[tor-dev] carml: tasty treats from your Tor

Leif Ryge leif at synthesize.us
Mon Aug 4 22:03:04 UTC 2014 

Thanks for writing this, meejah! Awesome tool. I'm seeing some rather strange
things in its "monitor" output though, indicating either bugs in it, or in tor,
or that something is wrong with my system, or perhaps that Tor has some
behavior I don't know about :/

For instance:

Circuit 398 () is LAUNCHED for purpose "GENERAL"
Circuit 398 (tornodenl) is EXTENDED for purpose "GENERAL"
Circuit 398 (tornodenl->Kaarli) is EXTENDED for purpose "GENERAL"
Circuit 398 (tornodenl->Kaarli->CompSciR0x) is EXTENDED for purpose "GENERAL"
Circuit 398 (tornodenl->Kaarli->CompSciR0x) is BUILT for purpose "GENERAL"

the above seems normal, but then some time later...

Circuit 398 (tornodenl->Kaarli->CompSciR0x->FlappyBird) is EXTENDED for purpose "GENERAL"
Circuit 398 (tornodenl->Kaarli->CompSciR0x->FlappyBird) is BUILT for purpose "GENERAL"
Stream 2509 to 217.23.4.123.$EABB28C6030D78A98B0D8E3BF583463F49C04C59.exit:9001 attached via circuit 398

I've seen this happen several times: four hop circuits, followed by streams to
the last hop using the .exit notation (that IP and fingerprint are for the
relay FlappyBird, according to Atlas). I don't have AllowDotExit enabled in my
torrc, fwiw.

I'm also occassionally seeing single-hop circuits in the output of "circ -L",
though I haven't noticed one being used yet.

Any ideas?

~leif

On Sun, Aug 03, 2014 at 09:32:18PM +0400, meejah wrote:
> 
> I've got a first super-alpha release of this thing that's been sitting
> around for a while. Turns out "sanitize a bit" turns into "refactor some
> things" and so forth...
> 
> Anyway, carml does various command-line things with Tor and I thought it
> might be useful to others (plays nicely with grep, pipes, etc).
> 
> I would really love feedback on whether the "downloadbundle" command is
> doing the right thing with certificate-checks.
> 
> https://github.com/meejah/carml
> https://carml.readthedocs.org/en/latest/
> 
> You can "pip install carml" to try it out. Recommend doing this in a
> virtualenv:
> 
>    virtualenv trycarml
>    ./trycarml/bin/pip install carml
>    ./trycarml/bin/carml help
> 
> To check signatures first, instead download the WHL file and associated
> signature from PyPI, gpg --verify it and then replace "install carml"
> with "install path/to/.whl" above.
> 
> Some other things to try:
> 
>    carml downloadbundle --extract --system-keyring
>    echo "hello darkweb" | carml pastebin
> 
> wait for a new consensus to be published, dump it and exit:
> 
>    carml events --once NEWCONSENSUS
> 
> Currently, the defaults work with a system Tor (i.e. localhost port
> 9051). Probably I'll change this to be TBB defaults. To connect to a Tor
> Browser Bundle instance, do this:
> 
>    carml --connect tcp:localhost:9151 monitor
> 
> It is written using Twisted and txtorcon.
> 
> Thanks,
> meejah



> _______________________________________________
> tor-dev mailing list
> tor-dev at lists.torproject.org
> https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

More information about the tor-dev mailing list