Closed thejustaguy closed 9 years ago
Are you getting a particular error message? If so, paste it in.
They're pointing out this: https://github.com/NullHypothesis/exitmap/blob/master/src/relayselector.py#L88-L89
Exitmap should check if a relay allows any exiting, not just that it has the exit flag. I think the tor client will use any relay that satisfies its exiting requirements under certain conditions.
Exitmap should check if a relay allows any exiting, not just that it has the exit flag. I think the tor client will use any relay that satisfies its exiting requirements under certain conditions.
That sounds like a good solution to me.
In addition, we should log a warning if a relay allows exiting but does not have the "Exit" flag.
If anyone wants to write a patch, please do so. I might be able to fix that in a week or so.
This is now fixed in commit https://github.com/NullHypothesis/exitmap/commit/1dd2eab2e50cc76db879720ae9ef58655b21a734.
Interestingly, right now there are 251 relays with some sort of exit policy which don't have the exit flag.
Thanks for reporting this, justaguyprojects!
@NullHypothesis I'd be careful here. This (stem's is_exiting_allowed()
) seems susceptible to the same problem as in #4 (complex exit policies are summarized as reject *
).
@arlolra, you are right, it's affected by the same issue, thanks for pointing this out. What do you think about patch https://github.com/NullHypothesis/exitmap/commit/ed94d1696e9401380265ee0d932d1d9d8b1ce953?
@NullHypothesis looks good. one comment inline
I merged the last changes in https://github.com/NullHypothesis/exitmap/commit/ff5696a0575c4c2a55efa509130dc75d1519258d. Thanks, everyone!
If a relay only allows exiting to port 80, and thus doesn't get an exit flag, exitmap won't scan it, and it won't get checked for .exe patching when i'm scanning with https://github.com/leviathansecurity/exitmap/blob/master/src/modules/patchingCheck.py