0

I have read that doc and pdf files are risky i.e. vulnerable to altering when downloaded through Tor. Could text documents downloaded from ghostbin or pastebin be made malicious in transit too? What about website page downloads (one html file and one associated folder)? Will it be safe if I drag and drop these text and html files on Tor window to open them?

References: In Kali Linux, how can I open files in a safe manner without disconnecting internet?

  • @schroeder The mentioned question focuses on browsing. This one focuses on files which have been downloaded. – Shri Devi Charan Singh Jan 16 '17 at 12:15
  • The answers talk about the possibility of manipulation during transmission, which is what you're asking about. – schroeder Jan 16 '17 at 12:38
  • schroeder: It seems you missed the focus areas of the question. Nevertheless I respect the decision. Is there anything I can do to get the duplicate tag removed? – Shri Devi Charan Singh Jan 18 '17 at 09:46
  • Sure, you need to edit your question to outline how it might be different from the other question. As I say, right now, the answers there are going to be the same answers that you are looking for, at least given the way you have asked the question. It might be a phrasing thing, but you've asked if data can be manipulated through TOR. The answer there says yes, particularly on the exit node. Can text files be made malicious? Yes, be rewriting them. Web pages are just text files. – schroeder Jan 18 '17 at 10:26
  • Does it matter to your question what the source of the files is (you keep repeating ghostbin or pastebin)? If so, it's not clear to me why the source would matter. – schroeder Jan 18 '17 at 10:27

3 Answers3

0

If the url is http (not https) they could.

There are studies about malicious tor nodes that inject virus in executables.

There are studies about internet routeurs (so it's apply to tor AND not-tor traffic) that inject ads in html webpages.

Will it be safe if I drag and drop these text and html files on Tor window to open them?

If you open local content with your tor browser, it doesn't transit on the network, so if that local webpage doesn't call external urls, it can't be altered by the network.

Tom
  • 2,073
  • 12
  • 19
  • How can a text file be made malicious? A text file contains plain text. Can you explain your answer? – Shri Devi Charan Singh Jan 16 '17 at 12:12
  • @ShriDeviCharanSingh The harmless text file could be replaced (or redirected to) a malicious executable/document during an insecure network transit. – Tom Jan 16 '17 at 12:48
0

Web pages can contain live code. So, if the right conditions exist, it is possible for a safe page to have malicious code inserted during transmission, which then runs when you run it locally.

Text is text. Text files have to be opened in a text reader. It is more than possible for a text file to contain an exploit.

schroeder
  • 125,553
  • 55
  • 289
  • 326
  • What are your views regarding downloading text files from ghostbin or pastebin over Tor and opening those downloaded text files by dragging and dropping inside Tor window? – Shri Devi Charan Singh Jan 18 '17 at 09:39
0

Anything you access in plaintext over Tor is susceptible to interception and/or modification by the exit node. This includes email, FTP, HTTP, etc.

The HTML you are viewing can absolutely be modified, and possibly in a hostile manner that could potentially compromise your system.

movsx
  • 141
  • 6