Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Где заканчивается анонимность в анонимных сетях

743 views

Published on

Где заканчивается анонимность в анонимных сетях

  • Be the first to comment

Где заканчивается анонимность в анонимных сетях

  1. 1. TOR, I2P, FREENET… FOR WHAT?
  2. 2. DEANONYMIZATOR … THE END OF ANONYMITY ON ANONYMOUS NETWORKS Denis Makrushin (@difezza), Maria Garnaeva Global Research and Analysis Team
  3. 3. «I KNOW WHAT YOU DID LAST SUMMER»
  4. 4. … BUT HOW?!
  5. 5. EXPLOITS, FINGERPRINTING… YEP-YEP.
  6. 6. FLASH, HTML5, ENTRY-NODE DETECTION… YEP-YEP.
  7. 7. BUT HOW … … did they found my mega-private-0day-forum?! … did the found me?!
  8. 8. PASSIVE DATA COLLECTION SYSTEM … OR HOW DID THE FOUND MY MEGA-PRIVATE-0DAY-FORUM?!
  9. 9. >> EXITPOLICY ACCEPT *:*
  10. 10. >>TSHARK –I 1 –W DUMP.PCAP
  11. 11. TOR-USER’S PSYCHOLOGICAL PORTRAIT
  12. 12. PSYCHOLOGICAL PORTRAIT. PART TWO.
  13. 13. BlackMarket, 14.32 DDoS- campaign, 3.03 FinancialServ ices, 2.82 DarknetHost er, 1.86 Russian, 1.70 Leaks&Servi ces, 1.70 Pedophile, 1.65 Asian, 0.85 Pornographie , 0.85 Hacker&Mali cious, 0.80 Search Engines, 0.64 Gambling, 0.53 Arabic, 0.11 Other 19% Common 59% No Content 22%
  14. 14. ACTIVE DATA COLLECTION SYSTEM … OR KNOCK-KNOCK, DUDE!
  15. 15. TRAFFIC INJECTION… YEP-YEP.
  16. 16. TELL ME, WHO ARE YOU?
  17. 17. SO DIFFERENT COOKIES
  18. 18. MEANWHILE, IN TOR BROWSER
  19. 19. LET ME MEASURE YOUR TEXT
  20. 20. GETBOUNDINGCLIENTRECT() FONT VALUE Impact 3409372 Georgia 3344049 Courier New 3430809 Consolas 3392005 MS Gothic 3383290
  21. 21. “YEP-YEP, WE KNOW” – TOR PROJECT
  22. 22. PROOF-OF-CONCEPT: PREPARING PATIENT
  23. 23. PROOF-OF-CONCEPT: INJECT IT!
  24. 24. PROOF-OF-CONCEPT: ANALYZE IT!
  25. 25. XSS IS A PAIN OF ONION
  26. 26. VECTOR OF ATTACK
  27. 27. I KNOW YOU BY THE FONTS
  28. 28. THANK YOU! QUESTIONS? denis.makrushin@kaspersky.com maria.garnaeva@kaspersky.com http://twitter.com/difezza

×