Cable Forum - Leaky captcha deanonymised Silk Road

Cable Forum (https://www.cableforum.uk/board/index.php)

- Security & Virus Discussion (https://www.cableforum.uk/board/forumdisplay.php?f=38)

- - Leaky captcha deanonymised Silk Road (https://www.cableforum.uk/board/showthread.php?t=33698747)

Leaky captcha deanonymised Silk Road

Real IP of the server was leaked/transmitted in the http headers returned to a user when an incorrect captcha was entered on the login page.

Quote:

Ever since October 2013, when the FBI took down the online black market and drug bazaar known as the Silk Road, privacy activists and security experts have traded conspiracy theories about how the U.S. government managed to discover the geographic location of the Silk Road Web servers. Those systems were supposed to be obscured behind the anonymity service Tor, but as court documents released Friday explain, that wasn’t entirely true: Turns out, the login page for the Silk Road employed an anti-abuse CAPTCHA service that pulled content from the open Internet, thus leaking the site’s true location.

Krebs

US declaration of how they found it (PDF) http://ia700603.us.archive.org/21/it...22824.57.0.pdf

Re: Leaky captcha deanonymised Silk Road

Doubts cast over FBI 'leaky CAPTCHA' Silk Road rapture - Security bod says affadavit makes no sense

There are a few who were doing a lot of penetration testing of Silk Road who reckon it wasn't leaking ip's in headers like the FBI are saying. While http headers as well as the data in http replies in various configurations can leak that kind of data, there is enough reputable peeps saying it wasn't the case here.

Be it a 0-day exploit or info gained from other security researchers, it's looking like the FBI's explanation as to how they found Silk road is a bit fishy.

Re: Leaky captcha deanonymised Silk Road

I like my Onions on my burger thanks, the horizon program made very interesting viewing though, I may make a grand Tor! later.