Hi everybody.
This moment there was a commit switching TOR support from HTTP proxy (e.g.:
Polipo, Privoxy,...) to SOCKS proxy (directly toward TOR service).
This was done because of two important things:
1) HTTP proxies between TOR and the user tend to do mischievousness deeds,
like filtering some "suspicious" spam-like page content or stripping pages.
Anyway, this was doing very bad things toward sqlmap in some cases (to be
exact, Privoxy is really the worst example)
2) Maybe the most important "why" is the tendency of some of those HTTP
proxies to somehow loose the "use Tor's SOCKS proxy at localhost:9050"
every here and there completely leaving you without the "anonymity" that
TOR offers. This was causing major headache to me and to be honest, I don't
want anyone to loose "privacy" because of this kind of Polipo or Privoxy
behavior. Hence the switch --check-tor which was added for you to be able
to check for yourself if you were "loosing" the anonymity because of
similar behavior. With SOCKS proxy utilization sqlmap will now directly
communicate with the TOR service giving you the best anonymity.
So, I would just ask you all who like to use --tor switch to really test
it thoroughly and report any bugs you encounter. This way we'll be able to
stabilize it to the greatest extent.
Kind regards
--
Miroslav Stampar
http://about.me/stamparm
------------------------------------------------------------------------------
All the data continuously generated in your IT infrastructure
contains a definitive record of customers, application performance,
security threats, fraudulent activity, and more. Splunk takes this
data and makes sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-novd2d
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users
