[prev in list] [next in list] [prev in thread] [next in thread]
List: tor-talk
Subject: Re: Metasploit Decloak Project v2
From: Harry Hoffman <hhoffman () ip-solutions ! net>
Date: 2008-12-15 17:00:05
Message-ID: 1229360405.14645.5.camel () n1-14-96 ! dhcp ! drexel ! edu
[Download RAW message or body]
Interesting, it works with Open Office on Linux revealing the true ip
addr.
There's a option in OO to use a proxy, it was set to system at the time
and I tried just using foxyproxy.
But yeah, like someone else mentioned, using iptables to redirect all
attempts so that you don't have to worry about a app mis-behaving is a
good idea.
Cheers,
Harry
On Sun, 2008-12-14 at 19:26 -0600, H D Moore wrote:
> On Sunday 14 December 2008, Roc Admin wrote:
> > It doesn't seem like there are any new attack vectors but I wanted to
> > pass it along to see if anyone had comments.
>
> I am looking for feedback as well -- right now, the reporting side is
> pretty weak, but that should improve this evening. Roger pointed me at the
> torbutton design notes, so I will continue adding coverage/techniques
> there. This test should work on all browsers regardless of security
> settings or scripting. No test requires javascript, which should give an
> accurate view for folks who run noscript/torbutton. My own testing with
> torbutton shows it to be really solid (only tor exit and tor exit's DNS
> servers show up).
>
> -HD
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic