Skip to content
GitLab
Closed
Issue created by juga@jugaMaintainer

Maybe implement resolving destination domain using Tor's RESOLVE and ADDRMAP events

In legacy/trac#28458 (moved) the domain of the destination was being resolved locally to check whether and exit policy allows to exit to the IP, which had 2 problems:

  • in the case that the destination is a CDN, the IP resolved locally would be different to the IP resolved by the exit.
  • it was returning the first IP found, without checking whether the scanner supported IPv6. The correct way would be to resolve the domain via Tor itself using RESOLVE and ADDRMAP events with that exit. While there are not too many circuits that fails (because the policy doesn't allow to exit to the destination IP), this is not a priority