[tor-talk] Hacker and Tor.

Jon Tullett jon.tullett at gmail.com
Thu Dec 1 09:14:04 UTC 2016


On 30 November 2016 at 12:20, Jason Long <hack3rcon at yahoo.com> wrote:
> It just a question.
...
>  > Hello.
>  > If you browse a Cpanel via Tor for deface
>  > a website then can
>  > provider or Website
>  > admin find your real IP with some
>  > tricks? Any experiences?

OK: yes.

Step back a little. Rephrase it as "if a target browses to a monitored
page via Tor, can a provider find their real IP?" We know this is
possible; the FBI used such techniques against, eg, Freedom Hosting.
It requires control over the affected page, available browser
exploits, and sloppy opsec by the victim.

Given that such a technique works in general, it would work equally in
specific instances like a cPanel interface.

Logically, therefore, the answer to your question is "yes".

-J


More information about the tor-talk mailing list