Penetration Testing mailing list archives

Previous By Date Next
Previous By Thread Next

Re: TOR; is it exploitable?

From: "Brendan Dolan-Gavitt" <mooyix () gmail com>
Date: Tue, 2 Jan 2007 12:43:16 -0500
If what you're looking for is an exploit against the Tor server
service, I don't think there are any publicly available. There have
been flaws found in the service in the past:

http://www.securityfocus.com/bid/19795
http://www.securityfocus.com/bid/19785
http://www.securityfocus.com/bid/14659
http://www.securityfocus.com/bid/14024

And the most recent of those is against a version of Tor that is, I
believe, about a year old.

If you did get a hold of an exploit that worked against the current
version of Tor, you could potentially do a whole lot of damage--AFAIK
there's only one implementation of the Tor protocol, so all 400+
routers use the same software (though they run on a variety of OSes).
An attacker could compromise all of them and then trivially trace any
connection made through Tor. Bye bye anonymity...

The "Practical Onion Hacking" paper doesn't actually give
vulnerabilities in Tor, but rather points out that a common
misconfiguration on the browser side (allowing Javascript and Flash to
phone home without going through Tor) can let malicious web sites find
out your identity.

-Brendan

On 1/2/07, Sergi Rosello <sergi_75 () yahoo es> wrote:


well...

if (packetstormsecurity +(.nl || .org)){
    Practical_Onion_Hacking.pdf;
     };

--- Robin Wood <dninja () gmail com> escribió:

>
http://packetstormsecurity.nl/0610-advisories/Practical_Onion_Hacking.pdf
>
> :-)
>
> (nl, not org)
>
> On 12/31/06, Sergi Rosello <sergi_75 () yahoo es>
> wrote:
> >
> > ;-)
> >
> >
>
www.packetstormsecurity.org/0610-advisories/Practical_Onion_Hacking.pdf
> >
> >
> >
> > --- Mifa <mifa () stangercorp com> escribió:
> >
> > > I found an open TOR (the onion router) port.
> Does
> > > anyone know if it can be exploited?
> > >
> >
> >
> >
>
------------------------------------------------------------------------------------------------------------------------------------
> >     Nota Legal: Este correo electrónico puede
> contener información estrictamente confidencial y es
> de uso exclusivo del destinatario, quedando
> prohibida a cualquier otra persona su revelación,
> copia, distribución, o el ejercicio de cualquier
> acción relativa a su contenido. Si ha recibido este
> correo electrónico por error, por favor, conteste al
> remitente, y posteriormente proceda a borrarlo de su
> sistema. Gracias por su colaboración.
>
------------------------------------------------------------------------------------------------------------------------------------
> >
> > __________________________________________________
> > Correo Yahoo!
> > Espacio para todos tus mensajes, antivirus y
> antispam ¡gratis!
> > Regístrate ya - http://correo.yahoo.es
> >
>


------------------------------------------------------------------------------------------------------------------------------------
    Nota Legal: Este correo electrónico puede contener información estrictamente confidencial y es de uso exclusivo del 
destinatario, quedando prohibida a cualquier otra persona su revelación, copia, distribución, o el ejercicio de 
cualquier acción relativa a su contenido. Si ha recibido este correo electrónico por error, por favor, conteste al 
remitente, y posteriormente proceda a borrarlo de su sistema. Gracias por su colaboración.   
------------------------------------------------------------------------------------------------------------------------------------

__________________________________________________
Correo Yahoo!
Espacio para todos tus mensajes, antivirus y antispam ¡gratis!
Regístrate ya - http://correo.yahoo.es
Previous By Date Next
Previous By Thread Next

Current thread: