Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Denis Makrushin - DeanonymizaTOR
Search
DC7499
May 22, 2015
Research
0
100
Denis Makrushin - DeanonymizaTOR
DEFCON Moscow 8
DC7499
May 22, 2015
Tweet
Share
More Decks by DC7499
See All by DC7499
Sergey Sobko - Hackashop: Hackathon + Pentest + Workshop [RU]
defcon
0
550
Dmitry Sklyarov - Intel ME: Security keys Genealogy, Obfuscation and other Magic
defcon
0
280
Anton Lopanitsyn - Initial reconnaissance of web applications.
defcon
0
300
Dmitry Volkov - Private messengers: without pain??
defcon
1
240
Andrey Skuratov and Sergey Migalin - DNS tunneling in 2018. What is that, and what to do with it?
defcon
2
210
Sergey Belov - Another side of Bug Bounty programs
defcon
0
300
Dmitry Sklyarov - Intel ME: Flash file system explained
defcon
0
530
Maxim Goryachiy & Mark Ermolov - Inside Intel Management Engine
defcon
0
620
Sergey Golovanov - Indecent Response 2018
defcon
0
540
Other Decks in Research
See All in Research
LLM-jp-3 and beyond: Training Large Language Models
odashi
1
550
Nullspace MPC
mizuhoaoki
1
270
心理言語学の視点から再考する言語モデルの学習過程
chemical_tree
2
670
snlp2025_prevent_llm_spikes
takase
0
390
20250624_熊本経済同友会6月例会講演
trafficbrain
1
730
Time to Cash: The Full Stack Breakdown of Modern ATM Attacks
ratatata
0
160
論文紹介:Safety Alignment Should be Made More Than Just a Few Tokens Deep
kazutoshishinoda
0
110
2021年度-基盤研究B-研究計画調書
trycycle
PRO
0
400
Pythonでジオを使い倒そう! 〜それとFOSS4G Hiroshima 2026のご紹介を少し〜
wata909
0
1.1k
AIスパコン「さくらONE」のLLM学習ベンチマークによる性能評価 / SAKURAONE LLM Training Benchmarking
yuukit
2
780
令和最新技術で伝統掲示板を再構築: HonoX で作る型安全なスレッドフロート型掲示板 / かろっく@calloc134 - Hono Conference 2025
calloc134
0
390
ウェブ・ソーシャルメディア論文読み会 第31回: The rising entropy of English in the attention economy. (Commun Psychology, 2024)
hkefka385
1
110
Featured
See All Featured
Product Roadmaps are Hard
iamctodd
PRO
55
11k
Measuring & Analyzing Core Web Vitals
bluesmoon
9
650
Facilitating Awesome Meetings
lara
57
6.6k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
367
27k
Become a Pro
speakerdeck
PRO
29
5.6k
Large-scale JavaScript Application Architecture
addyosmani
514
110k
How STYLIGHT went responsive
nonsquared
100
5.9k
Bootstrapping a Software Product
garrettdimon
PRO
307
110k
StorybookのUI Testing Handbookを読んだ
zakiyama
31
6.3k
Imperfection Machines: The Place of Print at Facebook
scottboms
269
13k
No one is an island. Learnings from fostering a developers community.
thoeni
21
3.5k
The Illustrated Children's Guide to Kubernetes
chrisshort
51
51k
Transcript
Немного лирики…
DeanonymizaTOR Denis Makrushin (@difezza) Maria Garnaeva Global Research and Analysis
Team
«Я знаю что ты делал прошлым летом»
… но как?!
Эксплойты, фингерпринтинг… ну-ну- да.
Flash, html5, entry-node detection… ну- ну-да.
Но КАК … … они нашли мой мегаприватный-0дей-форум?! … они
нашли мою квартиру?!
ПАССИВНАЯ СИСТЕМА СБОРА ДАННЫХ … ИЛИ КАК ОНИ НАШЛИ МОЙ
МЕГАПРИВАТНЫЙ-0ДЕЙ-ФОРУМ?!
>> ExitPolicy accept *:*
>>tshark –i 1 –w dump.pcap
Психологический портрет tor- пользователя
Психологический портрет. Часть 2.
13
14
АКТИВНАЯ СИСТЕМА СБОРА ДАННЫХ … ИЛИ КТО СТУЧИТСЯ В ДВЕРЬ
КО МНЕ?!
Traffic injection… ну-ну-да.
Скажи мне, кто ты
Такие разные печеньки
None
ТЕМ ВРЕМЕНЕМ В TBB
А ДАВАЙТЕ ТЕКСТ ПОМЕРЯЕМ
Measuretext
Proof-of-concept: готовим пациента
Proof-of-concept: делаем укольчик
СПОЙЛЕР: НЕ ТОЛЬКО MEASURETEXT ТУТ БЫЛ PHDAYS V
СПОЙЛЕР: АНАЛИЗИРУЕМ РЕЗУЛЬТАТ ТУТ БЫЛ PHDAYS V
XSS – головная боль onion-ресурсов
Вектор атаки
None
None
None
Wazzzzup?! twitter.com/difezza
[email protected]
defcon
odashi
mizuhoaoki
chemical_tree
takase
trafficbrain
ratatata
kazutoshishinoda
trycycle
wata909
yuukit
calloc134
hkefka385
iamctodd
bluesmoon
lara
cassininazir
speakerdeck
addyosmani
nonsquared
garrettdimon
zakiyama
scottboms
thoeni
chrisshort
![Wazzzzup?! twitter.com/difezza [email protected]](https://files.speakerdeck.com/presentations/a534fa1e5dcb49a9a2291dec751596b0/slide_31.jpg){kind=link}