[or-cvs] r14741: Modified soat to scan for exit node port inconsistencies. Te (in torflow/branches/gsoc2008: . TorCtl)
aleksei at seul.org
aleksei at seul.org
Mon May 26 14:49:08 UTC 2008
Author: aleksei
Date: 2008-05-26 10:49:08 -0400 (Mon, 26 May 2008)
New Revision: 14741
Removed:
torflow/branches/gsoc2008/getExitsToPort.py
Modified:
torflow/branches/gsoc2008/TorCtl/TorUtil.py
torflow/branches/gsoc2008/bw-informer.py
torflow/branches/gsoc2008/metatroller.py
torflow/branches/gsoc2008/nodemon.py
torflow/branches/gsoc2008/soat.py
torflow/branches/gsoc2008/statsplitter.py
Log:
Modified soat to scan for exit node port inconsistencies. Temporarily moved some config stuff to TorUtil.
Modified: torflow/branches/gsoc2008/TorCtl/TorUtil.py
===================================================================
--- torflow/branches/gsoc2008/TorCtl/TorUtil.py 2008-05-26 14:26:50 UTC (rev 14740)
+++ torflow/branches/gsoc2008/TorCtl/TorUtil.py 2008-05-26 14:49:08 UTC (rev 14741)
@@ -20,6 +20,12 @@
"BufSock", "secret_to_key", "urandom_rng", "s2k_gen", "s2k_check", "plog",
"ListenSocket", "zprob"]
+meta_port = 9052
+meta_host = '127.0.0.1'
+
+control_port = 9051
+control_host = '127.0.0.1'
+
class Enum:
""" Defines an ordered dense name-to-number 1-1 mapping """
def __init__(self, start, names):
Modified: torflow/branches/gsoc2008/bw-informer.py
===================================================================
--- torflow/branches/gsoc2008/bw-informer.py 2008-05-26 14:26:50 UTC (rev 14740)
+++ torflow/branches/gsoc2008/bw-informer.py 2008-05-26 14:49:08 UTC (rev 14741)
@@ -23,15 +23,13 @@
import traceback
from TorCtl import *
+from TorCtl.TorUtil import control_port, control_host
from TorCtl.TorUtil import *
# Set the version here
VERSION = "0.0-alpha"
# Move these to a config file:
-# Tor host and port
-control_host = "127.0.0.1"
-control_port = 9051
# Listen host and port
listen_host = "137.226.12.177"
listen_port = 9053
Deleted: torflow/branches/gsoc2008/getExitsToPort.py
===================================================================
--- torflow/branches/gsoc2008/getExitsToPort.py 2008-05-26 14:26:50 UTC (rev 14740)
+++ torflow/branches/gsoc2008/getExitsToPort.py 2008-05-26 14:49:08 UTC (rev 14741)
@@ -1,47 +0,0 @@
-#!/usr/bin/python
-
-import sys
-import socket
-from TorCtl import PathSupport, TorCtl, TorUtil
-from TorCtl.TorUtil import *
-from TorCtl.PathSupport import *
-from TorCtl.TorCtl import Connection
-
-control_port = 9051
-
-def main(argv):
- try:
- port = int(argv[1])
- except IndexError:
- plog('INFO', 'No port number supplied as an argument. Using 80')
- port = 80
- except:
- plog('ERROR', 'Port number must be an integer')
- exit()
-
- s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
- try:
- s.connect(("127.0.0.1", control_port))
- except:
- plog('ERROR', 'Couldn\'t connect to the control port. Port ' + control_port + ' was used')
- exit()
-
- c = Connection(s)
- c.debug(file("exits.log", "w"))
- c.authenticate()
-
- plog('INFO', 'Connection established')
-
- routers = c.read_routers(c.get_network_status())
- good_exits = []
-
- exit_restriction = FlagsRestriction(["Exit"],[])
- port_restriction = OrNodeRestriction(
- [ExitPolicyRestriction('255.255.255.255', port)])
- for router in routers:
- if exit_restriction and port_restriction.r_is_ok(router):
- good_exits.append(router)
- plog('INFO', 'Total routers with given exit policy: ' + len(good_exits))
-
-if __name__ == "__main__":
- main(sys.argv)
Modified: torflow/branches/gsoc2008/metatroller.py
===================================================================
--- torflow/branches/gsoc2008/metatroller.py 2008-05-26 14:26:50 UTC (rev 14740)
+++ torflow/branches/gsoc2008/metatroller.py 2008-05-26 14:49:08 UTC (rev 14741)
@@ -27,14 +27,9 @@
from TorCtl import TorUtil, PathSupport, TorCtl
from TorCtl.TorUtil import *
from TorCtl.PathSupport import *
+from TorCtl.TorUtil import meta_port, meta_host, control_port, control_host
mt_version = "0.1.0-dev"
-
-# TODO: Move these to config file
-control_host = "127.0.0.1"
-control_port = 9051
-meta_host = "127.0.0.1"
-meta_port = 9052
max_detach = 3
# Do NOT modify this object directly after it is handed to PathBuilder
Modified: torflow/branches/gsoc2008/nodemon.py
===================================================================
--- torflow/branches/gsoc2008/nodemon.py 2008-05-26 14:26:50 UTC (rev 14740)
+++ torflow/branches/gsoc2008/nodemon.py 2008-05-26 14:49:08 UTC (rev 14741)
@@ -10,6 +10,7 @@
import socket
import traceback
import re
+from TorCtl.TorUtil import control_port, control_host
