Hacking the Tor Control Protocol
Every installation of Tor includes a server and communication protocol used to control all aspects of client’s operation.
First enable the control port, which is disabled by default. There are several ways we can enable it:
- Edit torrc configuration file (normally located in /etc/tor/torrc on unix systems). Uncomment ControlPort line as follows:
## The port on which Tor will listen for local connections from Tor
## controller applications, as documented in control-spec.txt.
ControlPort 9051
- Enable control port using
--controlport
flag:
tor --controlport 9051
Connecting to Control Port
Once control port is enabled, we can connect to it using any telnet client:
$ telnet localhost 9051
As soon as you connect you must authenticate using predifined password hash which is ""
by default. You may change control port password by editing HashedControlPassword line in torrc configuration file. Use authenticate keyword to login.
authenticate ""
250 OK
Tor Control Commands
Viewing and Setting configuration variables
Tor depends on several configuration variables which can be viewed and changed. Most of these variables are set in torrc file, but you can override them at run time.