Tor is one of the best and freely available privacy software that lets people communicate anonymously online through a series of nodes that is designed to provide anonymity for users and bypass Internet censorship.
An exit node, the final destination in the series of servers Tor users hop through to acquire privacy, can be set up quickly and anonymously, without the need to give away contact information. Whilst Tor has protections in place to prevent snooping via those exit relays, and regularly votes on which ones to block, if users visit sites with poorly implemented security, such as where session cookies are sent in the clear, they can still be spied on.
Attackers can also use some of these relays to disrupt or prevent encrypted communications between a user and a web server, known as an sslstrip attack. While the HTTP Strict Transport Security policy prevents sslstrip, it is still an effective attack against many large-scale websites with Yahoo being one of them as of January 2014.
Man-in-the-middle attacks that grab SSL certificates can also be carried out over the nasty relays and DNS-based attacks too.
“EXITMAP PERFORMS A TASK OVER ALL TOR EXIT RELAYS” _
By creating their Python-based tool, the researchers said they enabled “continuous and crowd-sourced measurements rather than one-time scans”, looking for attacks such as those named above. The method involves provoking exit relays to tamper with the researchers’ connections, revealing their malicious activity.
The modular architecture of exit map allows it to scan the entire Tor network in seconds without taking up too much bandwidth, the whitepaper claimed.
However, exit map could also be used for malicious purposes. “It can be used for various unintended – and even unethical – purposes. For example, modules for web site scraping or online voting manipulation come to mind,” the paper read.
THE MODULAR ARCHITECTURE OF EXITMAP _
_ ALLOWS IT TO SCAN THE ENTIRE TOR NETWORK IN SECONDS _
_ exitmap _ is a fast and modular Python-based scanner for Tor exit relays. Modules implement tasks which can be executed over all exit relays or a subset of them. The tool uses Stem to initiate circuits over all given exit relays and as soon as
tor notifies exitmap of an established circuit, a module is invoked over the newly established circuit. Among other things, exitmap has been used to check for false positives on the Tor Project’s check service..
Tool uses the library Stem to communicate with Tor. On Debian jessie and newer, you can install Stem by executing:
# apt-get install python-stem
You can run exitmap with the checktest module by executing:
$ python exitmap.py checktest
To run the same test over German exit relays only, execute:
$ python exitmap.py -C DE checktest
Source && Download