Proof of concept deanonymizing I2P/TOR users

10 Oct 2012

This has a very small attack surface, but it is designed to show you how important it is to have proper settings on your I2P/TOR browser.

I used to have these bad settings myself so I am writing to make others aware of the danger.
(This video at 4:35 shows how I had it set up when it was vunerable)

Note how I use regex to chose the proxy settings. This allows for an attacker to trick my browser to call a server outside of the I2P network.

If this shows your normal IP address and not the TOR/I2P (localhost) then you must review your proxysettings!

Here is a image of me accessing the I2P version of this blog with bad proxy settings.

blog comments powered by Disqus