From de4f6ac2066b1a494acba5503c7cee0835fe3fc9 Mon Sep 17 00:00:00 2001
From: shw <shw@subgraph.com>
Date: Mon, 22 May 2017 15:01:11 +0000
Subject: [PATCH] SOCKS/Tor credential randomization to force new circuits with
 each outbound connection.

---
 sgfw/socks_server_chain.go | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/sgfw/socks_server_chain.go b/sgfw/socks_server_chain.go
index 4528aea..4c613a4 100644
--- a/sgfw/socks_server_chain.go
+++ b/sgfw/socks_server_chain.go
@@ -5,6 +5,7 @@ import (
 	"net"
 	"os"
 	"sync"
+	"time"
 
 	"github.com/subgraph/go-procsnitch"
 	"strings"
@@ -157,6 +158,11 @@ func (c *socksChainSession) sessionWorker() {
 		return
 	}
 
+	// Randomize username and password to force a new TOR circuit with each connection
+	rndbytes := []byte("sgfw" + strconv.Itoa(int(time.Now().UnixNano()) ^ os.Getpid()))
+	c.req.Auth.Uname = rndbytes
+	c.req.Auth.Passwd = rndbytes
+
 	switch c.req.Cmd {
 	case CommandTorResolve, CommandTorResolvePTR:
 		err = c.dispatchTorSOCKS()