Cipherspaces/Darknets: An Overview of Attack Strategies

Video thumbnail (Frame 0) Video thumbnail (Frame 2491) Video thumbnail (Frame 4410) Video thumbnail (Frame 7413) Video thumbnail (Frame 8467) Video thumbnail (Frame 10618) Video thumbnail (Frame 12288) Video thumbnail (Frame 14527) Video thumbnail (Frame 15789) Video thumbnail (Frame 17665) Video thumbnail (Frame 19899) Video thumbnail (Frame 21655) Video thumbnail (Frame 23814) Video thumbnail (Frame 25389) Video thumbnail (Frame 26977) Video thumbnail (Frame 28025) Video thumbnail (Frame 29381) Video thumbnail (Frame 30564) Video thumbnail (Frame 32206) Video thumbnail (Frame 36390) Video thumbnail (Frame 40236) Video thumbnail (Frame 43487) Video thumbnail (Frame 45536) Video thumbnail (Frame 47349) Video thumbnail (Frame 49513) Video thumbnail (Frame 52079) Video thumbnail (Frame 54141) Video thumbnail (Frame 55384) Video thumbnail (Frame 58999) Video thumbnail (Frame 60114) Video thumbnail (Frame 62713) Video thumbnail (Frame 65966) Video thumbnail (Frame 67489) Video thumbnail (Frame 69204) Video thumbnail (Frame 70215) Video thumbnail (Frame 73881) Video thumbnail (Frame 75449) Video thumbnail (Frame 76730)
Video in TIB AV-Portal: Cipherspaces/Darknets: An Overview of Attack Strategies

Formal Metadata

Title
Cipherspaces/Darknets: An Overview of Attack Strategies
Title of Series
Author
License
CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.
Identifiers
Publisher
Release Date
2013
Language
English

Content Metadata

Subject Area
Abstract
Darknets/Cipherspaces such as Tor and I2P have been covered before in great detail. Sometimes it can be hard to follow attack strategies that have been used against them as the papers written on the topic have been academic and abstract. What this talk will attempt to do is step back and give an overview of the topic in a manner hopefully more conducive to the understanding of security practitioners, giving more concrete examples. While little to nothing in this talk will be "new and groundbreaking" it should lead to a better understanding of how encrypted anonymizing networks can be subverted to reveal identities. Adrian Crenshaw has worked in the IT industry for the last thirteen years. He runs the information security website Irongeek.com, which specializes in videos and articles that illustrate how to use various pen-testing and security tools.

Related Material

Video is accompanying material for the following resource
Dependent and independent variables Information Multiplication sign Weight 1 (number) Computer network Bit Cyberspace Term (mathematics) Strategy game Software Term (mathematics) Different (Kate Ryan album) Encryption Website Energy level Spacetime Right angle Encryption Collision Information security Information security Proxy server Spacetime
Group action 1 (number) Online help Student's t-test Focus (optics) IP address Power (physics) Data model Coefficient of determination Cross-correlation Causality Term (mathematics) Different (Kate Ryan album) Encryption Energy level Endliche Modelltheorie Amenable group Vulnerability (computing) Identity management Cybersex Morphing Focus (optics) Touchscreen Information Augmented reality Weight Projective plane Electronic mailing list Computer network Bit Instance (computer science) Term (mathematics) Type theory Uniform resource locator In-System-Programmierung Process (computing) Software Mixed reality Quicksort Communications protocol Spacetime
Point (geometry) Functional (mathematics) Service (economics) Digital electronics Proxy server Ferry Corsten Direction (geometry) File format Directory service Internetworking Term (mathematics) Different (Kate Ryan album) Hash function Encryption Energy level Cuboid Information Series (mathematics) Proxy server Multiplication Focus (optics) Information Server (computing) Mathematical analysis Correlation and dependence Bit Type theory Wind tunnel Process (computing) Internetworking Software Website Encryption Quicksort Router (computing)
Message passing Functional (mathematics) Software Different (Kate Ryan album) File format Closed set Encryption Energy level Encryption Message passing Routing Vector potential
Point (geometry) Authentication Functional (mathematics) Ferry Corsten Point (geometry) Password Computer network Instance (computer science) Software Telecommunication Quicksort Hacker (term) Information security Communications protocol Communications protocol Window
Point (geometry) Ferry Corsten Password Connected space Similarity (geometry) Message passing IRIS-T Encryption Energy level Communications protocol Hacker (term) Information security Freeware Routing
Point (geometry) Web page Email Email Weight Line (geometry) Mixed reality Interpreter (computing) Encryption Diagram Circle Right angle Encryption Information security Communications protocol Communications protocol Information security Address space Amenable group Spacetime
Proxy server Real number Set (mathematics) Web browser IP address Software bug Power (physics) Leak Web 2.0 Anwendungsschicht Direct numerical simulation Type theory Energy level Communications protocol Proxy server Plug-in (computing) Information Mathematical analysis Bit Instance (computer science) Cartesian coordinate system Leak Type theory Direct numerical simulation Configuration space Website Fiber bundle Communications protocol
Server (computing) Service (economics) Computer file Image resolution Virtual machine Set (mathematics) Web browser Mereology Leak Web 2.0 Direct numerical simulation Internetworking Computer configuration Core dump Query language Proxy server Address space Information Twin prime Menu (computing) Cartesian coordinate system Leak Connected space In-System-Programmierung Telecommunication Direct numerical simulation Website Configuration space
Web page Server (computing) Service (economics) Set (mathematics) Medical imaging Uniform resource locator Coefficient of determination Personal digital assistant Computer configuration Website Proxy server Communications protocol Plug-in (computing)
Context awareness Programmable read-only memory Menu (computing) Web browser Web 2.0 Mathematics Cache (computing) Different (Kate Ryan album) Profil (magazine) Internetworking Website HTTP cookie Proxy server HTTP cookie Asynchronous Transfer Mode
Time zone Slide rule Server (computing) Greatest element Service (economics) Server (computing) Weight Bit Instance (computer science) IP address Web application Message passing Internetworking Normed vector space Gastropod shell Website Remote procedure call Extension (kinesiology) Communications protocol Computer worm Vulnerability (computing)
Point (geometry) Peer-to-peer Open source Computer file Hash function Computer configuration Ferry Corsten Telecommunication Interior (topology) Client (computing) Table (information) Chi-squared distribution
Default (computer science) Digital electronics Multiplication sign Virtual machine Division (mathematics) Client (computing) Cartesian coordinate system Message passing Causality Software Personal digital assistant Website System identification Communications protocol Identity management
Server (computing) Service (economics) Divisor Real number Virtual machine .NET Framework Hidden Markov model Set (mathematics) Client (computing) Web browser Rule of inference IP address Product (business) Coefficient of determination Internetworking Different (Kate Ryan album) String (computer science) Core dump Cuboid Software testing Proxy server Plug-in (computing) Social class Torus Information File format Weight Projective plane Cartesian coordinate system Limit (category theory) System call Wave packet Web application Software Einbettung <Mathematik> Website Hill differential equation Fiber bundle Communications protocol Computer worm Reverse engineering
