On Thu, 2012-10-04 at 05:07 +0300, Sampo Syreeni wrote:
> On 2012-10-03, Ted Smith wrote:
>
> > So it actually assumes that the targeted hidden service is running a
> > Tor relay _and_ an open HTTP server.
>
> The basic attack pattern is extensible to a relay and any service which
> can be corr
On Wed, Oct 03, 2012 at 01:21:19PM -0400, Ted Smith wrote:
> > # calculates the clockskew and then finds a corrilating
> > # tor relay with an open http server with the same skew
> >
> So it actually assumes that the targeted hidden service is running a Tor
> relay _and_ an open HTTP server.
In t
From the script (pastebin link):
> #!/usr/bin/env python2.7
> #
> # clockskewer.py -- skewers http servers in onionland to an ip address
> #
> # This script takes advantage of the fact that no one
> # in onionland configures their http server correctly
> # by having it send datetime stamps in eve
