[tor-bugs] #20250 [Obfuscation/meek]: macOS 10.12 TorBrowser meek pluggable transport issues
Tor Bug Tracker & Wiki
blackhole at torproject.org
Tue Sep 27 10:27:13 UTC 2016
#20250: macOS 10.12 TorBrowser meek pluggable transport issues
-------------------------------------------------+-------------------------
Reporter: tordevSZ0 | Owner: dcf
Type: defect | Status: new
Priority: High | Milestone:
Component: Obfuscation/meek | Version: Tor:
| unspecified
Severity: Major | Resolution:
Keywords: meek, macOS, TorBrowser, 10.12, | Actual Points:
sierra, macOS |
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Comment (by tordevSZ0):
Here is a list of connections made during an attempted connection (ignore
the 1st failed connections as commented, but notice the PIDs to understand
the process connection relationships and which ones fail in the real
failed connection attempt in part 2).Hope is possible to follow.
PART 1 - FAILED ATTEMPT (THIS CONNECTION FAILED DUE TO HUMAN ERROR, BUT
SETS UP PROCESSES/PIDs, SO WILL SHOW HERE, PERSISTENT FAILURE OCCURRED
DURING PART 2)
process format: procname.PID
ff=firefox
START:
ff.4636 loads
tor.real.4637 loads
tor.real.4637 opens 127.0.0.1:9151 <-> *:* (listen)
ff.4636 opens *:* <-> *:*
tor.real.4637 opens
127.0.0.1:9151 <-> 127.0.0.1:49332
127.0.0.1:9151 <-> 127.0.0.1:49333
ff.4636 opens *:* <-> *:*
tor.real.4637 opens *:* <-> *:*
ff4636 converts the two open *:*<->*:* connections to
127.0.0.1:49332 <-> 127.0.0.1:9151
127.0.0.1:49333 <-> 127.0.0.1:9151
tor.real 4637 converts *:* <-> *:* to
127.0.0.1:9150 <-> *:*
ff.4640 is launched and opens *:* <-> *:*
meek-client.4652 launches
ff.4640 converts *:* <-> *:* to
127.0.0.1:49344: <-> *:*
meek-client.4652 opens tcp6 *:* <-> **
meek-client.4652 converts *:*<->*:* to
tcp4 127.0.0.1:49337 <-> *:*
to.real.4637 opens *:* <-> *:*
meek-client.4652 opens
127.0.0.1:49337 <-> 127.0.0.1:49338
tor.real.4637 converts *:*<->*:* to
127.0.0.1:49338 <-> 127.0.0.1:49337
meek-client.4652 opens *:*<->*:*
ff.4640 opens
127.0.0.1:49334 <-> 127.0.0.1:49339
meek-client.4652 converts *:*<->*:* to
127.0.0.1:49339 <-> 127.0.0.1:49334
ff.4640 opens
10.0.0.139:49340 <-> <AMZN>:443
MEEK
ff.4640 closes connection
127.0.0.1:49334 <-> 127.0.0.1:49339
meek-client.4652 converts
127.0.0.1:49339 <-> 127.0.0.1:49334
ff.4640 opens
127.0.0.1:49334 <-> 127.0.0.1:49343
meek-client.4652 opens
127.0.0.1:49343 <-> 127.0.0.1:49334
tor.real.4637 closes
127.0.0.1:9150 <-> *:*
127.0.0.1:49338 <-> 127.0.0.1:49337
ff.4640 closes
127.0.0.1:49334 <-> *:*
10.0.0.139:49340 <-> <AMZN>:443
127.0.0.1:49334 <-> 127.0.0.1:49343
meek-client.4652 closes
127.0.0.1:49337 <-> *:*
127.0.0.1:49337 <-> 127.0.0.1:49338
127.0.0.1:49343 <-> 127.0.0.1:49334
ff.4640 and meek-client.4652 close
END OF PART 1 (INITIAL FAIL - NOT WHERE KEY DETAILS LIE, JUST NOTE PIDs)
following connections remain from part 1
ff.4636
127.0.0.1:49332 <-> 127.0.0.1:9151
127.0.0.1:49333 <-> 127.0.0.1:9151
tor.real.4637
127.0.0.1:9151 <-> *:*
127.0.0.1:9151 <-> 127.0.0.1:49332
127.0.0.1:9151 <-> 127.0.0.1:49333
——————
START OF PART 2 (WHERE REAL FAILURE OCCURS)
tor.real.4637 opens
*:* <-> *:*
tor.real.4637 converts *:*<->*:* to
127.0.0.1:9150 <-> *:*
ff.4673 launched and opens
*:* <->*:*
meek-client.4674 launched
ff.4673 converts *:* <-> *:* to
127.0.0.1:49344 <-> *:*
meek-client.4674 opens
127.0.0.1:49347 <-> *:*