Standard deviation Cross section (physics) Server (computing) Multiplication sign Similarity (geometry) Directory service Client (computing) Heegaard splitting Coefficient of determination Centralizer and normalizer Internetworking Vertex (graph theory) Physical system Capability Maturity Model Standard deviation Server (computing) Weight Computer network Core dump Denial-of-service attack Total S.A. Directory service Category of being Message passing Internetworking Hash function Software Website Speech synthesis Figurate number Table (information)
Table (information) Multiplication sign Workstation <Musikinstrument> Vermaschtes Netz Directory service Field (computer science) Centralizer and normalizer Bridging (networking) Internetworking Oval Hash function Core dump Vertex (graph theory) Router (computing) Alpha (investment) Form (programming) Dependent and independent variables Email Information Server (computing) Projective plane Electronic mailing list Bit Directory service Lattice (order) Instance (computer science) Prediction Density of states Software Hash function Personal digital assistant Bridging (networking) Table (information) Communications protocol
Polygon mesh Email Information Weight Projective plane Data storage device Vermaschtes Netz Computer network Client (computing) Connected space Type theory Message passing Uniform resource locator Internetworking Computer hardware Information Wireless LAN Communications protocol Physical system Alpha (investment) Physical system Alpha (investment) Software development kit
Point (geometry) Polygon mesh Statistics Multiplication sign Projective plane Computer network Bit Mathematical analysis Statistics Category of being Software Internetworking Different (Kate Ryan album) System programming Cuboid Information Communications protocol Alpha (investment) Physical system
Email Server (computing) Uniqueness quantification Multiplication sign Projective plane Skewness Skewness Bit Instance (computer science) 2 (number) Type theory Message passing Software Different (Kate Ryan album) Personal digital assistant Computer hardware Pattern language Circle Quicksort Table (information)
Web page Server (computing) Information Multiplication sign MIDI Maxima and minima Icosahedron IP address Neuroinformatik 2 (number) Web 2.0 Type theory Message passing Software Finite difference Internetworking Different (Kate Ryan album) Electronic meeting system Website Cuboid Table (information) Traffic reporting Address space Chi-squared distribution
Point (geometry) Server (computing) Multiplication sign Disk read-and-write head Mereology IP address Metadata Web 2.0 Internetworking Synchronization Natural number Different (Kate Ryan album) Office suite Communications protocol Proxy server Address space Social class Time zone Information File format Server (computing) Weight Computer network Bit Instance (computer science) Word Personal digital assistant Mixed reality Website Quicksort Communications protocol Probability density function
Point (geometry) Web page Mobile app Open source Multiplication sign Floppy disk 8 (number) Disk read-and-write head Metadata Neuroinformatik Revision control Medical imaging Causality Thumbnail Mobile app Default (computer science) Touchscreen Information Weight Metadata Cartesian coordinate system Category of being Word Digital photography Auditory masking Blog Website
Point (geometry) Classical physics Virtual machine Bit Uniform resource locator Uniform resource locator Read-only memory Semiconductor memory Hard disk drive Cuboid Computer forensics Booting Computer forensics Social class
Random number Game controller File Carving Information Weight Random walk Mathematical analysis Control flow Demoscene Uniform resource locator Software Computer configuration Personal digital assistant Semiconductor memory Blog Personal digital assistant Encryption Hard disk drive Videoconferencing Website Cuboid Videoconferencing Physical system Probability density function
Game controller Identifiability Civil engineering Real number Limit (category theory) Event horizon Strategy game Core dump Cuboid Router (computing) Amenable group God Algorithm Denial-of-service attack Instance (computer science) Limit (category theory) Band matrix In-System-Programmierung Befehlsprozessor Hash function Software Video game Theory of everything Table (information) Near-ring
Email Dependent and independent variables NP-hard Multiplication sign Mathematical analysis Computer network Total S.A. Mathematical analysis Cartesian coordinate system Connected space Peer-to-peer Anwendungsschicht Chain Data exchange Software Quicksort Bounded variation Bounded variation Social class Identity management
Point (geometry) Game controller Information Key (cryptography) View (database) Ferry Corsten View (database) Multiplication sign Internet service provider Vermaschtes Netz Vermaschtes Netz Connected space 2 (number) In-System-Programmierung Cross-correlation Bit rate Profil (magazine) Pattern language Communications protocol
Point (geometry) Axiom of choice Dataflow Server (computing) Game controller Multiplication sign Set (mathematics) Rule of inference Cross-correlation Bit rate Different (Kate Ryan album) Computer configuration Router (computing) Email Trail Structural load Mathematical analysis Denial-of-service attack Band matrix Message passing Wind tunnel Software Personal digital assistant Cross-correlation Network topology Pattern language Communications protocol
Existence Service (economics) Information Weight Multiplication sign IP address Leak Web 2.0 Frequency Coefficient of determination Cross-correlation Internetworking Cross-correlation Website Maize Information
Demon Server (computing) Email Demon Link (knot theory) Service (economics) Link (knot theory) Server (computing) IP address Number Web 2.0 Revision control Software Software Website Cuboid Vertex (graph theory)
Computer icon Link (knot theory) Information Web page Computer-generated imagery Open source Open set Event horizon File Transfer Protocol Open set Computer icon Data model Self-organization Library (computing) Flag
hello everyone the talk you're sitting in on right now is cycling spaces and darknets an overview of attack strategies first of all quickly a little bit about
me I'm an Aggie comm hopefully some of you visited the website before I have an interest in InfoSec education I don't know everything I'm just cook time with my hands so I think it's something slightly wrong on one he's a darkness I'll be talking about come up to me after the talk I'd be interested in hearing about it back in the Q&A room I'm also a regular on the ISDN podcast they podcast five times a week I'm usually are on Thursdays and I'm also a researcher for the nasty Institute which is kind of response to me coming here today all right a little
bit of background information first of all what do I mean when I say a darknet now there's a lot of different definitions and can get a little confusing there's some name collision out there but I'm using the broader sense of darknet to be just an anonymizing network generally speaking these darknets are also known as mixed nets where you have multiple proxies that you hop through and different levels of encryption so that you can communicate and people don't know both where you're communicating to or what you're communicating I also love the term cyberspace and that might be a little clearer term to use for some of these networks the two ones I'll be using as reference examples or of course tour and I to pee but there's a lot of other ones and some of the attack strategies are talking about here are very academic and those actually mitigations in place and most tour and I to pee to hopefully make them not be nearly as the size the problem that they could be things get subtle Meuse talk
