and other proxies. The good news is that Janus VM seems to keep you hidden.

janusvm Says:
September 27th, 2007 at 9:53 am
This is why JanusVM and other transparent proxy approaches work so well. It is easier to anonymize applications and there is no side channel leakage when some plugin or browser helper calls out directly instead of using browser proxy settings.

With all that said, the aspects of de-anonymizing TOR and detecting proxies is a very complicated issue for admins and users alike.  I recommend that you read the COMPLETE original article HERE. There’s just too much information that you might want to review in the article AND the comments.

Anyhew, just FYI on all this.  Big ups to Ha.ckers.org on the hyper informative article.

Keep hacking. Keep learning.

As an aside: TMBBITW DOES NOT support the use of Tor or Jap for malicious or just plain evil (for lack of a better word) purposes.  I only advocate a certain amount of privacy for the average net user.  In other words, don’t be a dick or a sick fuck with these apps cause it poisons that app for the rest of us.  Good thing we have solid white hats out there always watching.  The net community can regulate itself, and it should.  Otherwise we wind up with governments that don’t know jack shit about life on the net, series of tubes anyone, forcing poorly informed, intrusive regulations down our throats.  Now go be nice.

« Einstien: On The US Government Storm Worm Update: I Hate To Say I Told You So… »


Actions

Information

2 responses

2 02 2008
24 10 2008
Hire2Hack (10:29:43) :

http://www.hire2hack.co.uk
http://www.jfreechat.co.uk
Looking at some tits these days the whole net knows about :/

Reply

Leave a comment