Skip to content

GitLab

GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

Closed
Created by Philipp Winter@phwMaintainer

Don't reveal proxy IDs in broker /debug

We just had the following discussion on IRC.

serna> If there are two proxies with the same sessionID
serna> When the broker does the proxyAnswers it does the idToSnowflake which proxy would it return?
serna> Suppose I'm an attacker, I would go to the broker's /debug page, scrape all the IDs and start sending requests to /proxy with those IDs continuously
  phw> cohosh, dcf1: ^
  phw> that's an interesting point. i'm not familiar enough with the code to answer this question but i'll forward it to snowflake's maintainers
serna> phw: I did a little PoC with two proxies sending the same id and the broker didnt care, but the dangerous part is when an offer is accepted by the proxy and it sends the answer
[...]
  phw> serna: this would effectively be a DoS issue, right? it may allow you to disable a given proxy.
serna> phw: yes I believe it would be. If it works like I think it could disable every proxy connected to the broker

Is this an issue in our broker implementation?