Your web proxy has been bypassed :-o

  • 30 Replies
  • 10005 Views

0 Members and 1 Guest are viewing this topic.

*

Offline RD

  • Neilep Level Member
  • ******
  • 8169
    • View Profile
Your web proxy has been bypassed :-o
« on: 17/01/2012 23:13:14 »
When checking the security of the anonymouse.org (sic) web-proxy I got this anonymity test result ...

Quote
" Your web proxy has been bypassed using HTML comments and CSS "

[attachment=15868]


It correctly got my IP which should have been hidden by the proxy.

Can anything be done to avoid this data leak ? [I'm using FireFox if that's relevant ]
« Last Edit: 17/01/2012 23:21:45 by RD »

*

Offline CliffordK

  • Neilep Level Member
  • ******
  • 6321
  • Site Moderator
    • View Profile
Re: Your web proxy has been bypassed :-o
« Reply #1 on: 18/01/2012 04:31:57 »
Ouch..
I'm not sure why you are using the anonymous proxy...

But...
It sounds a bit like a fuzzbuster (which is legal in much of the USA), but police sure don't like them if you get caught using one, and they might give you a ticket if you have a fuzzbuster, when otherwise you might just get a warning.

*

Offline RD

  • Neilep Level Member
  • ******
  • 8169
    • View Profile
Re: Your web proxy has been bypassed :-o
« Reply #2 on: 18/01/2012 08:39:12 »
I'm not sure why you are using the anonymous proxy...

There are legitimate uses for an anonymous web proxy, [here are 21 examples].

The " Your web proxy has been bypassed" warning above was produced by me testing how anonymous the anonymouse.org proxy was:  it's not a warning ticket from cyberpolice.

The anonymouse.org proxy service claims it hides your IP and uses theirs ... 

[attachment=15870]

I'll try the test with another browser to see if the leak is specific to FireFox.
« Last Edit: 18/01/2012 08:46:09 by RD »

*

Offline RD

  • Neilep Level Member
  • ******
  • 8169
    • View Profile
Re: Your web proxy has been bypassed :-o
« Reply #3 on: 18/01/2012 09:45:02 »
I'll try the test with another browser to see if the leak is specific to FireFox.

Apparently it's not specific to Anonymouse+FireFox combo ...

Quote

The following list contains some web proxy providers, whose services are fully or partially broken by the anonymity test. This is only a small selection of the best-known sites. However, all currently existing web proxies are affected.

[attachment=15872]
http://ip-check.info/description.php

*

Offline syhprum

  • Neilep Level Member
  • ******
  • 3886
    • View Profile
Re: Your web proxy has been bypassed :-o
« Reply #4 on: 18/01/2012 10:45:52 »
Using a free software Proxify you can still get into "Wiki".
syhprum

*

Offline RD

  • Neilep Level Member
  • ******
  • 8169
    • View Profile
Re: Your web proxy has been bypassed :-o
« Reply #5 on: 18/01/2012 12:21:29 »
Proxify (unlike anonymouse) does pass the anonymity test if you tick all the tickable Proxyify boxes.

« Last Edit: 18/01/2012 22:06:29 by RD »

*

Offline syhprum

  • Neilep Level Member
  • ******
  • 3886
    • View Profile
Re: Your web proxy has been bypassed :-o
« Reply #6 on: 18/01/2012 19:20:31 »
please let me Know how to make this test.
syhprum

*

Offline CliffordK

  • Neilep Level Member
  • ******
  • 6321
  • Site Moderator
    • View Profile
Re: Your web proxy has been bypassed :-o
« Reply #7 on: 18/01/2012 19:27:18 »
If Java lets it through...  that is a big leak.
The problem with blocking Java is that so many websites (intentionally) block functionality when Java is blocked, and I presume the number will increase.

Did you try the experiment with a Torrent Client?

There are some services that create a VPN which likely is more robust than merely using a Proxy.