about talking about attacking mix nets terms kind of vary between researcher and researcher what they mean some particular term means for instance who hears have heard of a civil attack who has ever heard of a sock puppet polish few more people sock puppet I'll go into the definitions all those but a lot of our literature out there is very academically oriented I'm gonna try to make this talk begin in such a way that helps people understand that academic research without necessarily have 20 papers on the subject there's a lot of weaknesses are interrelated civil attacks for instance can be used to help augment attacks with like traffic correlation and like I said there's a lot of other cipher spaces out there besides to--and ITP the ones you see up there on the screen it's just to name a few but toss things have gotten most aground and I GP is sort of a runner up if anybody wants stickers from the ITP project come up to me at the Q&A room I have some but like I said before I'm gonna focus on tour and I GP for my illustrations and some of the toxic we've ever academic and I'm trying to give a few real-world examples though to illustrate how they can be used now when
it comes to tacking darknets threat model matters a whole lot you can't really protect against everything some protocols may just be lost causes one of the problems with some of these cyber spaces that people try to throw protocols across them that just were never designed to be anonymized BitTorrent would be a good example which I'll go into a little bit later on users may do things to reveal themselves now how anonymous someone is they start using a dotnet and use the real name well you know who they are not all the attacks that we're talking about necessarily reveal the actual identity of the person they may just revealed what the IP address they're truly talking from or may just reduce the an amenity set for instance you don't know the true IP they offer but you know they used is px or they're in country Y also it comes to attackers the student types you have your active versus passive ones your active ones are actively doing stuff to manipulate the network and passive ones was just saying they're listening you also have location location internal versus external externally the listing like your ISP might be internally somebody who decides to join the dog net and screw around if it appears and see what they can find out adversaries of course also vary by the power level you have like nation-states which you have certain higher level power you're gonna have things like ISPs as well then there's differences between Western democracies and other places for instance some of these dark Nets they've I let me do a very good job of hiding who you're talking to and what you're sending everybody knows you're using it and some countries just the fact you're trying to hide something from the government may be enough to have someone come knock at your door also some private interest groups may also be interested in finding out who's actually behind a certain pseudo name or who's actually exchanging information these dog nets and finally those smokes like me who just like to play around alright
the two darknets I'm will use for most my illustrations above tour and ITP I'm only going to quickly cover those Holly people's you're here put it all before pretty much everybody how many people have heard of ITP well that's more like cool awesome but at or essentially you have multiple levels of encryption you pass something in it's like Chinese nesting dolls or like an ogre with layers and each layer along the way gets stripped off to get to the exit point then you reverse the process to get back in hidden services or a slightly different issue or you can host something inside the Tor network but it's mainly focused on outfoxing to the public Internet I have to pee on the
other hand a little bit different instead of using bi-directional tunnels where you build a circuit and it's both you're in and you're out it has unidirectional tunnels well basically you have a series of out tunnels you send something out and you send them into someone else's in tunnels and you have in terms of your own which coming informations coming to you from other people's out tunnels this uh you know directionality is there to hopefully mitigate some traffic analysis attacks because you have to compromise more nodes in the network to figure out who's talking to who it also uses layered encryption it generally first to it as garlic routing and I'll try to discuss the difference garlic packets and I'll try to explain some of the definitional differences between the two but its key focus isn't out proxying to the public Internet it can do that but generally you have like one out proxy its main goal is so you can host something internally without other people knowing you're the one hosting it and this could be anything from well an each site which is a website or two a box you can SSH into IRC all those sorts of things and in my opinion this is rather subjective it seems to do the hidden services types of a functionality faster than toward us but it doesn't really have great outfoxing ability to the public Internet because you generally have one out proxy so it's easy to detect not that tor can't be detected but that's another subject matter essentially you have with ITP
three levels of encryption you have your end to end you have between each hop and you have between your in tunnel and you're out tunnel conceptually though it's pretty similar to uh Onion Routing the key difference is it's called garlic
because you have cloves in a piece of
garlic to wear inferior you could make a message send it to an endpoint actually
have a separate out and have it separate out in the separate messages and have them all returned to you in different ways now the way ITP currently implements this it doesn't really take that full functionality it's actually a little closer to Onion Routing then that picture illustrates but that's a concept of what you could potentially do with garlic routing and if you accentuate that some more imagine if you can send a message out and have close of it separate here separate there come back in different directions and they're asking this masking traffic for each other as you're sending these packets on the network it's not exactly that implement infinitely and iqp as if yet but the packet format has that potential
alright the first phone abilities we're gonna be talking about or untrusted exit nodes you're only as anonymous as data you send quick overview this is mostly
tour centric you're gonna wonder is the person who's running the exit point you're going through are they looking at your data the traffic may be encrypted while it's inside the network but once it hits that exit point its unencrypted or it's encrypted or is whatever protocol is riding inside of tor if you're using HTTPS you may be okay depending and I'll get out that depending here in a second a few
instances then a ghost odd the whole thing embassy hack was called back in 2007 essentially a bunch of people were workers at embassies were using tor to tunnel out of the host country so they could do things anonymously unfortunately the things they were doing didn't lend themselves to I'm being particularly anonymous yeah the host country may not been able to directly spy on my communications but when you're using pop3 SMTP HTTP basic authentication and other plaintext protocols the person who's sitting there on that exit point can sniff it what Dan did was he set up his own exit point and started sniffing the traffic to see what was going on out there not exactly the best way to keep yourself private if you're using tor for those sorts of functionalities so keep in mind if you're using tor be careful just send out there you're only a synonymous it's the data you request and send also Moxie
Marlinspike had a similar thing and this is what my little note about SSL comes in he set up his own exit point he put SSL strip on it so even if someone was trying to use HTTPS and having an extra encrypted inside the Tor tunnel he'd use SSL strip not that connection down to http and be able to look at it and if the person who was surfing using tor wasn't paying attention and didn't notice that the lock wasn't there the uol didn't say HTTP then they might fail been owned quick illustration what this
looks like and also gives you a better idea of what I mean by Onion Routing essentially you have free levels of encryption on a message gets one layer just ripped off on each hop it's the exit point goes out unencrypted and at
