[tor-dev] [GSoC] Stegotorus status update

vmon vmonmoonshine at gmail.com
Mon Jul 2 08:04:22 UTC 2012

Hey Tor-devers,

I hope you are enjoying the summer as it's officially started and nobody
can deny that (unless you are on the wrong hemisphere). And sorry for
the delay, I was Internet deprived for a while.

So I'm here to tell you what I did in last two weeks.

Following the advice of Zack, I read the code in
steg directory, where the modules which embed the requested data in http
payloads live. It also deals with http details. I also looked into the
randomness algorithms in stegotorus. I suggested some ideas on improving the
code and I'm waiting for Zack to tell me what he thinks about them. It was a
good investment as now I have a good idea that what is happening where in
the code and it makes the task of applying after-forking obfproxy patches to
stegotorus more feasible.

I had a discussion in irc with the Roger and following the discussion
and sharing my idea with Zack, I
started developing a payload serving system that instead of using a static trace
file assumes that apache is installed on the system and query apache for
the payload. So far I have written the prototype of the class and have
shared my design with Zack.

I also looked into the problem that Polipo (as a typical http proxy)
had with Stegotorus that it does not allow any Stegotorus traffic
through. It turned out that Polipo thinks all Stegotorus GET request are
stored in the local hard drive (as they don't have server name and they
starts with /). Hence, it tries to serve them directly from the disk and
 fails. So I shared that with
Zack as well, and we'll discuss the possible solutions. Although, the
new apache payload system won't have that problem.

Hopefully in two weeks we will have the apache payload in
semi-functional condition.


More information about the tor-dev mailing list