Crazy with Exit nodes
Benjamin Schieder
blindcoder at scavenger.homeip.net
Wed May 2 10:24:14 UTC 2007
On 02.05.2007 12:21:15, Benjamin Schieder wrote:
> On 02.05.2007 12:00:33, Fabian Keil wrote:
> > Benjamin Schieder <blindcoder at scavenger.homeip.net> wrote:
> >
> > > On 02.05.2007 10:46:28, Fabian Keil wrote:
> > > > "Mr. Blue" <trashdsfg at yahoo.com> wrote:
> > > >
> > > > > When I go to:
> > > > > http://www.whatismyipaddress.com.tamaribuchi.exit/
> > > > > I get expected response AND IP.
> > > > > But when I go to majority sites in form like:
> > > > > http://www.domain.net.tamaribuchi.exit/
> > > > > I get:
> > > > > Index of /
> > > >
> > > > Web servers that are responsible for more than one
> > > > domain rely on the HTTP "Host" header to decide which
> > > > content you're interested in.
> > > >
> > > > If you use Tor's exit node notation in the URL,
> > > > the browser will also append it to the Host header.
> > > >
> > > > ...
> > > >
> > > > The latter can be done automatically with Privoxy's
> > > > hide-tor-exit-notation filter, you can also do it
> > > > manually with Firefox extensions like "Tamper data".
> > >
> > > The privoxy rule by itself won't work in most cases. At least my
> > > installation of firefox does use this:
> > >
> > > GET http://www.example.com.node.exit/path/to/somewhere HTTP/1.1
> > > Host: www.example.com.node.exit
> > > X-SomeHeaders: value
> > >
> > > The Host: will be modified, but not the GET. This is still futile since
> > > I encountered many a webserver ignoring the Host: header with the query
> > > as above.
> >
> > Please name at least one example of a web server that
> > expects or relies on the host being part of the request line.
>
> Full disclosure: this is my own webserver.
>
> root at pallas:/etc/privoxy# tail user.action
> # default policy to have a 'blank' image as opposed to the checkerboard
> # pattern for ALL sites. '/' of course matches all URLs.
> # patterns:
> #
> { +set-image-blocker{blank} }
> #/
>
> ## set vi:nowrap tw=72
> { +filter{hide-tor-exit-notation} }
> /
>
> root at pallas:/etc/privoxy# telnet localhost 8118
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> GET http://blog.crash-override.net.zwiebelsuppe.exit/ HTTP/1.1
> Host: blog.crash-override.net.zwiebelsuppe.exit
>
> HTTP/1.1 403 Forbidden
> Date: Wed, 02 May 2007 10:19:33 GMT
> Server: Apache
> Content-Length: 343
> Content-Type: text/html; charset=iso-8859-1
> Connection: close
>
> <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
> <html><head>
> <title>403 Forbidden</title>
> </head><body>
> <h1>Forbidden</h1>
> <p>You don't have permission to access /
> on this server.</p>
> <hr>
> <address>Apache Server at <a href="mailto:webmaster at crash-override.net">blog.crash-override.net.zwiebelsuppe.exit</a> Port 80</address>
> </body></html>
> Connection closed by foreign host.
>
Sorry to reply to myself, but the same is true for
http://www.spiegel.de.zwiebelsuppe.exit/
Greetings,
Benjamin
--
____ _ _ ____ _ _ _ _____ __ __
/ ___|| | / \ / ___|| | | ( ) ____| \/ |
\___ \| | / _ \ \___ \| |_| |/| _| | |\/| |
___) | |___ / ___ \ ___) | _ | | |___| | | |
|____/|_____/_/ \_\____/|_| |_| |_____|_| |_|
play online: telnet://slashem.crash-override.net
view scores: http://slashem.crash-override.net
watch deaths: irc://irc.freenode.net#slashem
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.torproject.org/pipermail/tor-talk/attachments/20070502/b512035f/attachment.pgp>
More information about the tor-talk
mailing list