[tor-bugs] #17303 [DirAuth]: Bad exits inject port 8123 into HTTP redirects
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Nov 10 23:41:45 UTC 2015
#17303: Bad exits inject port 8123 into HTTP redirects
----------------------+----------------------------------
Reporter: ikurua22 | Owner:
Type: defect | Status: new
Priority: High | Milestone: Tor: unspecified
Component: DirAuth | Version: Tor: unspecified
Severity: Critical | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Sponsor: |
----------------------+----------------------------------
Comment (by teor):
Replying to [comment:8 dcf]:
> Here is what I have been able to find about these exits.
>
> They seem to only affect plain HTTP redirects. For example, the URL
> http://arstechnica.com/?p=716619
> should redirect to the URL
> http://arstechnica.com/tech-policy/2015/07/crypto-activists-announce-
vision-for-tor-exit-relay-in-every-library/
> but some exits instead rewrite the URL to be
> http://arstechnica.com:8123/tech-policy/2015/07/crypto-activists-
announce-vision-for-tor-exit-relay-in-every-library/
>
It looks like this is a misconfigured polipo or other caching proxy in
front of the exit.
I can't imagine how this sort of interference could be deliberate or
useful.
However, regardless of intent, it is interfering with traffic. It's also
evidence that other, more subtle analysis/interference may be happening.
Thanks for this analysis, dcf, and the detailed update.
> I ran attachment:http-redirect.py three times in the past weeks.
> 2015-10-04:: 54 bad exits
> 2015-10-17:: 39 bad exits
> 2015-11-10:: 8 bad exits
I'm assuming that the exit numbers are decreasing because they're listed
by the DirAuths as bad exits, in response to your emails (or running
exitmap themselves).
It seems we're solving the problem, albeit incrementally.
Are the remaining exits new instances, or existing instances that haven't
been blocked yet?
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/17303#comment:9>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list