Usually wireshark is used to sniff packets traversing a network. But how does one sniff a unix domain socket? Using socat
as a proxy is a neat trick to capture packets traversing a unix socket.
In the below command, /tmp/originalsocket
is the socket the Unix Socket Server is listening on, while /tmp/duplicatesocket
is the socket that the unix client should connect to. socat
will dump all the transactions that go on in a hexadecimal format
sudo socat -t100 -x -v UNIX-LISTEN:/tmp/duplicatesocket,mode=777,reuseaddr,fork UNIX-CONNECT:/tmp/originalsocket