Penetration Testing mailing list archives
Re: TOR; is it exploitable?
From: "Brendan Dolan-Gavitt" <mooyix () gmail com>
Date: Tue, 2 Jan 2007 12:43:16 -0500
If what you're looking for is an exploit against the Tor server service, I don't think there are any publicly available. There have been flaws found in the service in the past: http://www.securityfocus.com/bid/19795 http://www.securityfocus.com/bid/19785 http://www.securityfocus.com/bid/14659 http://www.securityfocus.com/bid/14024 And the most recent of those is against a version of Tor that is, I believe, about a year old. If you did get a hold of an exploit that worked against the current version of Tor, you could potentially do a whole lot of damage--AFAIK there's only one implementation of the Tor protocol, so all 400+ routers use the same software (though they run on a variety of OSes). An attacker could compromise all of them and then trivially trace any connection made through Tor. Bye bye anonymity... The "Practical Onion Hacking" paper doesn't actually give vulnerabilities in Tor, but rather points out that a common misconfiguration on the browser side (allowing Javascript and Flash to phone home without going through Tor) can let malicious web sites find out your identity. -Brendan On 1/2/07, Sergi Rosello <sergi_75 () yahoo es> wrote:
well... if (packetstormsecurity +(.nl || .org)){ Practical_Onion_Hacking.pdf; }; --- Robin Wood <dninja () gmail com> escribió: > http://packetstormsecurity.nl/0610-advisories/Practical_Onion_Hacking.pdf > > :-) > > (nl, not org) > > On 12/31/06, Sergi Rosello <sergi_75 () yahoo es> > wrote: > > > > ;-) > > > > > www.packetstormsecurity.org/0610-advisories/Practical_Onion_Hacking.pdf > > > > > > > > --- Mifa <mifa () stangercorp com> escribió: > > > > > I found an open TOR (the onion router) port. > Does > > > anyone know if it can be exploited? > > > > > > > > > > ------------------------------------------------------------------------------------------------------------------------------------ > > Nota Legal: Este correo electrónico puede > contener información estrictamente confidencial y es > de uso exclusivo del destinatario, quedando > prohibida a cualquier otra persona su revelación, > copia, distribución, o el ejercicio de cualquier > acción relativa a su contenido. Si ha recibido este > correo electrónico por error, por favor, conteste al > remitente, y posteriormente proceda a borrarlo de su > sistema. Gracias por su colaboración. > ------------------------------------------------------------------------------------------------------------------------------------ > > > > __________________________________________________ > > Correo Yahoo! > > Espacio para todos tus mensajes, antivirus y > antispam ¡gratis! > > Regístrate ya - http://correo.yahoo.es > > > ------------------------------------------------------------------------------------------------------------------------------------ Nota Legal: Este correo electrónico puede contener información estrictamente confidencial y es de uso exclusivo del destinatario, quedando prohibida a cualquier otra persona su revelación, copia, distribución, o el ejercicio de cualquier acción relativa a su contenido. Si ha recibido este correo electrónico por error, por favor, conteste al remitente, y posteriormente proceda a borrarlo de su sistema. Gracias por su colaboración. ------------------------------------------------------------------------------------------------------------------------------------ __________________________________________________ Correo Yahoo! Espacio para todos tus mensajes, antivirus y antispam ¡gratis! Regístrate ya - http://correo.yahoo.es
Current thread:
- Re: TOR; is it exploitable? Justin Ferguson (Jan 01)
- <Possible follow-ups>
- RE: TOR; is it exploitable? Gadi Evron (Jan 01)
- Re: TOR; is it exploitable? DaKahuna (Jan 01)
- Re: TOR; is it exploitable? Robin Wood (Jan 01)
- Re: TOR; is it exploitable? Sergi Rosello (Jan 02)
- Re: TOR; is it exploitable? Brendan Dolan-Gavitt (Jan 02)
- Re: TOR; is it exploitable? Sergi Rosello (Jan 02)