TOR, I2P, FREENET… FOR WHAT?
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
TOR, I2P, FREENET… FOR WHAT?
DEANONYMIZATOR… THE END OF ANONYMITY ON ANONYMOUS NETWORKS
Denis Makrushin (@difezza), Maria GarnaevaGlobal Research and Analysis Team
«I KNOW WHAT YOU DID LAST SUMMER»
… BUT HOW?!
EXPLOITS, FINGERPRINTING… YEP-YEP.
FLASH, HTML5, ENTRY-NODE DETECTION… YEP-YEP.
BUT HOW …
… did they found my mega-private-0day-forum?!
… did the found me?!
PASSIVE DATA COLLECTION SYSTEM… OR HOW DID THE FOUND MY MEGA-PRIVATE-0DAY-FORUM?!
>> EXITPOLICY ACCEPT *:*
>>TSHARK –I 1 –W DUMP.PCAP
TOR-USER’S PSYCHOLOGICAL PORTRAIT
PSYCHOLOGICAL PORTRAIT. PART TWO.
BlackMarket; 14.32
DDoS-campaign; 3.03
Finan-cialServices; 2.82
Dark-netHoste
r; 1.86
Russian; 1.70
Leaks&Services;
1.70
Pe-dophile;
1.65
Asian; 0.85
Pornographie; 0.85
Hacker&Malicious; 0.80 Search Engines; 0.64Gambling; 0.53Arabic; 0.11
Other19%
Common59%
No Content22%
ACTIVE DATA COLLECTION SYSTEM… OR KNOCK-KNOCK, DUDE!
TRAFFIC INJECTION… YEP-YEP.
TELL ME, WHO ARE YOU?
SO DIFFERENT COOKIES
MEANWHILE, IN TOR BROWSER
LET ME MEASURE YOUR TEXT
GETBOUNDINGCLIENTRECT()
FONT VALUE
Impact 3409372Georgia 3344049Courier New 3430809Consolas 3392005MS Gothic 3383290
“YEP-YEP, WE KNOW” – TOR PROJECT
PROOF-OF-CONCEPT: PREPARING PATIENT
PROOF-OF-CONCEPT: INJECT IT!
PROOF-OF-CONCEPT: ANALYZE IT!
XSS IS A PAIN OF ONION
VECTOR OF ATTACK
I KNOW YOU BY THE FONTS
THANK YOU! [email protected]@kaspersky.comhttp://twitter.com/difezza
Related Documents
