Hey everyone!
Here a few points from my initial 2 weeks at working on Exitmap improvements project.
1. Gone through the Exitmap code base and understood the working. Primarily identified the Tor Browser actions that can be replaced for better automation.
2. Currently there is a simple HTTP header that is being used for a simple GET request. As suggested in the proposal, using Selenium seems like the right choice. I have read about the RC and WebDriver and have decided to go forward with the latter as it allows for programmable actions as supported by the Firefox browser and also has Python support, allowing for better integration with the existing scanner. 2a. Studied the basics of the Selenium Webdriver and learnt simple browser automation techniques on Firefox - interaction with the webpage and other pool of actions. 2b. Ported basic actions to Tor Browser. Facing some issues with integration which I hope to rectify in a day or two and push.
Next two weeks will involve:
1. Integrating randomized actions on Tor Browser with Exitmap. Creating a pool of possible ways to interact with the web service to make it difficult for the malicious Exit node to suspect scanner activity.
2. Add test cases to added interactions and observe changes in scanner output from the initial simple usage of urllib2 actions and assert the changes.
I apologize for the delay in submitting my first report.
Cheers! Mridul (mtyamantau) ============================= PGP keyID: 0xb716e33ab6d0a653