that point the person can look at it and possibly modify it to do some other attacks I'll be talking about later on you can tell some people want to draw node diagrams of size for spaces and mix Nets they give you like circles and lines so this is my interpretation of what a darkness should look like it's all one big happy duck net and of course anytime you see someone with a goatee we obviously know the goatee one's evil
okay keep in mind mitigation wise toys for an amenity not necessarily security you only ask you as the protocols you're trying to make right on top of it use you Indian encryption don't use plaintext protocols and if you do use plaintext protocols expect that up you might be able to see them but sometimes that's fine you just want to visit a webpage without people knowing you're visiting that webpage you don't care if they see that someone access this webpage you email however it's a slightly different matter don't use plain text protocols that send user names and email addresses if they you're not very anonymous that people know your email address and name but
strangely enough people that embassy we're doing it the next type of attack and we'll talk about is DNS leaks and other protocol leaks on the application layer there's all the traffic you're
trying to send actually go through the proxy or the summons that leaked out in other ways dns leaks are a classic example and badly configured proxy settings could also lead to some types of traffic to go elsewhere and I'll show some of those bad configurations here shortly a Snooper can set up web bugs and if the protocol that the web bug is accessed via instance properly supported by the darknet it's possibly confining the real IP address to someone visiting a site HTTP is a good example of this but plugins can also be an issue there's a lot of plugins out that they don't necessarily properly respect the proxy settings of the browser embedded in application level stuff is generally a problem a whole lot things in academia seems it was valve around traffic analysis attacks but it takes a little bit more power for adversary to pull something I was off the application layer stuff most people can pull off I imagine in this room JavaScript is pretty much just hosed definitely used the tor browser tor buttons and the tor browser bundle tries to sanitize some of the JavaScript issues probably turn scripting off but for more information how javascript can probably pull somebody go check out Greg Lee fly shows talk DEFCON 17 but to give you a graphical
illustration here's what a DNS leaf looks like let's say you'll go out and you visit angie calm you don't want anybody to know you're visiting are you calm well sometimes when people configure tour or ITP for that matter if the request for that hostname is not sent into the document itself it may be sent out to the public internet now in this particular illustration my ISP wouldn't necessarily know what information I'm sending out on to the darknet but since they see I'm making a DNS request for Angie calm well they know I'm going to be web surfing there even though they don't know what they them getting from Andy calm the same thing goes for onion and ITP addresses these are hidden services and each sites respectively while your communications to them might be secured and no one can see what you're sending if your DNS entries or your DNS settings are misconfigured or your browser's not probably supporting them someone who controls the DNS server can just sniff that connection to the DNS server can figure out oh well I'm not sure what he's doing with this ITP site but I know he's contacting it and depending on what the site is that could be bad enough mitigations for this well
first thing she part deal is connect to a tor ITP follow-up Wireshark or TCP dump and use that little TCP dump filter port 53 and see if anything's actually going out there on port 53 see if anybody's doing any kind dns communications while you're stuffing around using tor ITP if you have Firefox setup you may want to make sure that this particular configuration is said he going about config and just said that to use remote DNS through the proxy to hopefully mitigate those kind of leaks and some applications no matter what they don't have a setting where you can say send everything through my socks proxy to do all name resolutions so tor button can also help with this torat button actually mixing these settings for you other applications variable you have to make these settings you may have to file all off of machines for 53 entirely might be an option another option out there is inside of tor you can edit the RC file and there's a setting called DNS port 53 you just set DNS port 53 and your local machine will not have a DNS server on it and you can set your machine to use that as deenis of in your IP settings so that hopefully that would totally mitigate the problem of people being able to see your dns traffic and figuring out where you're surfing
another thing is grabbing content outside the darknet I stumbled across this while I was playing off ITP and didn't exactly have all my settings done correctly essentially what happens is let's say someone requests a hidden server or an each site and that service happens to have some extra stuff embedded in it this could be a plugin it could be just an image in this case I'd configured an HTTP proxy using IGP but I did not configure an HTTP proxy so if someone happened to have an image embedded in the page that said HTTP some URL to some image it would not be going for my dog net instead it'd be going directly and let's say they're serving up serial numbered images they can quickly correlate who visited this page with this particular person who contacted me inside of the darknet
now here's what I screwed up when I've listed my settings on ITP I just said an HTTP proxy cup options I could set I could say use this proxy for all protocols in ITV's case that setting isn't exactly ideal because all those other protocols are not supported by the proxy but at least it's keeping that little SSL issue from happening another option would be to actually configure an SSL proxy which GP does have though that particular out proxy has a tendency be down slightly we later would be things
like cookies let's say your web surfing along you're visiting Google and you go ok I'm going to go look for some web sites now and I want to be anonymous however you didn't change context or anything like that and you've just started I said ok start using my tor proxy well if you've got a cookie while you were outside the darknet and you haven't changed context --is really switched in the private browsing mode or use different browser or change profiles where that same cookie could very well be served up to the host while inside
the darknet and through it then go well I saw this person coming to me from the public Internet and I see them coming to me from the darknet with the same cookie I know it's the same person there's also
a possibility of making hitters and services contact you for instance let's say someone's running a vulnerable web application on an EP site or tor hidden service it's possible you could throw an excellent payload something like let's say some kind of shell execution vulnerability and actually get that remote target server to contact you outside the dark net and now you know who they actually are another example
would be BitTorrent a bit torn has a lot of issues and all this work I've pulled from the folks whose names are at the bottom of the slide I really don't want to butcher their team so I'll go out and check it out later it should be on your DEF CON CD but BitTorrent has multiple issues one of the tissues is if tor zone being used for contacting the tracker I could just watch announce message extension protocol handshakes to extract real ip's another thing is again if tor
is only being used for contacting the tracker and SSL is not used I could sit there as the exit point and I could change the return Pyrrhus the point to me is one of the sources and watched for the outside contact then try to correlate an IP based on the peer ID and the port another option would be even if
