Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
Trac
Trac
  • Project overview
    • Project overview
    • Details
    • Activity
  • Issues 246
    • Issues 246
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Operations
    • Operations
    • Metrics
    • Incidents
  • Analytics
    • Analytics
    • Value Stream
  • Wiki
    • Wiki
  • Members
    • Members
  • Activity
  • Create a new issue
  • Issue Boards
Collapse sidebar

GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

  • Legacy
  • TracTrac
  • Issues
  • #31460

Closed (moved)
Open
Created Aug 20, 2019 by Philipp Winter@phw

Don't reveal proxy IDs in broker /debug

We just had the following discussion on IRC.

serna> If there are two proxies with the same sessionID
serna> When the broker does the proxyAnswers it does the idToSnowflake which proxy would it return?
serna> Suppose I'm an attacker, I would go to the broker's /debug page, scrape all the IDs and start sending requests to /proxy with those IDs continuously
  phw> cohosh, dcf1: ^
  phw> that's an interesting point. i'm not familiar enough with the code to answer this question but i'll forward it to snowflake's maintainers
serna> phw: I did a little PoC with two proxies sending the same id and the broker didnt care, but the dangerous part is when an offer is accepted by the proxy and it sends the answer
[...]
  phw> serna: this would effectively be a DoS issue, right? it may allow you to disable a given proxy.
serna> phw: yes I believe it would be. If it works like I think it could disable every proxy connected to the broker

Is this an issue in our broker implementation?

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
None
Milestone
None
Assign milestone
Time tracking
None
Due date
None