> OK, thank you very much! > besides, is it possible to get the cypher key for decoding the tcpdump > captured packets on the TOR client?? I don't follow, do you mean the traffic between tor and the first hop? Why not just intercept the communication with the socks port?