Kwon et al. recently showed that circuit fingerprinting attacks could be used to identify hidden service circuits, which is a key step towards linking Tor users and their activity online. In this paper, we explore an improvement to their attack that uses random forests, which achieves similar accuracy while being more robust to simple countermeasures against it. Additionally, we perform our attack from a middle node, for which an attacker needs less resources and can leverage guard fingerprinting to deanonymize users. Our evaluation shows the attack can be effectively deployed at the middle with 99.98% accuracy.