How are hackers breaking Tor and trojan users?

coderman coderman at
Thu Jun 12 02:22:49 UTC 2008

On Wed, Jun 11, 2008 at 5:35 PM, scar <scar at> wrote:
> ...
>> If someone were to develop a browser-based exploit that managed to get
>> the 'authenticate', with no preceding bytes, to the controlport...
> like this?

that is a standard HTTP post and thus sends HTTP request headers
before the textarea form payload.

what Robert indicated is that he thinks it is highly unlikely that you
could use a browser to connect and send AUTHENTICATE before anything
else, like the request headers.

the challenge / response handshake he suggested is an interesting
option for authenticating to the control port; it would indeed
eliminate any blind injection attacks, while still making it trivial
to use the control port legitimately.

best regards,

More information about the tor-talk mailing list