[tor-project] Proxy Leak Detector/Preventor (Outreachy)

Robert Mindo mindo.robert1 at gmail.com
Tue Jan 17 21:47:09 UTC 2023


Greetings!

I wanted to share an update on the progress of the project. So far, the
ability to detect the IP address and port that socket system calls are
sending data to has been successfully implemented. Additionally, the
capability to block system calls that are sending data to an IP address and
port that is not the desired proxy.

An option to kill the application if a proxy leak occurs has been added,
which is useful for manual QA testing of applications. Furthermore, an
option to allow proxy leaks but log any that occur has also been added,
which is useful for automated testing of applications.

Additionally, the capability to use the environment variables that Tor
Browser uses, such as TOR_SOCKS_PORT, to decide what the desired proxy is,
has been included.

SOCKSification is currently being implemented. The approach is to intercept
the connect syscall's entry point and modify the destination IP/Port by
manipulating the syscall. The exit of the connect syscall is then
intercepted in order to capture the returning file descriptor representing
the established socket. The file descriptor is duplicated using pidfd
getfd, then a SOCKS5 handshake is done.

Overall, the project is progressing well and any suggestions are much
welcomed.

Github Repository <https://github.com/namecoin/heteronculous-horklump>

Project Summary
<https://www.namecoin.org/2022/11/29/introducing-intern-robert-nganga.html>

Thank You,

Robert.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20230118/7a9a6bb4/attachment.htm>


More information about the tor-project mailing list