Opened 15 months ago
Closed 12 months ago
#27822 closed defect (fixed)
TBA is leaking DNS
Reported by: | cypherpunks3 | Owned by: | tbb-team |
---|---|---|---|
Priority: | Medium | Milestone: | |
Component: | Applications/Tor Browser | Version: | |
Severity: | Normal | Keywords: | tbb-mobile tbb-proxy-bypass |
Cc: | Actual Points: | ||
Parent ID: | Points: | ||
Reviewer: | Sponsor: |
Description
TBA is making DNS queries outside proxy. Almost every domain is leaking.
Child Tickets
Change History (7)
comment:2 Changed 15 months ago by
Keywords: | tbb-proxy-bypass added |
---|---|
Parent ID: | → #21863 |
comment:3 Changed 15 months ago by
comment:4 Changed 15 months ago by
Status: | new → needs_information |
---|
Thanks for reporting this! How did you install TBA? Was this in an Android emulator? What Android version did you use? Can you provide more detail about how you tested this?
Thanks!
comment:5 Changed 15 months ago by
Parent ID: | #21863 |
---|
comment:6 Changed 14 months ago by
i tested this bug on android no leaks for me.
steps-
- install adway(root) click log dns and click tcpdump
- start orbot
- tested with tor alpha and orfox
- no leaks via proxy
- as expected normal browsing without tor showing dns request in the logs.
comment:7 Changed 12 months ago by
Resolution: | → fixed |
---|---|
Status: | needs_information → closed |
I think this got fixed in a recent alpha. Please reopen with steps to reproduce if anyone is still seeing issues.
Note: See
TracTickets for help on using
tickets.
Steps to reproduce this bug:
I opened a few websites in TBA and recorded the DNS replies using tcpdump. I opened ebay.com, craigslist.org, netflix.com, bing.com, twitter.com, pinterest.com, torproject.org, 3g2upl4pq6kufc4m.onion (duckduckgo onion address)
Here are the logs
q: A? ir.ebaystatic.com. 1/0/0 ir.ebaystatic.com. [5m] A 92.123.82.129 (51)
q: A? copenhagen.craigslist.dk. 1/0/0 copenhagen.craigslist.dk. [1h] A 208.82.237.2 (58)
q: A? assets.nflxext.com. 1/0/0 assets.nflxext.com. [5m] A 2.18.232.136 (52)
q: A? www.bing.com. 1/0/0 www.bing.com. [5m] A 13.107.21.200 (46)
q: A? abs.twimg.com. 1/0/0 abs.twimg.com. [5m] A 104.244.46.199 (47)
q: A? s.pinimg.com. 1/0/0 s.pinimg.com. [5m] A 23.35.115.223 (46)
q: A? www.torproject.org. 1/0/0 www.torproject.org. [5m] A 138.201.14.197 (52)
q: A? 3g2upl4pq6kufc4m.onion. 1/0/0 3g2upl4pq6kufc4m.onion. [1m] A 10.255.165.235 (56)
These replies only appear if DNS is leaking.