Где заканчивается анонимность в анонимных сетях
-
Upload
positive-hack-days -
Category
Documents
-
view
192 -
download
0
Transcript of Где заканчивается анонимность в анонимных сетях
TOR, I2P, FREENET… FOR WHAT?
DEANONYMIZATOR… THE END OF ANONYMITY ON ANONYMOUS NETWORKS
Denis Makrushin (@difezza), Maria GarnaevaGlobal Research and Analysis Team
«I KNOW WHAT YOU DID LAST SUMMER»
… BUT HOW?!
EXPLOITS, FINGERPRINTING… YEP-YEP.
FLASH, HTML5, ENTRY-NODE DETECTION… YEP-YEP.
BUT HOW …
… did they found my mega-private-0day-forum?!
… did the found me?!
PASSIVE DATA COLLECTION SYSTEM… OR HOW DID THE FOUND MY MEGA-PRIVATE-0DAY-FORUM?!
>> EXITPOLICY ACCEPT *:*
>>TSHARK –I 1 –W DUMP.PCAP
TOR-USER’S PSYCHOLOGICAL PORTRAIT
PSYCHOLOGICAL PORTRAIT. PART TWO.
BlackMarket; 14.32
DDoS-campaign; 3.03
Finan-cialServices; 2.82
Dark-netHoste
r; 1.86
Russian; 1.70
Leaks&Services;
1.70
Pe-dophile;
1.65
Asian; 0.85
Pornographie; 0.85
Hacker&Malicious; 0.80 Search Engines; 0.64Gambling; 0.53Arabic; 0.11
Other19%
Common59%
No Content22%
ACTIVE DATA COLLECTION SYSTEM… OR KNOCK-KNOCK, DUDE!
TRAFFIC INJECTION… YEP-YEP.
TELL ME, WHO ARE YOU?
SO DIFFERENT COOKIES
MEANWHILE, IN TOR BROWSER
LET ME MEASURE YOUR TEXT
GETBOUNDINGCLIENTRECT()
FONT VALUE
Impact 3409372
Georgia 3344049
Courier New 3430809
Consolas 3392005
MS Gothic 3383290
“YEP-YEP, WE KNOW” – TOR PROJECT
PROOF-OF-CONCEPT: PREPARING PATIENT
PROOF-OF-CONCEPT: INJECT IT!
PROOF-OF-CONCEPT: ANALYZE IT!
XSS IS A PAIN OF ONION
VECTOR OF ATTACK
I KNOW YOU BY THE FONTS
THANK YOU! [email protected]@kaspersky.comhttp://twitter.com/difezza