Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
S
Snowflake
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 44
    • Issues 44
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 5
    • Merge Requests 5
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Operations
    • Operations
    • Incidents
    • Environments
  • Analytics
    • Analytics
    • CI/CD
    • Repository
    • Value Stream
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Members
    • Members
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar

GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

  • The Tor Project
    • A
      Anti-censorship
  • Pluggable Transports
  • Snowflake
  • Issues
  • #31460

Closed
Open
Created Aug 20, 2019 by Philipp Winter@phwMaintainer

Don't reveal proxy IDs in broker /debug

We just had the following discussion on IRC.

serna> If there are two proxies with the same sessionID
serna> When the broker does the proxyAnswers it does the idToSnowflake which proxy would it return?
serna> Suppose I'm an attacker, I would go to the broker's /debug page, scrape all the IDs and start sending requests to /proxy with those IDs continuously
  phw> cohosh, dcf1: ^
  phw> that's an interesting point. i'm not familiar enough with the code to answer this question but i'll forward it to snowflake's maintainers
serna> phw: I did a little PoC with two proxies sending the same id and the broker didnt care, but the dangerous part is when an offer is accepted by the proxy and it sends the answer
[...]
  phw> serna: this would effectively be a DoS issue, right? it may allow you to disable a given proxy.
serna> phw: yes I believe it would be. If it works like I think it could disable every proxy connected to the broker

Is this an issue in our broker implementation?

Assignee
Assign to
None
Milestone
None
Assign milestone
Time tracking
None
Due date
None