| StealthMonger 2006-03-31, 12:11 am |
| -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Here are simple procedures for anonymously requesting files from the
Internet using AAMGATE.
Say you wanted to get http://www.Earthlink.net (which was recently
mentioned on this forum). You could construct a file, request.txt
say, using your favorite text editor:
Request: http://www.Earthlink.net
Encrypt-Key: 6UTJb4Sa
Subject: notobvious
The Encrypt-Key: and Subject: are arbitrary words that you choose.
Now encrypt this request to an AAMGATE server, say AAMGATE@nosuch.net,
with something like
gpg -a -e -r AAMGATE request.txt
resulting in a file request.txt.asc. Now compose a mail addressed to
AAMGATE@nosuch.net. Include a X-Hashcash: header line. Put
request.txt.asc in the body. The hashcash resource is whatever the
server expects (usually its email address, AAMGATE@nosuch.net in this
case). Choose the bit count of the hashcash large enough to cover the
expected size of the compressed response. The rule is that each
additional bit of hashcash doubles the size you can get:
hashcash bit count maximum size of compressed response
22 4096
23 8192
24 16384
and so on up to a maximum set by the server operator (default 2M with
31 bits of hashcash). In this case, we're asking for a site's
top-level page, and we might guess that 24 bits of hashcash would be
enough. So you can construct the hashcash with such as
hashcash -m -b 24 -r AAMGATE@nosuch.net
and put the result into the X-Hashcash header. Now just send this
through a chain of anonymizing remailers and watch for a posting with
subject "notobvious" to show up on alt.anonymous.messages.
This is fine for small requests. For larger ones, the response is
split into several postings. The maximum size of the pieces is 20K by
default. If you don't want lots of pieces all with the same Subject:
showing, use encrypted subject. Do this by adding to the request a
Encrypt-Subject: or Encrypt-Subject-BF: line with some arbitrary
encryption key. Then the server will compute an encrypted subject
independently for each piece of the response.
Now obviously if you plan to do this more than a few times, you will
write yourself a simple script to handle all the details. The script
could accept the requested URL and the hashcash bit count as inputs.
How you handle the Encrypt-Key and Subject is up to you. Maybe you
want to supply those to the script as well. Or maybe your script
randomly generates these items and reports them out.
Here's a script that does all these things and a bit more. Just pipe
the output into wherever you normally inject mail into the remailer
cloud.
#!/bin/sh
# SYNOPSIS
# aamgate-rqst <URL> [BITS [NAME]]
# DESCRIPTION
# Anonymously fetch <URL> via aamgate, supplying BITS of hashcash
# (default 22) and assigning local "memo" name NAME (defaults to the
# basename of the URL). Text and Subject encryption keys, and the
# Subject to encrypt are chosen randomly and appended to "keys-list",
# a file of the same format as that used for stealthmail to facilitate
# re-use of stealthmail code.
set -e
if test -n "$2" ; then BITS="$2" ; else BITS=22 ; fi
if test -n "$3" ; then NAME="$3" ; else NAME=`basename $1` ; fi
Encrypt_Key=`dd if=/dev/random bs=1 count=18 2>/dev/null | openssl base64`
Subject=`dd if=/dev/random bs=1 count=18 2>/dev/null | openssl base64`
Encrypt_Subject_BF=`dd if=/dev/random bs=1 count=18 2>/dev/null | openssl base64`
echo "$NAME" $Encrypt_Key $Encrypt_Subject_BF $Subject >> $HOME/keys-list
echo To: aamgate@nosuch.net
echo X-Hashcash: $(hashcash -m -b "$BITS" -r aamgate@nosuch.net)
echo
(
echo Request: $1
echo Encrypt-Key: $Encrypt_Key
echo Subject: $Subject
echo Encrypt-Subject-BF: $Encrypt_Subject_BF
) | gpg -a -e --batch -r aamgate
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Processed by Mailcrypt 3.5.8 <http://mailcrypt.sourceforge.net/>
iD8DBQFEKPurDkU5rhlDCl4RAhwxAKCkDS8TCIvV
9koV8+B24rhyCbQOtgCfRFVL
/Mp+MzUP9EJBvqhubXnZ6No=
=FAUI
-----END PGP SIGNATURE-----
|