Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Denis Makrushin - DeanonymizaTOR
Search
DC7499
May 22, 2015
Research
0
100
Denis Makrushin - DeanonymizaTOR
DEFCON Moscow 8
DC7499
May 22, 2015
Tweet
Share
More Decks by DC7499
See All by DC7499
Sergey Sobko - Hackashop: Hackathon + Pentest + Workshop [RU]
defcon
0
530
Dmitry Sklyarov - Intel ME: Security keys Genealogy, Obfuscation and other Magic
defcon
0
270
Anton Lopanitsyn - Initial reconnaissance of web applications.
defcon
0
290
Dmitry Volkov - Private messengers: without pain??
defcon
1
230
Andrey Skuratov and Sergey Migalin - DNS tunneling in 2018. What is that, and what to do with it?
defcon
2
210
Sergey Belov - Another side of Bug Bounty programs
defcon
0
300
Dmitry Sklyarov - Intel ME: Flash file system explained
defcon
0
510
Maxim Goryachiy & Mark Ermolov - Inside Intel Management Engine
defcon
0
590
Sergey Golovanov - Indecent Response 2018
defcon
0
510
Other Decks in Research
See All in Research
Ad-DS Paper Circle #1
ykaneko1992
0
5.6k
SkySense : A Multi-Modal Remote Sensing Foundation Model Towards Universal Interpretation for Earth Observation Imagery
satai
3
250
Self-supervised audiovisual representation learning for remote sensing data
satai
3
230
(NULLCON Goa 2025)Windows Keylogger Detection: Targeting Past and Present Keylogging Techniques
asuna_jp
2
540
Collaborative Development of Foundation Models at Japanese Academia
odashi
2
560
EOGS: Gaussian Splatting for Efficient Satellite Image Photogrammetry
satai
4
300
AIによる画像認識技術の進化 -25年の技術変遷を振り返る-
hf149
6
3.6k
Transparency to sustain open science infrastructure - Printemps Couperin
mlarrieu
1
190
Minimax and Bayes Optimal Best-arm Identification: Adaptive Experimental Design for Treatment Choice
masakat0
0
110
Computational OT #1 - Monge and Kantorovitch
gpeyre
0
190
SSII2025 [TS2] リモートセンシング画像処理の最前線
ssii
PRO
7
2.9k
Towards a More Efficient Reasoning LLM: AIMO2 Solution Summary and Introduction to Fast-Math Models
analokmaus
2
280
Featured
See All Featured
Exploring the Power of Turbo Streams & Action Cable | RailsConf2023
kevinliebholz
34
5.9k
A better future with KSS
kneath
238
17k
The Illustrated Children's Guide to Kubernetes
chrisshort
48
50k
Building a Scalable Design System with Sketch
lauravandoore
462
33k
jQuery: Nuts, Bolts and Bling
dougneiner
63
7.8k
Rails Girls Zürich Keynote
gr2m
95
14k
The Pragmatic Product Professional
lauravandoore
35
6.7k
Product Roadmaps are Hard
iamctodd
PRO
54
11k
Code Review Best Practice
trishagee
69
18k
Site-Speed That Sticks
csswizardry
10
690
The MySQL Ecosystem @ GitHub 2015
samlambert
251
13k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
126
53k
Transcript
Немного лирики…
DeanonymizaTOR Denis Makrushin (@difezza) Maria Garnaeva Global Research and Analysis
Team
«Я знаю что ты делал прошлым летом»
… но как?!
Эксплойты, фингерпринтинг… ну-ну- да.
Flash, html5, entry-node detection… ну- ну-да.
Но КАК … … они нашли мой мегаприватный-0дей-форум?! … они
нашли мою квартиру?!
ПАССИВНАЯ СИСТЕМА СБОРА ДАННЫХ … ИЛИ КАК ОНИ НАШЛИ МОЙ
МЕГАПРИВАТНЫЙ-0ДЕЙ-ФОРУМ?!
>> ExitPolicy accept *:*
>>tshark –i 1 –w dump.pcap
Психологический портрет tor- пользователя
Психологический портрет. Часть 2.
13
14
АКТИВНАЯ СИСТЕМА СБОРА ДАННЫХ … ИЛИ КТО СТУЧИТСЯ В ДВЕРЬ
КО МНЕ?!
Traffic injection… ну-ну-да.
Скажи мне, кто ты
Такие разные печеньки
None
ТЕМ ВРЕМЕНЕМ В TBB
А ДАВАЙТЕ ТЕКСТ ПОМЕРЯЕМ
Measuretext
Proof-of-concept: готовим пациента
Proof-of-concept: делаем укольчик
СПОЙЛЕР: НЕ ТОЛЬКО MEASURETEXT ТУТ БЫЛ PHDAYS V
СПОЙЛЕР: АНАЛИЗИРУЕМ РЕЗУЛЬТАТ ТУТ БЫЛ PHDAYS V
XSS – головная боль onion-ресурсов
Вектор атаки
None
None
None
Wazzzzup?! twitter.com/difezza
[email protected]