the peer traffic is sent over tor which generally most people hopefully not going to do first of all using tor for BitTorrent is kind of frowned upon but if even if you did do it it's pretty slow thing to do so most people only configure the tracker for tor use not necessarily direct communication to other clients but even the pH of instant or if the DHT issues the distribute hash tables use the IP may still be revealed because you need be UDP packets aren't sent over tor so you can scrape the DHT and find out who all sharing that particular file based on peer ID and port ID you may also then be able to
because you didn't honor my someone via BitTorrent and figured out who they are did you see messages coming through that same circuit for that same tunnel and some other protocol like HTTP well you go what's come from the same circuit i've didn't analyze the BitTorrent use so i know it's the same person who's visiting this particular website so we can also leak out and cause issues for other protocols you're using at the same time another example of an
application floor i'd like to mention is a IRC and for a while that i was trying to keep a div an identity inside the ITP network and i kind of botched it but I was using pigeon as my IRC client and by default if you don't configure it the its identification whenever someone does a who is on your Nick in IRC they can find out what username you log into machine adds now in my case if you google up ITP and adrien it comes pretty quick to figure out who I am even though I was using a different while I was inside of IRC luckily you can fix this and this is going vary from
client to client you can go in and set a username in real name so you can put information that's not necessarily connected to you then when someone does
a who is it doesn't necessarily come up with the name that you log into the box with probably a good call
some general mitigations client wise make sure your browser is set to send all the traffic through the darknet you may wanna start using dotnet fire up a sniffer test a few protocols go hmm is anything leaking out to the public internet that wouldn't want people to see also look into setting up firewall rules in a box so that nothing can go out besides going out through the darknet support limit the plugins used if you decide that you want to use every single possible plugin out there you don't know where that they properly respect proxy settings your product will be hosed and using the separate browser like I keep a copy of the tor browser bundle that's also configured so I can switch between it and the IGP back and forth separate from everything else and then I want to use that for accessing these networks and I don't use my core web browser at all also you might want to check when you're using on these darknets visit only sites like the cloak or not net and not to click do click that net is from the same people to do the Metasploit project basically they try a bunch of different embedding a bunch of different file types like let's say Word docs and they try a few didn't plugins and so forth and try to get something not to respect your proxy settings in your browser and find out your real IP address that way but not to click is a somewhat similar it's more about I'm trying to figure out how it anonymous if you are via your user agent string and a few other factors like JavaScript where JavaScript returns and it tries to figure out out of this many hundreds of thousands of people how unique is your particular web browser obviously you don't want to be unique because if you are unique then you can be profiled also of course on the hidden server side don't want honorable web applications or any other kind of applications inside of a darknet if you do and someone happens to be a hit with an exploit doing a payload that doesn't reverse TCP connect well they quickly figure out who you are also don't want on a box that routes to the public Internet if you're gonna have a box that you want to host stuff as a hidden service or a tour EEP site there's no real reason it has to contact the internet other than just the dog net client and it could actually be running on a debit machine and on your network the darknet client could be running on another machine and just communicate and forward all the activity but the Box you're actually running can't directly contact the internet no matter what people say it and that might be a good call as well I noticed class of attack I like to talk
about is a attacks on central resources and infrastructure attacks as well as just general dos attacks now as far as dos attacks on individual hosts inside the network more unlikely most of the blunt of the damage was going to happen to all the nodes between you and them so it's probably more of a DDoS against the network than any individual hidden service inside of it there's a whole bunch of categories of general dos attacks in the network looks like starvation attacks where you maybe promise to give certain resources and don't petitioning attacks while you do various things in the network saying all right if I take out this particular one that's routing and this particular one is routing can I still get a message out I've split down the network and I start whittling it down towards a smaller cross-section and I have less possible people who have to look at and of course there's this flooding they're sending a crap ton of stuff into the dog net to disturb it standard DDoS attacks generally speaking will first survive people who do DDoS for the sake of political and being a political advocate thank you yeah just don't and if you're gonna do it definitely don't do it over stalkers you're going to be destroying tor not whoever you're targeting anyway but I find the maturity if you're in the free speech then pretty much at all times the else is wrong you can debate with me about that in the Q&A session later on I'm sure someone will want to share known infrastructure is also problem this is not necessarily a direct tack inside the darknet but if certain course servers out there like let's say the Tor directory servers are taken out well it comes really hard for people to be able to use tor if they can't figure out anybody to Vout through similar things with ITP if the ITP website went down a lot of people wouldn't know where to download the client also they have well they try to use a distributed system where you don't necessarily have to talk to a directory server to figure out other people you can bounce with it use a distributed hash table called net DB however there are certain reseeds that are used so that if you're a new client it was talks to these seeds to get the initial contacts inside the distributed hash table if you don't have that initial reseat if you can't contact that well you pretty much not gonna be to get in the network also of course total or severe blocking of the internet will keep a dark net from functioning at all
obviously now a few instants have happened in the past back in 2009 when China blocked some the Tor directory servers this caused huge issues with people being able to use tor luckily there's mitigations out there for that there's also of a general blocking of the internet that's happened like Egypt and Libya and Iran in more recent days so let's say someone tosses the
directory server if they do that then you can't find nodes throughout through if you can't find nodes throughout foo you can't get on tour ternal mitigation
