使用 python 连接到 .onion 网络 [英] Connecting to .onion network with python
问题描述
我想让 python 从控制台进入 .onion 站点,下面的示例可以在 python 中使用 tor 但是当我尝试连接到 .onion 站点时,它给出了诸如名称或服务未知"之类的错误,我该如何解决这个?
示例代码:
导入套接字进口袜子导入 httplib定义连接器():socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5,"127.0.0.1",9050,True)socket.socket = 袜子.socksocket打印连接到 tor"定义新身份():主机 = '127.0.0.1'袜子.setdefaultproxy()s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)s.connect((HOST,9051))s.send("认证\r\n")响应 = s.recv(128)如果 response.startswith("250"):s.send("SIGNAL NEWNYM\r\n"),s.close()连接器()def readPage(页面):conn = httplib.HTTPConnection(页面)conn.request("GET","/")响应 = conn.getresponse()打印 (response.read())定义主():连接器()打印Tor Ip 地址:"readPage("my-ip.heroku.com")打印\n\n"readPage("od6j46sy5zg7aqze.onion")返回 0如果 __name__ == '__main__':主要的()我认为这是你的问题,但我可能错了.
您依赖于monkeypatching socket.socket 来强制HTTPConnection 使用您的SOCKS5 代理与TOR 对话.但是HTTPConnection 调用socket.create_connection,它依次调用socket.getaddrinfo 来解析名称,然后再调用socket.socket 创建套接字.而 getaddrinfo 不使用 socket.所以,它没有打补丁,所以它不会与你的 SOCKS5 代理通信,所以它使用你的默认名称解析器.
这适用于代理连接到普通互联网主机,因为 TOR 将为my-ip.heroku.com"返回与普通名称解析器相同的 DNS 结果.但它不适用于od6j46sy5zg7aqze.onion",因为您的普通名称解析器中没有 .onion TLD.
如果你好奇,可以查看的源码HTTPConnection.connect、socket.create_connection 和 getaddrinfo(C 语言中的最后一个,并根据您的平台分散在整个模块中).
那么,你是如何解决这个问题的?好吧,看看两个被称为 socks 的 SOCKS5 模块,其中一个有一个可以直接用猴子补丁代替 create_connection 的函数(它的 API 不相同,但它是足够接近 HTTPConnection 需要的东西);另一个没有,但你可以很容易地写一个(只需调用 socks.socksocket 然后调用它的 connect 方法).或者你可以修改 HTTPConnection 来创建一个 socket.socket 并调用它的 connect 方法.
最后,您可能想知道为什么大多数不同的 socks 模块都有一个 setdefaultproxy 函数,该函数带有一个名为 remote_dns 的参数,专门声明它会导致远程执行 DNS 解析,而这实际上不起作用.好吧,如果您使用 socks.socksocket,它确实可以工作,但是如果您使用 socket.getaddrinfo,它可能无法工作.
顺便说一下,如果您还没有阅读 DnsResolver 和TorifyHOWTO,在继续之前阅读它们,因为只是想一起打在不知道其工作原理的情况下工作的代码几乎肯定会导致您(或您的用户)在您认为自己是匿名的情况下泄露信息.
I want make python to get into .onion sites from console, below example can use tor in python but when i try to connect to .onion sites it gives error such as "Name or service not known", how do i fix this ?
Sample Code:
import socket
import socks
import httplib
def connectTor():
socks.setdefaultproxy(socks.PROXY_TYPE_SOCKS5,"127.0.0.1",9050,True)
socket.socket = socks.socksocket
print "Connected to tor"
def newIdentity():
HOST = '127.0.0.1'
socks.setdefaultproxy()
s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
s.connect((HOST,9051))
s.send("AUTHENTICATE\r\n")
response = s.recv(128)
if response.startswith("250"):
s.send("SIGNAL NEWNYM\r\n"),
s.close()
connectTor()
def readPage(page):
conn = httplib.HTTPConnection(page)
conn.request("GET","/")
response = conn.getresponse()
print (response.read())
def main():
connectTor()
print "Tor Ip Address :"
readPage("my-ip.heroku.com")
print "\n\n"
readPage("od6j46sy5zg7aqze.onion")
return 0
if __name__ == '__main__':
main()
I think this is your problem, but I may be wrong.
You're relying on monkeypatching socket.socket to force HTTPConnection to use your SOCKS5 proxy to talk to TOR. But HTTPConnection calls socket.create_connection, which in turns calls socket.getaddrinfo to resolve the name before calling socket.socket to create the socket. And getaddrinfo doesn't use socket. So, it's not patched, so it's not talking to your SOCKS5 proxy, so it's using your default name resolver.
This works fine for proxying connections to normal internet hosts, because TOR is going to return the same DNS result for "my-ip.heroku.com" as your normal name resolver. But it won't work for "od6j46sy5zg7aqze.onion", because there is no .onion TLD in your normal name resolver.
If you're curious, you can see the source to HTTPConnection.connect, socket.create_connection, and getaddrinfo (the last in C, and scattered throughout the module depending on your platform).
So, how do you solve this? Well, looking at two of the SOCKS5 modules that are called socks, one has a function that could be directly monkeypatched in place of create_connection (its API is not identical, but it's close enough for what HTTPConnection needs); the other doesn't, but you could pretty easily write one (just call socks.socksocket and then call its connect method). Or you could modify HTTPConnection to create a socket.socket and call its connect method.
Finally, you may be wondering why most of the different socks modules have a setdefaultproxy function that with a parameter named remote_dns that specifically claims it causes DNS resolving to be performed remotely, when that doesn't actually work. Well, it does work if you use a socks.socksocket, but it can't possibly work if you use socket.getaddrinfo.
By the way, if you haven't read DnsResolver and TorifyHOWTO, read them before going any further, because just trying to slap together code that works without knowing why it works is almost guaranteed to lead to you (or your users) leaking information when you thought you were being anonymous.
这篇关于使用 python 连接到 .onion 网络的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
