Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Denis Makrushin - DeanonymizaTOR
Search
DC7499
May 22, 2015
Research
0
100
Denis Makrushin - DeanonymizaTOR
DEFCON Moscow 8
DC7499
May 22, 2015
Tweet
Share
More Decks by DC7499
See All by DC7499
Sergey Sobko - Hackashop: Hackathon + Pentest + Workshop [RU]
defcon
0
560
Dmitry Sklyarov - Intel ME: Security keys Genealogy, Obfuscation and other Magic
defcon
0
290
Anton Lopanitsyn - Initial reconnaissance of web applications.
defcon
0
310
Dmitry Volkov - Private messengers: without pain??
defcon
1
240
Andrey Skuratov and Sergey Migalin - DNS tunneling in 2018. What is that, and what to do with it?
defcon
2
220
Sergey Belov - Another side of Bug Bounty programs
defcon
0
320
Dmitry Sklyarov - Intel ME: Flash file system explained
defcon
0
550
Maxim Goryachiy & Mark Ermolov - Inside Intel Management Engine
defcon
0
650
Sergey Golovanov - Indecent Response 2018
defcon
0
560
Other Decks in Research
See All in Research
CoRL2025速報
rpc
4
4.2k
世界の人気アプリ100個を分析して見えたペイウォール設計の心得
akihiro_kokubo
PRO
66
37k
ForestCast: Forecasting Deforestation Risk at Scale with Deep Learning
satai
3
390
令和最新技術で伝統掲示板を再構築: HonoX で作る型安全なスレッドフロート型掲示板 / かろっく@calloc134 - Hono Conference 2025
calloc134
0
550
svc-hook: hooking system calls on ARM64 by binary rewriting
retrage
1
100
音声感情認識技術の進展と展望
nagase
0
470
HU Berlin: Industrial-Strength Natural Language Processing with spaCy and Prodigy
inesmontani
PRO
0
220
Pythonでジオを使い倒そう! 〜それとFOSS4G Hiroshima 2026のご紹介を少し〜
wata909
0
1.3k
J-RAGBench: 日本語RAGにおける Generator評価ベンチマークの構築
koki_itai
0
1.3k
競合や要望に流されない─B2B SaaSでミニマム要件を決めるリアルな取り組み / Don't be swayed by competitors or requests - A real effort to determine minimum requirements for B2B SaaS
kaminashi
0
750
[IBIS 2025] 深層基盤モデルのための強化学習 驚きから理論にもとづく納得へ
akifumi_wachi
19
9.6k
LLMアプリケーションの透明性について
fufufukakaka
0
140
Featured
See All Featured
Typedesign – Prime Four
hannesfritz
42
2.9k
4 Signs Your Business is Dying
shpigford
187
22k
SEO in 2025: How to Prepare for the Future of Search
ipullrank
3
3.3k
The Anti-SEO Checklist Checklist. Pubcon Cyber Week
ryanjones
0
69
Groundhog Day: Seeking Process in Gaming for Health
codingconduct
0
94
Fantastic passwords and where to find them - at NoRuKo
philnash
52
3.6k
Efficient Content Optimization with Google Search Console & Apps Script
katarinadahlin
PRO
1
330
Heart Work Chapter 1 - Part 1
lfama
PRO
5
35k
Jess Joyce - The Pitfalls of Following Frameworks
techseoconnect
PRO
1
67
Navigating the Design Leadership Dip - Product Design Week Design Leaders+ Conference 2024
apolaine
0
180
KATA
mclloyd
PRO
34
15k
JavaScript: Past, Present, and Future - NDC Porto 2020
reverentgeek
52
5.8k
Transcript
Немного лирики…
DeanonymizaTOR Denis Makrushin (@difezza) Maria Garnaeva Global Research and Analysis
Team
«Я знаю что ты делал прошлым летом»
… но как?!
Эксплойты, фингерпринтинг… ну-ну- да.
Flash, html5, entry-node detection… ну- ну-да.
Но КАК … … они нашли мой мегаприватный-0дей-форум?! … они
нашли мою квартиру?!
ПАССИВНАЯ СИСТЕМА СБОРА ДАННЫХ … ИЛИ КАК ОНИ НАШЛИ МОЙ
МЕГАПРИВАТНЫЙ-0ДЕЙ-ФОРУМ?!
>> ExitPolicy accept *:*
>>tshark –i 1 –w dump.pcap
Психологический портрет tor- пользователя
Психологический портрет. Часть 2.
13
14
АКТИВНАЯ СИСТЕМА СБОРА ДАННЫХ … ИЛИ КТО СТУЧИТСЯ В ДВЕРЬ
КО МНЕ?!
Traffic injection… ну-ну-да.
Скажи мне, кто ты
Такие разные печеньки
None
ТЕМ ВРЕМЕНЕМ В TBB
А ДАВАЙТЕ ТЕКСТ ПОМЕРЯЕМ
Measuretext
Proof-of-concept: готовим пациента
Proof-of-concept: делаем укольчик
СПОЙЛЕР: НЕ ТОЛЬКО MEASURETEXT ТУТ БЫЛ PHDAYS V
СПОЙЛЕР: АНАЛИЗИРУЕМ РЕЗУЛЬТАТ ТУТ БЫЛ PHDAYS V
XSS – головная боль onion-ресурсов
Вектор атаки
None
None
None
Wazzzzup?! twitter.com/difezza
[email protected]
defcon
rpc
akihiro_kokubo
.png){kind=avatar}
satai
calloc134
retrage
nagase
inesmontani
wata909
koki_itai
kaminashi
akifumi_wachi
fufufukakaka
hannesfritz
shpigford
ipullrank
ryanjones
codingconduct
philnash
katarinadahlin
lfama
techseoconnect
apolaine
mclloyd
reverentgeek
![Wazzzzup?! twitter.com/difezza [email protected]](https://files.speakerdeck.com/presentations/a534fa1e5dcb49a9a2291dec751596b0/slide_31.jpg){kind=link}