mini-tor
mini-tor is a proof-of-concept utility for accessing internet content and hidden service content (.onion) via tor routers. this utility is aiming for as smallest size as possible (currently ~47kb, compressed with kkrunchy ~20kb), which is achieved by using Microsoft CryptoAPI/CNG instead of embedding OpenSSL.
Usage
accessing internet content via mini-tor:
> mini-tor.exe "http://torstatus.blutmagie.de/router_detail.php?FP=847b1f850344d7876491a54892f904934e4eb85d"
accessing hidden service content via mini-tor:
> mini-tor.exe "http://duskgytldkxiuqc6.onion/fedpapers/federndx.htm"
it can even access https content:
> mini-tor.exe "https://check.torproject.org/"
> mini-tor.exe "https://www.facebookcorewwwi.onion/"
add -v, -vv or -vvv for verbosity:
> mini-tor.exe -v "http://duskgytldkxiuqc6.onion/fedpapers/federndx.htm"
> mini-tor.exe -vv "https://check.torproject.org/"
> mini-tor.exe -vvv "https://www.facebookcorewwwi.onion/"
you can disable logging by commenting out #define MINI_LOG_ENABLED
in mini/logger.h
.
this will also result in fairly reduced size of the executable.
Description
- mini-tor supports both TAP & NTOR handshake.
- TAP uses ordinary DH with 1024 bit exponent.
- NTOR is newer type of handshake and uses curve25519.
- you can control which handshake is used by default by changing
preferred_handshake_type
inmini/tor/common.h
- mini-tor can use either CryptoAPI or newer CNG api.
- configurable via
mini/crypto/common.h
. - note that curve25519 is supported by CNG only on win10+.
- there is a curve25519-donna implementation included. you can enable it by setting
MINI_CRYPTO_CURVE25519_NAMESPACE
toext
to get it running on older systems.
- there is a curve25519-donna implementation included. you can enable it by setting
- note that
cng::dh<>
will work only on win8.1+, because of usageBCRYPT_KDF_RAW_SECRET
for fetching shared secret.- you can use
capi::dh<>
by settingMINI_CRYPTO_DH_NAMESPACE
tocapi
.
- you can use
- anything else should run fine on win7+ (anything older is not yet supported).
- configurable via
- mini-tor creates TLS connections via SCHANNEL (look at
mini/net/ssl_socket.cpp
&mini/net/detail/ssl_context.cpp
). - mini-tor does not use default CRT or STL, everything is implemented from scratch.
- older version of mini-tor based purely on CryptoAPI can be found in git tag ms_crypto_api (unmaintained).
Remarks
- as i stated above, this application is proof of concept.
- you can sometimes expect buggy behavior.
- this is definitelly not full-blown secure replacement for tor.
Compilation
compile mini-tor using Visual Studio 2017. solution file is included. no other dependencies are required.
License
all the code in this repository is open-source under the MIT license. see the LICENSE.txt file in this repository.
if you find this project interesting, you can buy me a coffee
BTC 3GwZMNGvLCZMi7mjL8K6iyj6qGbhkVMNMF
LTC MQn5YC7bZd4KSsaj8snSg4TetmdKDkeCYk