Thanks for writing this, meejah! Awesome tool. I'm seeing some rather strange things in its "monitor" output though, indicating either bugs in it, or in tor, or that something is wrong with my system, or perhaps that Tor has some behavior I don't know about :/
For instance:
Circuit 398 () is LAUNCHED for purpose "GENERAL" Circuit 398 (tornodenl) is EXTENDED for purpose "GENERAL" Circuit 398 (tornodenl->Kaarli) is EXTENDED for purpose "GENERAL" Circuit 398 (tornodenl->Kaarli->CompSciR0x) is EXTENDED for purpose "GENERAL" Circuit 398 (tornodenl->Kaarli->CompSciR0x) is BUILT for purpose "GENERAL"
the above seems normal, but then some time later...
Circuit 398 (tornodenl->Kaarli->CompSciR0x->FlappyBird) is EXTENDED for purpose "GENERAL" Circuit 398 (tornodenl->Kaarli->CompSciR0x->FlappyBird) is BUILT for purpose "GENERAL" Stream 2509 to 217.23.4.123.$EABB28C6030D78A98B0D8E3BF583463F49C04C59.exit:9001 attached via circuit 398
I've seen this happen several times: four hop circuits, followed by streams to the last hop using the .exit notation (that IP and fingerprint are for the relay FlappyBird, according to Atlas). I don't have AllowDotExit enabled in my torrc, fwiw.
I'm also occassionally seeing single-hop circuits in the output of "circ -L", though I haven't noticed one being used yet.
Any ideas?
~leif
On Sun, Aug 03, 2014 at 09:32:18PM +0400, meejah wrote:
I've got a first super-alpha release of this thing that's been sitting around for a while. Turns out "sanitize a bit" turns into "refactor some things" and so forth...
Anyway, carml does various command-line things with Tor and I thought it might be useful to others (plays nicely with grep, pipes, etc).
I would really love feedback on whether the "downloadbundle" command is doing the right thing with certificate-checks.
https://github.com/meejah/carml https://carml.readthedocs.org/en/latest/
You can "pip install carml" to try it out. Recommend doing this in a virtualenv:
virtualenv trycarml ./trycarml/bin/pip install carml ./trycarml/bin/carml help
To check signatures first, instead download the WHL file and associated signature from PyPI, gpg --verify it and then replace "install carml" with "install path/to/.whl" above.
Some other things to try:
carml downloadbundle --extract --system-keyring echo "hello darkweb" | carml pastebin
wait for a new consensus to be published, dump it and exit:
carml events --once NEWCONSENSUS
Currently, the defaults work with a system Tor (i.e. localhost port 9051). Probably I'll change this to be TBB defaults. To connect to a Tor Browser Bundle instance, do this:
carml --connect tcp:localhost:9151 monitor
It is written using Twisted and txtorcon.
Thanks, meejah
tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev