I want to write a telegram bot, proxy Tor, can it be “stealed” by a sniffer in the output node?

L

LionG2019-04-28 19:43:38

Tor

LionG, 2019-04-28 19:43:38

I recently read an article and if I understood correctly, then in the output node, before accessing the clean Internet, the traffic is decrypted and a sniffer can be put in that place ... can they sniffer the bot's token and "steal" it? I want to use a Tor proxy to bypass the blocking of the main TG domain.

Reply

Answer the question

In order to leave comments, you need to log in

4 answer(s)

V

ValdikSS, 2019-05-06
@LionG

If you use only HTTPS connections to the Telegram API, and do not disable certificate verification, then the Exit node will not be able to listen to the traffic and compromise the token.

I

Ivan Shumov, 2019-04-28
@inoise

it can be sniffed even on your home router, but you won’t recognize it) only the chances are one in a million. you just have to be ready for it

A

Alexey S., 2019-04-28
@Winsik

nothing bad will happen if the token is stolen, it won’t take long to form a new one. You won't be able to "steal" because the name of the bot is tied to your cart account

A

Andrey, 2019-04-29
@Allepta

In theory, this can happen, but the probability is very small, so small that it can be considered impossible.
I can advise you to use ssh tunnel instead of TOR proxy.