yadakhov / torelay Goto Github PK
View Code? Open in Web Editor NEWA simple TOR relay app.
Home Page: https://torelay.com/
License: MIT License
A simple TOR relay app.
Home Page: https://torelay.com/
License: MIT License
http://www.reddit.com/r/webdev/comments/382vw9/a_simple_tor_relay_website_i_coded_over_the/crs611c
This is a really cool idea.
I tried it at work with kickass.to but I just got back a bunch of garbled text (this is just a small sample):
��}�v�H��s�+�ٷ�Ҕ��J�G���d�E���z||�@�DXXD���2g�d�b�<���������I� "�봻K$�̈"#c��W�8�xx���1$#���+� �#?�_7I2~��;�L��F�]ն��k,� ��n�I��Z��{��{5� #X��_S��u�0$�r:� ��_� �Nv�K�X��u����ؽP'���VpN/W؈�n\y|2�d���s��k�_y����/��Oc�����T�.���'^,��p9�
Hi!
It looks like you use a certain set of user agents to obscure the fact that the data is coming from torelay.com instead of a regular client. As of my understanding of the TOR network it would be better to send the user agent of the latest TOR Browser Bundle ("Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Firefox/31.0"), which is used by all TOR Browser instances on all platforms to make the torelay.com traffic more difficult to differentiate from regular TOR traffic.
--rec0de
Whenever a captcha is presented after submission a "Sorry, the page you are looking for could not be found." error is returned.
Examples:
https://torelay.com/?url=4chan.org
https://torelay.com/?url=thepiratebay.la
Some url such as jquery cdn and bootstrap cdn doesn't need to go through URL injection.
Hi!
I just looked trough your code and noticed that the Roboto Webfont is loaded over plaintext HTTP even if the main connection is TLS encrypted.
This causes a 'mixed content' warning in Firefox (and perhaps Chrome?)
Additionaly I would suggest enabling HSTS headers to prevent downgrading attacks.
Thanks for creating this :)
-- rec0de
Hello.
https://torelay.com/?url=www.pandora.com
http://i.imgur.com/SHi5OQN.png
Is this a limitation or a bug? (Tested FF & Chrome)
Thanks
composer create-project yadakhov/torelay mytor
FTW
Hi!
It looks like your use of 'CURLOPT_HTTPHEADER' is incorrect as you only set the Useragent, not the entire header. Viewing ipnumber.info trough torelay shows that an empty user agent is sent.
If you want to send header values you have to prefix them with the name of the value you want to change (see http://curl.haxx.se/libcurl/c/CURLOPT_HTTPHEADER.html).
As you are only sending the user agent for now, I would suggest replacing 'CURLOPT_HTTPHEADER' with 'CURLOPT_USERAGENT'.
--rec0de
If you click on certain links to stuff like "./blah.html" it will take you to "torelay.com/blah.html" instead of "torelay.com/?url=website.com/blah.html"
Media stream takes up too much bandwidth
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.