*

Offline syhprum

  • Neilep Level Member
  • ******
  • 3886
    • View Profile
Re: Your web proxy has been bypassed :-o
« Reply #8 on: 18/01/2012 20:58:13 »
The free version of "Proxify" does not allow me to get into "The pirate bay" it say paying members only.
syhprum

*

Offline CliffordK

  • Neilep Level Member
  • ******
  • 6321
  • Site Moderator
    • View Profile
Re: Your web proxy has been bypassed :-o
« Reply #9 on: 18/01/2012 21:12:59 »
The issue isn't as much getting into a website such as PirateBay, but rather, when you run a torrent client, it reports your IP address for all to see.

So, anybody that joins the torrent swarm can see your IP address and see that you are downloading/uploading the same item they are.

But, I can imagine that the proxy/vpn services have premium services.

*

Offline RD

  • Neilep Level Member
  • ******
  • 8169
    • View Profile
Re: Your web proxy has been bypassed :-o
« Reply #10 on: 18/01/2012 22:00:00 »
please let me Know how to make this test.

 Via your proxy go to http://ip-check.info/?lang=en  then click on "START TEST!" ,
This is an anonymity test to see if your IP and browser particulars, (which could be used to identify you), are being transmitted. A proxy shouldn't pass on this type of info.
« Last Edit: 18/01/2012 22:10:30 by RD »

*

Offline syhprum

  • Neilep Level Member
  • ******
  • 3886
    • View Profile
Re: Your web proxy has been bypassed :-o
« Reply #11 on: 19/01/2012 07:29:57 »
When I run this text I get only one red warning on HTTP time too long I do not know if this can be corrected in IE9, anyway I might well want the circuit to be open for more than 10 minutes.
syhprum

*

Offline RD

  • Neilep Level Member
  • ******
  • 8169
    • View Profile
Re: Your web proxy has been bypassed :-o
« Reply #12 on: 19/01/2012 08:29:59 »
Using the (admittedly old) firefox-based Tor browser Namoroka, hides the IP but gives away a unique browser ID ...

[attachment=15884]


« Last Edit: 19/01/2012 08:37:08 by RD »

*

Offline RD

  • Neilep Level Member
  • ******
  • 8169
    • View Profile
Re: Your web proxy has been bypassed :-o
« Reply #13 on: 23/01/2012 19:56:13 »
All Green  [8D] ...

[attachment=15917]



« Last Edit: 23/01/2012 20:08:43 by RD »

*

Offline syhprum

  • Neilep Level Member
  • ******
  • 3886
    • View Profile
Re: Your web proxy has been bypassed :-o
« Reply #14 on: 24/01/2012 12:27:37 »
I can download and run the TOR bundle but when I try to run the test on the aurora browser it demands a logon !
syhprum

*

Offline Geezer

  • Neilep Level Member
  • ******
  • 8328
  • "Vive la rÚsistance!"
    • View Profile
Re: Your web proxy has been bypassed :-o
« Reply #15 on: 24/01/2012 18:52:29 »
I can download and run the TOR bundle but when I try to run the test on the aurora browser it demands a logon !

Just hack RD's account.
There ain'ta no sanity clause, and there ain'ta no centrifugal force Šther.

*

Offline syhprum

  • Neilep Level Member
  • ******
  • 3886
    • View Profile
Re: Your web proxy has been bypassed :-o
« Reply #16 on: 24/01/2012 19:33:45 »
Apart from ethical considerations I do not have the technical skills to do so
syhprum

*

Offline RD

  • Neilep Level Member
  • ******
  • 8169
    • View Profile
Re: Your web proxy has been bypassed :-o
« Reply #17 on: 24/01/2012 19:34:05 »
I can download and run the TOR bundle but when I try to run the test on the aurora browser it demands a logon !

Just hack RD's account.

