[tor-bugs] #15213 [Circumvention/Pluggable transport]: DNS tunneling transport (like iodine, dnscat)
Tor Bug Tracker & Wiki
blackhole at torproject.org
Sat Apr 25 21:58:05 UTC 2020
#15213: DNS tunneling transport (like iodine, dnscat)
-------------------------------------------------+------------------------
Reporter: federico3 | Owner: (none)
Type: enhancement | Status: new
Priority: Medium | Milestone:
Component: Circumvention/Pluggable transport | Version:
Severity: Normal | Resolution:
Keywords: DNS iodine tor tunneling ideas hard | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+------------------------
Comment (by dcf):
Demonstration of running Tor Browser through the new
[https://github.com/net4people/bbs/issues/30 dnstt] tunnel:
https://lists.torproject.org/pipermail/anti-censorship-
team/2020-April/000080.html
> First, get the tunnel client software and run it with the proper
parameters.
> {{{
> git clone https://www.bamsoftware.com/git/dnstt.git
> cd dnstt/dnstt-client
> go build
> ./dnstt-client -doh https://dns.google/dns-query -pubkey
a8090ab2d7b918e69ed4b2340fcd9c2af33c08e3620af98fb9c6a460fb63f76d tor
.rinsed-tinsel.site 127.0.0.1:7000
> }}}
> You can replace "!https://dns.google/dns-query" with another server from
[https://github.com/curl/curl/wiki/DNS-over-HTTPS#publicly-available-
servers].
>
> Second, in Tor Browser, go to about:preferences#tor, select "Provide a
bridge", and enter
> {{{
> 127.0.0.1:7000 4D6C0DF6DEC9398A4DEF07084F3CD395A96DD2AD
> }}}
> tor will connect to 127.0.0.1:7000 as if it were a remote bridge, but
that port actually leads through the tunnel to the ORPort of my bridge
[https://metrics.torproject.org/rs.html#details/4D6C0DF6DEC9398A4DEF07084F3CD395A96DD2AD
giygas].
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/15213#comment:14>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list