oh, I don't understand this
what you mean is, for example, when browsing webpages
browser application sock Tor Ethernet interface
send packet ----------> forward -------------> encrypt and -----------------> send to the entry node
make tor cells
receive packet<--------- forward<-------------- decrypt tor cells <--------------- receive from the entry node
tcpdump -i eth0(this is my capturing)
but you mean I can capture between the browser application and the sock£¿
so I used tcpdump on the ethernet interface
the packets are encrypted
you mean I can capture the packets before
> OK, thank you very much!I don't follow, do you mean the traffic between tor and the first hop?
> besides, is it possible to get the cypher key for decoding the tcpdump
> captured packets on the TOR client??
Why not just intercept the communication with the socks port?
_______________________________________________
tor-dev mailing list
tor-dev@lists.torproject.org
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev