Snakes On A Tor Scanner - 0.0.3
Mike Perry
mikepery at fscked.org
Sat Oct 14 20:40:12 UTC 2006
Thus spake Mike Perry (mikepery at fscked.org):
> Over the past month or so I've been testing and improving my Tor
> network scanner, and it seems to be shaping up pretty nicely.
>
> http://fscked.org/proj/minihax/SnakesOnATor/SnakesOnATor-0.0.3.zip
Found another DNS poisoner/injector/evil upstream ISP. Exit node
Andrewgao poisoned the scanners access of
http://linuxmafia.com/faq/Debian/installers.html
to give me instead:
http://fscked.org/proj/minihax/SnakesOnATor/linux-mafia.Andrewgao.html
Seems to be a javascript popup to set a cookie and then close the
window. Seems to be slightly broken (the window is never closed for
me), but the scary thing is if it worked, the user's experience would
be that they had accessed the page un-hindered.
Also, as an FYI, I'm exporting my scanner's failure statistics to
http://fscked.org/proj/minihax/SnakesOnATor/fail_rates
Right now it's probably difficult to do anything with that. I will
try to enhance it to be broken down by failure type RSN, then it
should be more clear which nodes are failing circuits/streams and
why.
--
Mike Perry
Mad Computer Scientist
fscked.org evil labs
More information about the tor-talk
mailing list