[tor-talk] Self-deleting scripts in http connections
mail at parckwart.de
Thu Dec 8 13:10:56 UTC 2016
> This sequence of events got me thinking; the exit node queries servers on
> the behalf of the Tor Browser. Some sites simply cannot be connected to via
> HTTPS. Thus, the exit node must query the site requested in HTTP, which can
> be modified in transit. If done, what form of protections could a MitM do
> between the site and the exit node bypass by, say, inserting a CSS document
> that references an external JS script to force a query from the browser?
Such an attacker could insert some JS or cookies etc. to track a user around
the web or more dangerous attacks like stealing user data. The possibilities
of JS are far-reaching. In the worst case scenario, JS can be used to exploit
a user's device and gain priviliges within the OS. Such an attack has just
been discovered last month on this mailing list right here.
More information about the tor-talk