Do they need someone for an "Aurora" voice-over ? ... https://www.youtube.com/watch?v=RfnsVqwF05M#t=18s

 ["Aurora" could be included in Parliamo Glasgow, ("are all the") ].
« Last Edit: 24/01/2012 19:36:51 by RD »

*

Offline syhprum

  • Neilep Level Member
  • ******
  • 3886
    • View Profile
Re: Your web proxy has been bypassed :-o
« Reply #18 on: 24/01/2012 21:14:57 »
Although I am familiar with the Tayside accent having had many trips to D C Thomson I do not find it much help getting TOR working.
syhprum

*

Offline RD

  • Neilep Level Member
  • ******
  • 8169
    • View Profile
Re: Your web proxy has been bypassed :-o
« Reply #19 on: 24/01/2012 22:36:32 »
I can download and run the TOR bundle but when I try to run the test on the aurora browser it demands a logon !

Press "cancel" a couple of times and the login on the anonymity test goes away,
(the response time is slow with Tor, give it a minute) ...
[attachment=15933]

tor-browser-2.2.35-4_en-US (Aurora) on Vista, from https://www.torproject.org/projects/torbrowser.html.en ...

[attachment=15937]
« Last Edit: 25/01/2012 11:23:47 by RD »

*

Offline syhprum

  • Neilep Level Member
  • ******
  • 3886
    • View Profile
Re: Your web proxy has been bypassed :-o
« Reply #20 on: 24/01/2012 23:45:12 »
I eventualy got a report from ip-check.info (you have to cancel the request for a login) but it had the same errors as your one and told me to remove a cache but I have not as yet worked out how to do this.
I am glad I am not in some police state trying to pass vital infomation before the police get to me.
syhprum

*

Offline syhprum

  • Neilep Level Member
  • ******
  • 3886
    • View Profile
Re: Your web proxy has been bypassed :-o
« Reply #21 on: 25/01/2012 13:41:02 »
With enough patience it can be made to work but you only get 48 hours of high speed operation free otherwise it reverts to 40kb/s.
it only seems to work with Firefox which is a nuisance as I need IE9 for banking.
I do not need this anonymity but it was a challenge to get it working
syhprum

*

Offline RD

  • Neilep Level Member
  • ******
  • 8169
    • View Profile
Re: Your web proxy has been bypassed :-o
« Reply #22 on: 25/01/2012 20:15:36 »
... remove a cache but I have not as yet worked out how to do this.

How to disable FireFox cache is described here ... http://www.wilderssecurity.com/showthread.php?t=309748

NB: modifying settings in "about:config" can ruin the browser.

I think this is the best that can be done using Aurora Tor (no reds ) ...

[attachment=15949]
« Last Edit: 25/01/2012 20:47:21 by RD »

*

Offline syhprum

  • Neilep Level Member
  • ******
  • 3886
    • View Profile
Re: Your web proxy has been bypassed :-o
« Reply #23 on: 25/01/2012 20:33:53 »
I think the very slow dowload of the free versions of these programs is the real bugbear, to pay for the full version is quite expensive and would only be justified if you had delicate information to exchange.
Of course if the authorities supected you they would check with your bank and find you had paid for this service and adjust their interrogation techniques acordingly
syhprum

*

Offline nicephotog

  • Sr. Member
  • ****
  • 390
  • H h H h H h H h H h
    • View Profile
    • Freeware Downloads
Re: Your web proxy has been bypassed :-o
« Reply #24 on: 29/01/2012 08:04:14 »
CSS3 files (.css or .css3) can contain DOM level 3 javascript/DHTML , you'd need to switch off javascript and CSS in your browser.

note ("A" tag or link as its rendered):
a href="http://url.com"
is a "get" request and hence in a "form" tag

form name="aform" method="get" action="http://url.com"
input type="hidden" name="val" value="some information of my ip 127.0.0.1"
/form

becomes exactly the same when submitted as either a "form" or "a"
http://url.com?aform=&val=some%20information%20of%20my%20ip%20127.0.0.1

so if i add a script to a page or css file level3 that says
aform.submit();

then it sends.
with the platform e.g. windows ActiveX can be used with explorer or Opera to interface WSH scripting containing AJAX
and in UNIX systems Moz browsers carry their w3c.org spec. version of AJAX and XUL with XUL scripting , Mac has its version of javascript based on Moz/w3c.org javascript for AJAX.