tor.real.4637 opens *:*<->*:*
meek0client.4674 opens
127.0.0.1:49347 <-> 127.0.0.1:49348
tor.real.4637 converts *:*<->*:* to
127.0.0.1:49348 <-> 127.0.0.1:49347
meek-client.4674 opens *:*<->*:*
ff.4673 opens
127.0.0.1:49344 <-> 127.0.0.1:49349
ff.4673 converts
127.0.0.1:49344 <-> 127.0.0.1:49349
ff.4673 converts
127.0.0.1:49344 <-> 127.0.0.1:49347
to
10.0.0.139:49100 <-> <AMZN>:443
meek-client.4674 converts *:*<->*:* to
127.0.0.1:49351 <-> 127.0.0.1:49344
ff.4673 opens
127.0.0.1:49344 <-> 127.0.0.1:49352
meek-client.4674 converts
127.0.0.1:49351 <-> 127.0.0.1:49344
to
127.0.0.1:49352 <-> 127.0.0.1:49344
ff.4673 closes
127.0.0.1:49344 <-> 127.0.0.1:49352
meek-client.4674 converts
127.0.0.1:49352 <-> 127.0.0.1:49344
to
127.0.0.1:49353 <-> 127.0.0.1:49344
to
127.0.0.1:49354 <-> 127.0.0.1:49344
to
127.0.0.1:49355 <-> 127.0.0.1:49344
to
*:*<->*:*
127.0.0.1:49357 <-> 127.0.0.1:49344
to
127.0.0.1:49358 <-> 127.0.0.1:49344
to
127.0.0.1:49359 <-> 127.0.0.1:49344
to
*:*<->*:*
127.0.0.1:49361 <-> 127.0.0.1:49344
to
127.0.0.1:49362 <-> 127.0.0.1:49344
to
127.0.0.1:49363 <-> 127.0.0.1:49344
to
127.0.0.1:49363 <-> 127.0.0.1:49344
to
127.0.0.1:49364 <-> 127.0.0.1:49344
to
127.0.0.1:49365 <-> 127.0.0.1:49344
to
127.0.0.1:49366 <-> 127.0.0.1:49344
to
*:*<->*:*
to
127.0.0.1:49368 <-> 127.0.0.1:49344
to
*:*<->*:*
to
127.0.0.1:49369 <-> 127.0.0.1:49344
ff.4673 opens
127.0.0.1:49344 <-> 127.0.0.1:49369
meek-client.4673 converts
127.0.0.1:49369 <-> 127.0.0.1:49344
to
*:*<->*:*
ff.4673 closes
127.0.0.1:49344 <-> 127.0.0.1:49369
meek-client.4674 converts
*:* <->*:*
to
127.0.0.1:49371 <-> 127.0.0.1:49344
| goes through :49371 -> :49380 in steps of
1 port
\/
127.0.0.1:49380 <-> 127.0.0.1:49344
to
*:*<->*:*
to
127.0.0.1:49382 <-> 127.0.0.1:49344
| goes through :49382 -> :49385 in steps of
1 port
\/
127.0.0.1:49385 <-> 127.0.0.1:49344
to
*:* <-> *:*
to
127.0.0.1:49387 <-> 127.0.0.1:49344
| goes through :49387 -> :49392 in steps of
1 port
\/
127.0.0.1:49392 <-> 127.0.0.1:49344
then closes
ff.4673 opens
127.0.0.1:49344 <-> 127.0.0.1:49392
then promptly closes again
meek-client.4674 opens
*:*<-> *:*
ff.4673 opens
127.0.0.1:49344 <-> 127.0.0.:49393
meek-client.4674 opens and closes
*:*<->*:*
ff.4673 opens
127.0.0.1:49344 <-> 127.0.0.1:49393
meek-client.4674 opens and closes *:* <-> *:*
ff.4673 opens
127.0.0.1:49344 <-> 127.0.0.1:49394
and closed
meek-client.4674 opens *:*<->*:*
and converts to
127.0.0.1:49396 <-> 127.0.0.1:49344
| goes through :49396 -> :49398 in steps of
1 port
\/
127.0.0.1:49398 <-> 127.0.0.1:49344
ff.4673 opens
127.0.0.1:49344 <-> 127.0.0.1:49398
and closed
meek-client.4674 opens
127.0.0.1:49400 <-> 127.0.0.1:49344
closed
ff.4673 opens
127.0.0.1:49344 <-> 127.0.0.1:49401
tor.real.4637 closes
127.0.0.1:49348 <-> 127.0.0.1:49347
ff.4673 closes
127.0.0.1:49344 <-> 127.0.0.1:49401
meek-client.4674 closes
127.0.0.1:49347 <-> 127.0.0.1:49348
tor.real.4637 closes 127.0.0.1:9150 <-> *:*
ff.4673 closes
127.0.0.1:49344 <-> *:*
10.0.0.139:49100 <-> <AMZN>:443
meek-client.4674 quits
ff.4673 quits
ff.4636 closes
127.0.0.1:49332 <-> 127.0.0.1:9151
127.0.0.1:49333 <-> 127.0.0.1:9151
tor.real.4637 closes
127.0.0.1:9151 <-> *:*
127.0.0.1:9151 <-> 127.0.0.1:49332
127.0.0.1:9151 <-> 127.0.0.1:49333
ff.4636 quits
tor.real.4637 quits
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/20250#comment:5>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list