Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Denis Makrushin - DeanonymizaTOR
Search
DC7499
May 22, 2015
Research
0
100
Denis Makrushin - DeanonymizaTOR
DEFCON Moscow 8
DC7499
May 22, 2015
Tweet
Share
More Decks by DC7499
See All by DC7499
Sergey Sobko - Hackashop: Hackathon + Pentest + Workshop [RU]
defcon
0
560
Dmitry Sklyarov - Intel ME: Security keys Genealogy, Obfuscation and other Magic
defcon
0
280
Anton Lopanitsyn - Initial reconnaissance of web applications.
defcon
0
310
Dmitry Volkov - Private messengers: without pain??
defcon
1
240
Andrey Skuratov and Sergey Migalin - DNS tunneling in 2018. What is that, and what to do with it?
defcon
2
220
Sergey Belov - Another side of Bug Bounty programs
defcon
0
310
Dmitry Sklyarov - Intel ME: Flash file system explained
defcon
0
550
Maxim Goryachiy & Mark Ermolov - Inside Intel Management Engine
defcon
0
640
Sergey Golovanov - Indecent Response 2018
defcon
0
550
Other Decks in Research
See All in Research
若手研究者が国際会議(例えばIROS)でワークショップを企画するメリットと成功法!
tanichu
0
130
Sat2City:3D City Generation from A Single Satellite Image with Cascaded Latent Diffusion
satai
4
460
Panopticon: Advancing Any-Sensor Foundation Models for Earth Observation
satai
3
530
【NICOGRAPH2025】Photographic Conviviality: ボディペイント・ワークショップによる 同時的かつ共生的な写真体験
toremolo72
0
110
Self-Hosted WebAssembly Runtime for Runtime-Neutral Checkpoint/Restore in Edge–Cloud Continuum
chikuwait
0
260
AIスーパーコンピュータにおけるLLM学習処理性能の計測と可観測性 / AI Supercomputer LLM Benchmarking and Observability
yuukit
1
420
[Devfest Incheon 2025] 모두를 위한 친절한 언어모델(LLM) 학습 가이드
beomi
2
1.4k
Mamba-in-Mamba: Centralized Mamba-Cross-Scan in Tokenized Mamba Model for Hyperspectral Image Classification
satai
3
410
POI: Proof of Identity
katsyoshi
0
120
スキマバイトサービスにおける現場起点でのデザインアプローチ
yoshioshingyouji
0
270
AIスパコン「さくらONE」のLLM学習ベンチマークによる性能評価 / SAKURAONE LLM Training Benchmarking
yuukit
2
930
A History of Approximate Nearest Neighbor Search from an Applications Perspective
matsui_528
1
130
Featured
See All Featured
The State of eCommerce SEO: How to Win in Today's Products SERPs - #SEOweek
aleyda
2
9.2k
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
12
990
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
9
1k
Into the Great Unknown - MozCon
thekraken
40
2.2k
Heart Work Chapter 1 - Part 1
lfama
PRO
3
35k
Crafting Experiences
bethany
0
24
Visualizing Your Data: Incorporating Mongo into Loggly Infrastructure
mongodb
48
9.8k
Building Flexible Design Systems
yeseniaperezcruz
330
39k
The #1 spot is gone: here's how to win anyway
tamaranovitovic
1
880
Design in an AI World
tapps
0
100
Lightning Talk: Beautiful Slides for Beginners
inesmontani
PRO
1
410
The Hidden Cost of Media on the Web [PixelPalooza 2025]
tammyeverts
2
130
Transcript
Немного лирики…
DeanonymizaTOR Denis Makrushin (@difezza) Maria Garnaeva Global Research and Analysis
Team
«Я знаю что ты делал прошлым летом»
… но как?!
Эксплойты, фингерпринтинг… ну-ну- да.
Flash, html5, entry-node detection… ну- ну-да.
Но КАК … … они нашли мой мегаприватный-0дей-форум?! … они
нашли мою квартиру?!
ПАССИВНАЯ СИСТЕМА СБОРА ДАННЫХ … ИЛИ КАК ОНИ НАШЛИ МОЙ
МЕГАПРИВАТНЫЙ-0ДЕЙ-ФОРУМ?!
>> ExitPolicy accept *:*
>>tshark –i 1 –w dump.pcap
Психологический портрет tor- пользователя
Психологический портрет. Часть 2.
13
14
АКТИВНАЯ СИСТЕМА СБОРА ДАННЫХ … ИЛИ КТО СТУЧИТСЯ В ДВЕРЬ
КО МНЕ?!
Traffic injection… ну-ну-да.
Скажи мне, кто ты
Такие разные печеньки
None
ТЕМ ВРЕМЕНЕМ В TBB
А ДАВАЙТЕ ТЕКСТ ПОМЕРЯЕМ
Measuretext
Proof-of-concept: готовим пациента
Proof-of-concept: делаем укольчик
СПОЙЛЕР: НЕ ТОЛЬКО MEASURETEXT ТУТ БЫЛ PHDAYS V
СПОЙЛЕР: АНАЛИЗИРУЕМ РЕЗУЛЬТАТ ТУТ БЫЛ PHDAYS V
XSS – головная боль onion-ресурсов
Вектор атаки
None
None
None
Wazzzzup?! twitter.com/difezza
[email protected]
defcon
tanichu
.png){kind=avatar}
satai
toremolo72
chikuwait
yuukit
beomi
katsyoshi
yoshioshingyouji
matsui_528
aleyda
tammyeverts
addyosmani
thekraken
lfama
bethany
mongodb
yeseniaperezcruz
tamaranovitovic
tapps
inesmontani
![Wazzzzup?! twitter.com/difezza [email protected]](https://files.speakerdeck.com/presentations/a534fa1e5dcb49a9a2291dec751596b0/slide_31.jpg){kind=link}