*

Offline RD

  • Neilep Level Member
  • ******
  • 8169
    • View Profile
Re: Your web proxy has been bypassed :-o
« Reply #25 on: 29/01/2012 13:26:26 »
... you'd need to switch off javascript and CSS in your browser.

Thanks Nicephotog: disabling CSS prevented the data leak with the Anonymouse web-proxy (which gave away my IP) ...

[attachment=15972]

« Last Edit: 29/01/2012 13:36:47 by RD »

*

Offline nicephotog

  • Sr. Member
  • ****
  • 390
  • H h H h H h H h H h
    • View Profile
    • Freeware Downloads
Re: Your web proxy has been bypassed :-o
« Reply #26 on: 29/01/2012 19:46:13 »
CDATA sections of XML also contain javascript re: markup comments

*

Offline RD

  • Neilep Level Member
  • ******
  • 8169
    • View Profile
Re: Your web proxy has been bypassed :-o
« Reply #27 on: 29/01/2012 20:19:30 »
I checked with and without javascript enabled, anonymity was achieved with both,
provided CCS was disabled when using anonymouse.org

*

Offline CliffordK

  • Neilep Level Member
  • ******
  • 6321
  • Site Moderator
    • View Profile
Re: Your web proxy has been bypassed :-o
« Reply #28 on: 29/01/2012 21:11:59 »
it only seems to work with Firefox which is a nuisance as I need IE9 for banking.

Good thing I don't use your bank, as I don't have IE Anything loaded on my computer   [xx(]

*

Offline RD

  • Neilep Level Member
  • ******
  • 8169
    • View Profile
Re: Your web proxy has been bypassed :-o
« Reply #29 on: 29/01/2012 23:03:37 »
NB: The exit node in a mix network like Tor can read unencrypted data ...

Quote
The Tor website includes a diagram showing that the last leg of traffic is not encrypted, and also warns users that "the guy running the exit node can read the bytes that come in and out of there." But Egerstad says that most users appear to have missed or ignored this information.

Unless they're surfing to a website protected with SSL encryption, or use encryption software like PGP, all of their e-mail content, instant messages, surfing and other web activity is potentially exposed to any eavesdropper who owns a Tor server. This amounts to a lot of eavesdroppers -- the software currently lists about 1,600 nodes in the Tor network.
  http://www.wired.com/politics/security/news/2007/09/embassy_hacks?currentPage=all


« Last Edit: 29/01/2012 23:21:11 by RD »

*

Offline nicephotog

  • Sr. Member
  • ****
  • 390
  • H h H h H h H h H h
    • View Profile
    • Freeware Downloads
Re: Your web proxy has been bypassed :-o
« Reply #30 on: 30/01/2012 08:55:09 »
...and following from this , CDATA sections of XML also contain javascript re: markup comments

After around 2005 "XHTML" was approved as the standard document type, it almost comes in two varieties of generic comapnies versions but is effectively W3C.ORG specified.

XHTML is HTML added to a new document model classified as XML , so its an XML document, the same can be done on your mobile phone because it uses WML script and WML. WML is a subset of HTML and later XHTML(XML document).

Of the comments , CSS can be embedded in the (X)HTML(can have file extension .html .xhtml .xhtm .htm .xml dependant the pragmas in the declaration and versioning) page or placed in a seperate file associated the page and act inside that part of the document model it is placed for scope(usually the HEAD tag note: is a "document version" of the "server response headers").
CSS itself in version 3 spec can have DHTML/Javascript(note: Javascript is not Java2) among the declarations.
Because of the new XML type of HTML document there were new rules made about how to declare Javascript and CSS and as much in old HTML the Javascript are all wrapped in standard HTML markup comments.
pure XML can also have javascript too, HTML is effectively "render" markup , XML is purely "data markup" though there is a minimal interfacing to XML documents can be done with CSS to render it.

Quote
"the guy running the exit node can read the bytes that come in and out of there."
Where your information goes into the server.... (obviously you have done nothing to it or the server "node" would not understand your garble.)