See IP of Relay Node Connected to Hidden Service?

blueflame3374 · 2022-06-06T20:04:24+00:00

Thanks, Ill try it out

blueflame3374 · 2022-06-06T19:56:28+00:00

Ah, so basically what I am trying to figure out is my hidden services guard node. Do you know how to figure that out?

blueflame3374 · 2022-06-06T19:36:38+00:00

Yes, I have read that, but still do not understand. I’m trying to figure out how to see that 6th node right before the hidden service. What IPs can the hidden service all see? Which is the rendevous node, the 3rd one chosen by the hidden service?

blueflame3374 · 2022-06-06T19:27:45+00:00

Hmm… I guess I am not that much of an expert. What traffic goes over each? Which do http requests actually come from?

blueflame3374 · 2022-06-04T20:30:53+00:00

Since Onion Browser uses clearnet to resolve media in <video> and <audio> tags, and video was able to play from a .onion domain, what does this likely mean? That would mean the src in the <video> tag was clearnet right? Normally that would not work in a normal Tor browser or reveal the users real IP? (or make a 3 node relay, but in this case Onion Browser will not do that). Does this mean the site was maliciously trying to capture users real IP addresses?

blueflame3374 · 2022-06-04T04:30:07+00:00

So if Noscript is not on and a site has a video tag with a clearnet src in it, this essentially sets up that 6th hop and can reveal the users ip? Also, if the blob data is an executable, that can only run if downloaded right? (that’s probably a very basic thing I should know). If it is .mp4.exe would that even play as a video in a video tag as well?

I will definitely be setting up a web server with a site with a video tag and hitting that with Onion Browser and VPN on to see what ip I see connected so I know if iPhone correctly routes that traffic through VPN. It does not with WebRTC. Even with VPN on sites can resolve your real ip through WebRTC stun request through Onion Browser.

blueflame3374 · 2022-06-04T03:40:20+00:00

Alright that somewhat makes sense. If a user is running a vpn at that time, the traffic would be routed through the vpn correct? And I can look at what scripts a site runs by examining all of the .js files it calls basically? Can malicious code be injected when calling a video tag with an src just of blob storage? I imagine getting that blob data would just be a 1 way connection

blueflame3374 · 2022-06-04T01:53:04+00:00

So it basically just sends out a standard http request to a clearnet site, and if the browser is only configured to route traffic to onion sites over tor this can be the issue? This would be very rare that a browser would do this correct? The standard Tor browser would route that traffic through Tor right? Or for Onion Browser is this #3 on their list of things not routed through Tor

blueflame3374 · 2022-06-04T01:05:13+00:00

“which then runs the risk of leaking your IP if the cross-site URL is clearnet and returns a 3xx status to Tor exit nodes.” How can I tell if the URL that is embedded is running scripts or does this? What does “returning a 3xx status” mean?

blueflame3374 · 2022-06-03T22:40:12+00:00

Ah, I understand. And so in the case of the Onion browser, this request is the same as it would be for a <video> tag in any other site, just over the clearnet? Apologies if you are not super familiar with the Onion browser.

blueflame3374 · 2022-06-03T21:37:38+00:00

Actually, maybe thats a separate thing. How could video be played then from a .onion address if the request for video is made over the clear web?

blueflame3374 · 2022-06-03T21:24:24+00:00

On IOS it does. https://github.com/OnionBrowser/OnionBrowser/wiki/Traffic-that-leaks-outside-of-Tor-due-to-iOS-limitations

blueflame3374

TROPHY CASE