well foretold of something called bridge nodes instead of having all these routers in tor be announced via the directory servers you can actually find out these grid nodes in other ways it could be something like email someone at the Tor project and they send you back a small list of bridge nodes or you could maybe meet someone at conference and say yeah I run a bridge node in that particular country here connect to this and I'll get you on the rest of the network the cool idea is not to have all your eggs in one basket where someone can easily block all access to tor distributed infrastructure may help for instance ITP instead of having poor directory servers tries to do everything in the distributed hash table where everybody is kind of responsible for sharing this information and once you get in the network and you've had some time to get well integrated into it this kind of information just comes to you and you it's sort of like a distributed database so that might help somewhat but even ITP does have some central infrastructure protocol alpha station may help in some cases so that people don't know that you were using tor ITP and I know both of those projects are working on better forms off Yusuke ssin because in some cases like I said before depending on what country you're working out of just the fact you're hiding something may be enough for someone to come knocking on your door also total it's the field blocking of the Internet that's a little bit harder problem to get around and this is one I would like to do more research on so if anybody has any information on this come up to me during the Q&A session I'd like to hear it mesh networks the core idea is a
finger kind of a girl I guess a layer one dark net where you basically build your own infrastructure so let's say you had some cheap hardware or some kind of wireless connectivity you could strip spread these nodes out across the geographical location and basically have Matt mission messages bounce around in them so this host may forward a message with this host to here to here to here to here and eventually get it out on the public Internet in some way now depending on the location though and the type of message you're trying to get out you may not necessarily be able to be fully integrated at all times and get a message out so it's also things like store-and-forward where essentially someone creates a message and let's say you made a client for phone systems where okay this person trying to get a message out they do a message and they carry it around the pocket whenever the phone comes from each of another phone that can send the message out it passes it along passes as long store and forward until eventually you can get to a place where that message gets out now obviously we're not talking about low latency protocols like HTTP for this but for an email just trying to get email out of a country the store and ford method might very well work so I'd like to be I'd be interested in seeing more work on mesh networks and easily deploying them to get around problems where people do complete blocking of the internet all
right for more phone info on mesh networks like a few resources for you I don't know if any clear frontrunners saying this is the technology we'd be able to use to quickly and cheaply deploy a bunch of nodes and the mesh network Wikipedia has a few entries of course also does the village infrastructure in a kit alpha project you might want to check out and maybe some of you've heard
about the whole internet in a suitcase project the new york times an article on that a while back with the US government is funding money so they can send these basically internet in a box to various countries to help dissidents out the
next category are attacking talk about a clock based attacks some protocol protocols out there like well HTTP for example allow you to check the remote systems clock so clock differences can be an issue if someone's clock is set way different in yours and way different than everybody else you contact in the network well that's a point of profiling major differences are easy spot minor differences a little bit more difficult but there has been some work on doing statistical analysis where you even if it's a very minor difference with enough time you can do your thing now a few
instances one major paper that's been in research circles on this would be Steve Murdoch's hot-or-not and this is a neat concept essentially different hardware has different reactions that when it gets hot its internal clock skew is a little bit and not all hardware is the same and not basically the same temperatures so you there's a sort of unique pattern to how much this internal clock skews so what he did is he said of his own private tour Network and there's some experimentation was able to at least partially the anonymize people or VN are honest nodes based on how different the clock was and he was using HTTP requests and pulling off the time header now unfortunately he was having to do this inside of it's been a while since I buy the full paper but he had to do this on his own private tour Network because the general tor network how many people have complained about tor network being slow so there's nothing it will jitter and so it's time out there already dick makes some types of attack hard to do because you don't know whether or not this guy two seconds off of my clock or did it just take two seconds for the message to get to me oh and in some cases this guy really five minutes off and take five minutes to get back to me there's also been some research on I to peacock differences and I'm going to show you a table here in a second for a project I did for tenacity a few months back but quicker
illustration just because I love putting
up these smiley computers you asked what time it is you get a report back you can start profiling well how different is this person for me and how different is he from everybody else in the network now
here's a table I generated and hopefully it's somewhat readable where I essentially went out there and looked at each node I could find inside of ITP that was running an each site and with Christmas Eve said hey give me this webpage and I took note of the time and at that particular time IPP didn't strip out the server headers so you knew what type of server it was if it would turn that information so I'd find out is this EEP site posted the Apache or iis or something else they've since stripped this out which was a great thing to do they're very responsive but let's ignore that for a second I was pulling down times and if the time is only a few seconds different for me that could very well be Network jitter it takes a while for that tunnel to build and for a message to get out my out tunnel into someone else's internal out their out tunnel and back into my internals that all takes time with multiple hops so a few seconds that probably isn't significant however when someone's almost a minute different than me and I found an IP address on the public Internet that I knew was using ITP that was about the same difference I have a good idea especially when I find out that the web server software was the same that those are probably the exact same box the reason I could know the IP addresses of the people who are using ITP is I basically scraped that distributed Table four all right give me all the eyepiece of anybody who's using this and sit there and wait for a while and log them and log them and log them and basically go out there and well this next graphic she'll illustrate that
better I'll do in a second see these texts can be kind of hard to pull off from the stand point actually don't illustrate in this one part of me essentially what I did was basically query all those websites inside of ITP via the each site address find out the time difference then create all those IP addresses see if we were running a web server find out its time difference in stored correlating them now some of these attacks this actually inverted mitigations in there already by their very nature mixed nets are gonna be slower than the public Internet case you have to hop through multiple proxies to be able to get anywhere so that little bit of timing jitter can obfuscate those clock differences also setting your clock to a reliable NTP server will probably help some protocols actually have stuff in place already to try to synchronize timers for instance ITP there's a lot of work to try to make sure that it's internal clock is set appropriately but I - Pease internal clock isn't necessary used to set the web server software that you're hosting for them so it only goes so far back to the NTP server thing I cynically outlined your head has to be reliable because if it's not reliable well using an NTP server that's reliably three minutes off it's still a point of profiling another class or attack that I
