Re: [tor-dev] Understanding Tor and SOCKS

Subject: Re: [tor-dev] Understanding Tor and SOCKS

From: ÐÐÐÐÐÐÐÑ ÐÐÑÑÑÑÐÐÐ <vilgeforce@xxxxxxxxx>

Date: Sun, 26 Oct 2014 12:59:31 +0400

Delivery-date: Sun, 26 Oct 2014 04:59:43 -0400

Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; bh=pHd2Mnto8GR5K3Yo3VoNWspvBituCok94da/DQaSLRU=; b=TLliSzIiTRcDm0W9ANTnWJlxgkFpWxtBinFenFemlsFDbuOgfYvfJhQFlQJ9ugtP2K RfBJV9W+U5kBgHhx7KF+nB9fSL5vM4OvLX+NceAfxTHeh3DFZtX8f+Vkg92HriF3Ui/Y SxNatm+5z+hrdcvAZIyK6am+NwZP+XzdhfNK2U+WO4JrHDBb+aiEj/Xc3oEFtIr6FlQc ruRTg1UyCyObkwhDTtjbKuWkCOfTN3oSXJxWVdL1DbtO2gXK/s6m5uZJmGmi9oAYfSPA 2YLy4Q00QvYr0JZ7/yso0sy36h4P5Lz8soJ1Xi3PeHDrfXvCOogoLstaz4m7k6ddPD// qKpg==

In-reply-to: <fa9ab52618bf4a8133dd603ec3bcbf4e@xxxxxxxxxxxxx>

List-archive: <http://lists.torproject.org/pipermail/tor-dev/>

List-help: <mailto:tor-dev-request@lists.torproject.org?subject=help>

List-id: discussion regarding Tor development <tor-dev.lists.torproject.org>

List-post: <mailto:tor-dev@lists.torproject.org>

List-subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=subscribe>

List-unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-dev>, <mailto:tor-dev-request@lists.torproject.org?subject=unsubscribe>

References: <fa9ab52618bf4a8133dd603ec3bcbf4e@xxxxxxxxxxxxx>

Reply-to: tor-dev@xxxxxxxxxxxxxxxxxxxx

Sender: "tor-dev" <tor-dev-bounces@xxxxxxxxxxxxxxxxxxxx>

Hm... Did you try Wireshark on it?

2014-10-26 11:46 GMT+03:00 spriver <spriver@xxxxxxxxxxxxx>:

Hi everyone!

I am trying to understand the communication between an application and Tor (especially connecting to a hidden service). I am tracing packets on loopback between a torified netcat request to connect to a .onion address. When the connection gets granted I am getting a response from the socks server:
(hex data of the tcp payload)

0x05 0x00 0x00 0x01 0x00 0x00 0x00 0x00 0x00 0x00

Regarding to the SOCKS specification this means that the request is granted. But I don't understand the 0x01 in byte no 4. It means IPv4 address in the SOCKS specification, but the following part of the destination address and port (the following 0x00's) are empty. So what does that 0x01 mean?

Can someone explain me that?

Thank you!

Cheers,
spriver
_______________________________________________
tor-dev mailing list
tor-dev@xxxxxxxxxxxxxxxxxxxx
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev

_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev