如何使用 Ruby 构建 HTTP 请求并将其发送到 Tor 隐藏服务 [英] How to Build and Send an HTTP Request to a Tor Hidden Service with Ruby

问题描述

过去几天我一直在寻找这个问题的解决方案，虽然有很多半相关的问题，但没有一个答案显示了一个成功的用例，通过 Tor 发送一个成功的 HTTP 请求到使用 Ruby 的隐藏服务.

I've spent the last couple of days looking for a solution to this problem, and though there are quite a few semi-relevant questions, none of the answers show a successful use case for sending a successful HTTP request over Tor to a hidden service using Ruby.

在所有答案中似乎不清楚的一件事是 Tor 浏览器包如何充当请求的代理.

One thing that seems unclear in all the answers is how the Tor browser bundle acts as a proxy for requests.

我尝试了多种攻击途径，最近一次尝试适应此处的 PHP 代码 用于使用 Ruby CURL 库向隐藏服务发送 curl 请求.

I've tried multiple avenues of attack, the most recent being an attempt to adapt the PHP code here for sending curl requests to hidden services using Ruby CURL libraries.

这是我使用 Curb gem 的代码，它为 Ruby 实现了一些 libcurl 绑定:

This is my code using the Curb gem, which implements some of the libcurl bindings for Ruby:

require 'curb'

url = 'http://am4wuhz3zifexz5u.onion' #a known, functioning hidden service

c = Curl::Easy.new(url) do |curl| 
  curl.headers["User-Agent"] = "Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Firefox/24.0" #the user agent string from the most recent version of the tor browser
  curl.verbose = true
end

c.perform
c.inspect

然后我尝试通过socksify运行它，使用Tor浏览器包的代理设置指定的IP地址和端口:

I then tried to run this through socksify, using the IP address and port specified by the Tor browser bundle's proxy settings:

$ socksify_ruby 127.0.0.1 9150 tor-test/tor-test.rb

这产生了以下输出:

* Adding handle: conn: 0x7fb1fe195e00
* Adding handle: send: 0
* Adding handle: recv: 0
* Curl_addHandleToPipeline: length: 1
* - Conn 0 (0x7fb1fe195e00) send_pipe: 1, recv_pipe: 0
* Could not resolve host: jhiwjjlqpyawmpjx.onion
* Closing connection 0

我尝试过的每种方法都产生了类似的结果:无法解析隐藏服务的 URI

Every approach I've tried has produced a similar result: the URI for the hidden service cannot be resolved

有人能帮我解决这个问题或给我指明正确的方向吗?我觉得既然 Tor 浏览器可以以编程方式连接到隐藏的服务，我们都应该也能:)

Can anyone help me out here or point me in the right direction? I feel that since the Tor browser can connect programmatically to hidden services, we all should be able to as well : )

推荐答案

Curl 仅在您将其设置在curl"块中时才使用代理.

Curl only uses a proxy if you set it up in your "curl"-block.

例如:

c = Curl::Easy.new() do |curl| 
    curl.proxy_tunnel = true
    curl.proxy_type = Curl::CURLPROXY_SOCKS5 # also available and default Curl::CURLPROXY_HTTP
    curl.proxy_url = '127.0.0.1:9050' # local tor client/proxy
    curl.headers["User-Agent"] = "Mozilla/5.0 (Windows NT 6.1; rv:24.0) Gecko/20100101 Firefox/24.0" #the user agent string from the most recent version of the tor browser
    curl.verbose = true
    curl.url = url # your example url
    curl.perform
    curl.inspect
end

不幸的是 curl 不使用代理进行主机名解析.换句话说，我没有找到强制 curl 使用代理进行主机名解析的方法.

Unfortunately curl does not use the proxy for hostname resolution. In other words, I did't find a way to force curl to use the proxy for hostname resolution.

不过你可以试试

#enable socksify debug
Socksify::debug = true

#own try via direct use of socksify and Net::HTTP
uri = URI.parse('http://am4wuhz3zifexz5u.onion/') #a known, functioning hidden service

# some debug stuff - just ignore ;-)
puts uri
puts uri.host
puts uri.port
puts uri.path

res1 = Net::HTTP.SOCKSProxy('127.0.0.1', 9050).start(uri.host, uri.port) do |http| 
    http.get(uri.path)
end

这篇关于如何使用 Ruby 构建 HTTP 请求并将其发送到 Tor 隐藏服务的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！