[tor-dev] Understanding Tor and SOCKS
spriver
spriver at autistici.org
Sun Oct 26 08:46:42 UTC 2014
Hi everyone!
I am trying to understand the communication between an application and
Tor (especially connecting to a hidden service). I am tracing packets on
loopback between a torified netcat request to connect to a .onion
address. When the connection gets granted I am getting a response from
the socks server:
(hex data of the tcp payload)
0x05 0x00 0x00 0x01 0x00 0x00 0x00 0x00 0x00 0x00
Regarding to the SOCKS specification this means that the request is
granted. But I don't understand the 0x01 in byte no 4. It means IPv4
address in the SOCKS specification, but the following part of the
destination address and port (the following 0x00's) are empty. So what
does that 0x01 mean?
Can someone explain me that?
Thank you!
Cheers,
spriver
More information about the tor-dev
mailing list