think is fascinating is a attacks in metadata using metadata to profile people now data first of all who all knows what metadata is all right I'm preaching to the crowd in metadata is essentially data about data all sorts of examples out there if you look at a PDF it might be embedded in who to offer it was same thing for word doc then those things like exif data that's inside JPEGs they might give you information like GPS coordinates lovely stuff way too many of the possibly name and in some older formats of a office Doc's they've actually embed a MAC address in your word doc now that's good profiling right there but that's been a while I think that was office 97 that did that now I don't know if anybody
who's actually been D anonymized inside of a dark net because of metadata but it's easy to see how someone could be let's say you're hosting some site inside of ITP or tor you have a bunch of PDFs on it someone start looking at these PDFs and going huh what can I find out about the person who offered it but to give you some examples of where people have been poned by metadata catch Swartz is one my favorite examples a few years back she took a sexy picture of herself where head leaned back smoking and she cropped it and posted up on her blog so people could you know look at the photo well when she crowded the sawfish she used didn't rewrite the X exif data one of the things that you xif data actually maintains besides just like things like GPS coordinates if someone does have to put him in there is of the application decide to put him in there it's a thumbnail well when she cropped the image the application to use crop the main image but did nothing to the thumbnail so let's just say that picture goes down a little bit further than what I have up on the screen right now another example would be demonstrated better known as the BTK killer way back before everybody in a had a computer in the home he taught the police and so forth and get away with it and they won't be able to taste him down I finished I think someone was writing a book on him and he decide to start turning the place again so he seems like a floppy disk with a wood dock on it to the police whoever taunt well they look at the word doc I guess they right clicked on and look at its properties and saw that it was offered by Denis and it was registered to some church so they go visit that church find the guy named Dennis and they caught him a funny example might be a I have no idea how to mask that man's handle some folks call him nephew Chan and if you Chan decide to post pictures of the appearing took of his iPhone of his aunt showering on 4chan 12 is not a good idea especially we don't sanitize data well anonymous being anonymous decides look at these JPEGs and goes hey you know what the GPS information is still in that exif data because at the time the iPhones a phone ended up as default and it was saying things like well tell your aunt word per-view unless you give us the rest of the pictures unfortunately my main sources for this are gone because uh encyclopedia dramatica that once was even deleted the article or well as it was it's now gone but at some point in time even before it was gone they leave the article luckily those archive.org which has a version of the page for many years ago if you want to be more about that story will help
mitigations there's not like and say here of then clean it out but that varies from application to application make sure that your applications don't have metadata going to your phone make sure you don't have it set to store GPS coordinates and so forth but of course apps vary from app to app on how well you can do this and how you do it local attacks okay at this point it's pretty much a lost cause but we'll talk
a little bit about them if someone has access to your local box well there's only so anonymous you can actually be because this this point comes down to you know classic data forensics date on your hard drive someone looking for cash urls memory forensics if necessary so
you to mitigate this that's just your general any forensics techniques and i have a three hour class out there on any forensics this would be things like using a boot CD using a boot USB so hopefully when you shut the Machine down and no one gets the memory fast enough or if you shut machine down and hold it away from the person attacking you like that for a little while you can hopefully get away with it though andrew
case has been doing some work on if you find a box that is currently booted from a live CD or USB looking at memory and being able to carve stuff and information out of that and he has this PDF out there on the blackhat website if you want to view it hopefully he'll be able to post this video sometime on his blog also of course full hard drive encryption is probably a good option now on to Sybil attacks and I asked earlier how many people hood is Sibylle attacks and not a whole lot have in this crowd that's because mostly that you see people refer to civil attacks it's usually in academia you don't see when we referred to it as much in the hakko scene but think of sock puppets one entity acting as many and those multiple reasons why someone who might want to do this this allows them to control something especially in systems that have a more distributed way of handling routing they might be to say let's say you're mixed nets based on a random walk where you randomly decide which way to go well it's possible that if someone controls more of those nodes and if some kind of peer profiling place saying who do you trust well if I can vote hey I don't want a thousand nodes and all of them vote this guy's trustworthy that's probably a bad thing it makes a lot of other attacks easier the more nodes that you own in the network the easier it is to pull off traffic analysis attacks you can see the data passing through you at more locations so to give you an illustration
of that all these nodes may look like the longer different people but at the
all control by the same person he can start manipulating the network in various ways for instance when his ITP the core people who are taking care of distributed hash table or if I would call like the flood fill routers there's only so many of these and it's partly based on what kind of resources they have so let's say you start controlling a large percentage of the flood fill routers put up a lot of boxes of a lot of bandwidth donate a lot to the network and then all of a sudden decide to stop manipulating them weird I'd be an example of a civil attack a whole bunch of nodes all can trick controlled by one
person now there's no absolute fixes out there for civil attacks you can make it cost more to have nodes in the network so if someone can't spin up 5,000 nodes in the network to try to manipulate it do it using some kind of proof-of-work algorithmic Hashcash how many people are familiar with Bitcoin Bitcoin then is similar concept you have cryptographic problems that are easy to check whether or not someone got them right but hard to actually calculate CPU wise or take longer to calculate CPU rise another mitigation that's out there both toe and ITP was strict peering between two nodes on the same / 16 IP network this is to keep you from hitting someplace and going okay you have a tunnel through this network but all the ISPs near town also all the IPS near ternal all belong to the same ISP and they can look at all of it that would not be so good for an amenity also central infrastructure may be somewhat more resilient to civil attacks though as I discussed earlier it has its own issues and are hopefully better peering and profiling strategies might help to be able to spot bad actors in the network there's also been some ideas put forth like a civil limit civil god and civil identifier which try to rely on real life social networks to decide whether or not as I understand it whether or not you should appear with somebody but after the whole Robin sage event yeah people appear if anyone people will allow other people to say to
their friends even if they're not next class of Taksim we'll talk about our traffic analysis attacks and as I said before academia really likes to focus on traffic analysis attacks that I really think the application layer stuff is where most people are gonna have issues as far as the identity being being revealed but it's all sorts of a classes
of this and there's lost subtle variations on how people profile on this traffic it could be things like timing of data exchanges the total amount of data someone sends in the network tagging of the traffic by colluding peers so that hey I'm the first stop iMessage the data I pass it along later on I see it again and going oh so I know who the person to contacted me on this note back here so I can make a connection there also it generally takes a more powerful adversary to pull off and it's really hard to defeat in low latency networks but low latency I mean things like HTTP we expect a quick response email systems well those could be made somewhat more resilient but to
give you an example this is a example of a one-way mesh network your ISPs view of
it might be something more like this once it gets out of your connection they may not know who else is talking to it but they can watch all the traffic going to and from you and may still be able to do some kind of correlation from that but let's go back to an earlier example
let's say all the data is encrypted lives as in tor and someone controls both your first hop and your last hop well you send in five Meg's of data they send back eight Meg's of data and this may also have timings to it like how many seconds between each exchange of data well that controls both the first hop and the last hop well even the quick information is encrypted they can go huh this person said 10 Meg's of data and I just received 10 minutes later on the exit point at the exit point I can actually unencrypted and look at it I can kind of draw a connection there or if they see a protocol it sends to care data rates three seconds since four care data and I see that same pattern later on even though it's encrypted and encrypted with a different key later on just that pattern that profile they can use to D anonymize another example might
be timing correlations like I was saying those that whole delay between exchanges between different nodes in the darknet it could also they got to do things like ddos nodes they know that are in the path and try to cause a certain pattern in that timing by overloading a server and making it delay other packets so they can impose the timing themselves if they happen to be in the path they can try to post data flow and tag it via timing though both tor and i TP I believe signed the data they're sending so they can't directly tag it but there might be a tag it'd be a timing I'm not sure I need to look deeper into the protocols for that also just change load in the path like I was mentioning before
mitigation of course more routers help the more about it you have the more people you have the bounce through more covert traffic will help because the more people out there talking the more confusing there would be to an adversary trying to figure out who's talking to who entry guards may help an entry guards is a concept that tor uses where essentially you have a certain set of points are always going to be your first hop and then you might somewhat randomly choose from there on out now the first obvious thing to do would be to randomly choose your path every single time the palm of this is eventually you may randomly choose someone who controls both or you may rarely choose a first hop and a last hop that controlled by the same person now it's granted it's true with entry guards you may have bad and eventually it was like it's true in tree guards you may eventually have you have really bad luck and on your initial setup choose someone who is malicious and so you're always being profiled no matter what but at least you have a chance of that in the case of a random choice every single time eventually with enough time someone's when we both first hop and the last top control both nodes and be a look at your traffic one-way tunnels may also help somewhat if your message is going out one set of nodes but it's not coming back the same path it should confuse some traffic analysis attacks short-lived tunnels may also help giving people less time to profile a bit of peer profiling to try to spot bad actors signing up the data of course and fixed speeds as nothing's been proposed to where someone only sends at a certain data rate of course and low latency networks this is hard to pull off not to mention a various darknets is slow enough as it is so if you limited in how fast they could communicate probably cost problems with people this also the idea of padding and chatting to where basically you pad a message so people can't see how big it is and later on you drop off some of that extra added useless data so that the same message is 5 K here 20 K here 4 K here and still gets out but it's hard to know whether not it was the same message originally the problem disappears it takes up extra bandwidth also non-trivial delays making a message wait a while before it's sent out can also confuse an attacker for low latency protocols like HTTP this rule isn't so much of an option but things for things like mail does it really matter if it gets to a minute from now or five minutes of now probably not then there's also intersection and correlation attacks this could be as
simple as knowing who's up in the hidden service at the same time as the public IP addresses available these techniques can be used to reduce an anonymity said maybe not necessary outweigh all right reveal someone but at least help me profile in you can use various harvesting attacks to find out who's inside of a dark net so you try to contact them outside the dog net and use information from that plus the existence inside the dog net to figure out who they are to give you an example of that
I'm using ping but a better example would be and TP request you might make an HTTP request to a bunch of nodes you know or inside the darknet well first you check the bunch of hidden services the see web not the up now then a bunch of suspect nodes and I on the public Internet you may make send requests to an M and see if they're up at the same time and yet profiling over long enough period you may eventually be a big yer out okay this particular hidden service or each site is down at the same time this particular IP address is down and B of the correlate those two are possibly the
same you can also do various things that
cut down the number of checks one minute okay what service software is running on the each side I mentioned that somewhat before you can harvest them in these IPS as possible is the web server on the public facing IP running the same daemon you can make a V host request and see if you can get the each site from the public facing IP address and if so you P you've found what box that is
mitigations well more nodes helps being a smaller needle and a larger haystack give them less data also helps which is a good thing while I to P we pulled out the server header in newer versions making harvesting and scraping harder checking out or check out my article on a DN on amaizing ITP later on I go into a lot more details of how those attacks work various links out there for if you
want more information on this and this is all on your DEF CON CD and thanks to
the comment organizers for having me tenacity helped me get the DEF CON my buddies from Derby con and the ice-t podcast and of course the open icon library for some of the artwork I used events and questions which I'll be doing back in the room
Feedback