DaemonForums  

Go Back   DaemonForums > Miscellaneous > Guides

Guides All Guides and HOWTO's.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 12th June 2016
e1-531g e1-531g is offline
ISO Quartermaster
 
Join Date: Mar 2014
Posts: 628
Default Mark Tor circuits as dirty

Sometimes Tor exit node is on some blocklists etc.
Web page can become non accessible using this exit node.
If somebody wants to make new connections using new exit node, then he/she could tell Tor client to mark existing circuits as dirty and this should result in new exit nodes for new connections. This can by achieved in OpenBSD's command line using sudo, netcat, Unix domain socket:

Code:
$ sudo -u user_of_tor_client /bin/sh -c "/usr/bin/nc -U /path/control.socket < /path/commands_to_send.txt"
assuming that:
Code:
$ cat /path/commands_to_send.txt
AUTHENTICATE "my_secret_password"
SIGNAL NEWNYM
QUIT
$ grep -e ControlSocket -e HashedControlPassword /etc/tor/torrc
ControlSocket /path/control.socket
HashedControlPassword 16:1CA21AAA4E359DC26020875994A29E1D634785C38EE663B1984833C086
# grep 'nc -U' /etc/sudoers 
open    r2d2=(user_of_tor_client) NOPASSWD: /bin/sh -c /usr/bin/nc -U /path/control.socket < /path/commands_to_send.txt
and that open is the user executing sudo command and r2d2 is hostname.

Hash of password can be generated using:
Code:
tor --hash-password "my_secret_password" 
16:1CA21AAA4E359DC26020875994A29E1D634785C38EE663B1984833C086
__________________
Signature: Furthermore, I consider that systemd must be destroyed.
Based on Latin oratorical phrase
Reply With Quote
  #2   (View Single Post)  
Old 28th June 2016
hanzer's Avatar
hanzer hanzer is offline
Real Name: Adam Jensen
just passing through
 
Join Date: Oct 2013
Location: EST USA
Posts: 314
Default

Or, from a shell:
Code:
printf "AUTHENTICATE \"password\"\r\nSIGNAL NEWNYM\r\n" | nc -w 1 127.0.0.1 9051
Assuming /etc/tor/torrc contains something like:
Code:
SOCKSPolicy accept 127.0.0.1/16
ControlPort 9051
Reply With Quote
  #3   (View Single Post)  
Old 29th June 2016
e1-531g e1-531g is offline
ISO Quartermaster
 
Join Date: Mar 2014
Posts: 628
Default

Yes, but I think that Unix domain socket is more secure. I think that because you can restrict access to socket, like to any file, using traditional Unix file permissions.
__________________
Signature: Furthermore, I consider that systemd must be destroyed.
Based on Latin oratorical phrase
Reply With Quote
Reply

Tags
tor, unix domain socket

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
when fsck takes plus but can't mark filesystem clean daemonfowl OpenBSD Installation and Upgrading 3 20th September 2012 03:52 PM
One of the World's Smallest Electronic Circuits Created Beastie News 0 9th December 2011 08:41 PM
'Mark-of-the-Beast' bug topples Java apps J65nko News 0 8th February 2011 01:38 AM
Dirty, dirty PCs: The X-rated picture guide (office and home safe) J65nko Off-Topic 9 25th January 2010 07:49 AM
Mark forum read Darwimy Feedback and Suggestions 1 10th June 2008 09:23 PM


All times are GMT. The time now is 11:02 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick