search

s-rah / onionscan

OnionScan is a free and open source tool for investigating the Dark Web.
https://twitter.com/OnionScan
Other
2.89k stars 600 forks source link

Scan Hanging. #51

Closed jessekrembs closed 8 years ago

jessekrembs commented 8 years ago

I've noted that some sites seem to trigger a scan hang. I have set the time out (-timeout 1) but the scan still seems to hang right after the mod_status check.

onionscan -timeout 1 -depth 0 -verbose hafacwgmrntoolno.onion 2016/06/14 11:43:56 Starting Scan of hafacwgmrntoolno.onion 2016/06/14 11:43:56 This might take a few minutes..

2016/06/14 11:43:56 Checking hafacwgmrntoolno.onion http(80) 2016/06/14 11:43:56 Found potential service on http(80) 2016/06/14 11:43:59 HTTP response headers: 2016/06/14 11:43:59 CONTENT-TYPE : text/html 2016/06/14 11:43:59 VARY : Accept-Encoding 2016/06/14 11:43:59 X-FRAME-OPTIONS : sameorigin 2016/06/14 11:43:59 X-XSS-PROTECTION : 1; mode=block 2016/06/14 11:43:59 ACCEPT-RANGES : bytes 2016/06/14 11:43:59 X-CONTENT-TYPE-OPTIONS : nosniff 2016/06/14 11:43:59 DATE : Tue, 14 Jun 2016 18:46:51 GMT 2016/06/14 11:43:59 SERVER : Apache 2016/06/14 11:43:59 LAST-MODIFIED : Wed, 02 Sep 2015 09:26:18 GMT 2016/06/14 11:43:59 ETAG : "ac27-51ec04248c771-gzip" 2016/06/14 11:44:00 Apache mod_status Not Exposed...Good!

any idea, this might be the occurring? I'm running a new version I just grabbed from onion scan.

jessekrembs commented 8 years ago

Sorted it out with latest version of the script.

s-rah commented 8 years ago

Reopening this as I've seen this in my latest large scale scan. Although I think all protocol scan related timeout issues are solved.

I believe that the hangs are waiting to receive a response from an overloaded tor proxy, and it never responding (for one reason or another) - As a short mitigation we should likely kill a scan if it has been going for longer than a given timeout with no progress. We should also dive into why this is happening and see if there is a better fix.

I've also seen decreased performance on the --list option as time goes on (fewer and fewer successful connections) - I think both are related although I've not had time to dive into this in depth. Interestingly I do not see this decreased performance when spinning up a new onionscan run each time - only when the program accepts a list - although in both cases I have seen hangs.