[tor-talk] "Torifier" for Windows
Christopher Schmidt
christopher at ch.ristopher.com
Mon Jun 17 20:44:53 UTC 2013
David Goulet <dgoulet at ev0ke.net> writes:
> On *nix system we LD_PRELOAD the program thus hijacking the necessary
> symbols to make sure all your TCP and DNS traffic goes through Tor. On
> Windows, I'm a bit clueless on how to proceed but for that I'm really
> looking for contributors to help. :)
I'd hotpatch all Winsock functions. Patch the prologue; do not patch
the IAT - this is not enough!
https://easyhook.codeplex.com/
https://research.microsoft.com/en-us/projects/detours/
Detours are pretty much the easiest and most applicable means to achieve
traffic redirection in user mode. Unfortunately a hostile application
can easily defeat ordinary detours by bypassing Winsocks or loading its
own copy of the Winsocks dll.
Filter drivers, anyone?
Christopher
More information about the tor-talk
mailing list