from TorCtl.TorUtil import *
import sched, time
import thread
@@ -42,8 +43,6 @@
name_to_key = {}
# TODO: Move these to config file
-control_host = "127.0.0.1"
-control_port = 9051
max_detach = 3
def read_routers(c, nslist):
Modified: torflow/branches/gsoc2008/soat.py
===================================================================
--- torflow/branches/gsoc2008/soat.py 2008-05-26 14:26:50 UTC (rev 14740)
+++ torflow/branches/gsoc2008/soat.py 2008-05-26 14:49:08 UTC (rev 14741)
@@ -9,8 +9,12 @@
import urllib
import urllib2
-from TorCtl import TorUtil
+from TorCtl import TorUtil, TorCtl, PathSupport
+
+from TorCtl.TorUtil import meta_port, meta_host, control_port, control_host
from TorCtl.TorUtil import *
+from TorCtl.PathSupport import *
+from TorCtl.TorCtl import Connection
sys.path.append("./tools/BeautifulSoup/")
from BeautifulSoup import BeautifulSoup
@@ -20,9 +24,6 @@
# config stuff
-meta_port = 9052
-meta_host = '127.0.0.1'
-
user_agent = 'Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.1) Gecko/20061010 Firefox/2.0'
wordlist_file = './wordlist.txt';
@@ -36,6 +37,21 @@
doc_urls = ['http://www.torproject.org']
doc_https = []
+# ports to test in the consistency test
+
+''' Check pop/pops, imap/imaps, telnet/ssh, smtp/smtps, http/https'''
+common_ports = [ExitPolicyRestriction('255.255.255.255', 110),
+ ExitPolicyRestriction('255.255.255.255', 143),
+ ExitPolicyRestriction('255.255.255.255', 23),
+ ExitPolicyRestriction('255.255.255.255', 25),
+ ExitPolicyRestriction('255.255.255.255', 80)]
+
+secure_ports = [ExitPolicyRestriction('255.255.255.255', 995),
+ ExitPolicyRestriction('255.255.255.255', 993),
+ ExitPolicyRestriction('255.255.255.255', 22),
+ ExitPolicyRestriction('255.255.255.255', 465),
+ ExitPolicyRestriction('255.255.255.255', 443)]
+
# constants
linebreak = '\r\n'
@@ -80,7 +96,7 @@
# configure metatroller
commands = [
- 'PATHLEN ',
+ 'PATHLEN 2',
'PERCENTFAST 88',
'USEALLEXITS 1',
'UNIFORM 0',
@@ -112,6 +128,35 @@
plog('NOTICE','Current node: ' + self.__exit)
return self.__exit
+ # finds nodes that allow connections over a common protocol
+ # while disallowing connections over its secure version
+ def check_all_exits_port_consistency(self):
+ s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
+ try:
+ s.connect((control_host, control_port))
+ except:
+ plog('ERROR', 'Couldn\'t connect to the control port (' + `control_port` + ' was used)')
+ return 0
+
+ c = Connection(s)
+ c.authenticate()
+
+ plog('INFO', 'Connection to control port established')
+
+ routers = c.read_routers(c.get_network_status())
+ bad_exits = []
+
+ for router in routers:
+ for i in range(0,len(common_ports)):
+ if common_ports[i].r_is_ok(router) and not secure_ports[i].r_is_ok(router):
+ bad_exits.append(router)
+ plog('INFO', 'Router ' + router.nickname + ' allows ' + `common_ports[i].to_port` + ' but not ' + `secure_ports[i].to_port`)
+ break
+
+ plog('INFO', 'Total exits: ' + `len(routers)`)
+ plog('INFO', 'Good exits: ' + `(len(routers) - len(bad_exits))`)
+ plog('INFO', 'Bad exits: ' + `len(bad_exits)` + ' (~' + `(len(bad_exits) * 100 / len(routers))` + '%)')
+
def check_http(self, address):
request = urllib2.Request(address)
request.add_header('User-Agent', user_agent)
@@ -128,7 +173,7 @@
content = f.read()
content = content.decode('ascii', 'ignore')
- socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5, "127.0.0.1:9060")
+ socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5, "127.0.0.1:9050")
socks.socket = socks.socksocket
try:
@@ -225,10 +270,12 @@
def main(argv):
scanner = ExitNodeScanner(meta_host, meta_port)
+ scanner.check_all_exits_port_consistency()
+
+ '''
scanner.get_exit_node()
scanner.check_http("http://www.ee.ee")
- '''
global doc_urls
doc_urls.extend(load_url_list())
doc_urls = list(Set(doc_urls))
Modified: torflow/branches/gsoc2008/statsplitter.py
===================================================================
--- torflow/branches/gsoc2008/statsplitter.py 2008-05-26 14:26:50 UTC (rev 14740)
+++ torflow/branches/gsoc2008/statsplitter.py 2008-05-26 14:49:08 UTC (rev 14741)
@@ -4,13 +4,14 @@
import math
#from TorCtl import *
from TorCtl import TorUtil, PathSupport, TorCtl
+from TorCtl.TorUtil import control_port, control_host
from TorCtl.TorUtil import *
from TorCtl.PathSupport import *
TorUtil.loglevel = "NOTICE"
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
-s.connect(("127.0.0.1",9051))
+s.connect((control_host,control_port))
c = Connection(s)
c.debug(file("control.log", "w"))
c.authenticate()
More information about the tor-commits
mailing list