unix socket sniffing.md
· 469 B · Markdown
原始檔案
// move the socket
```sh
sudo mv /var/run/docker.sock /var/run/docker.sock.original
```
// redirect all socket communications to a tcp listener in port 1234
```sh
sudo socat TCP-LISTEN:1234,reuseaddr,fork UNIX-CONNECT:/var/run/docker.sock.original
```
// create a new proxy socket to be use by the application
```sh
sudo socat UNIX-LISTEN:/var/run/docker.sock,fork TCP-CONNECT:127.0.0.1:1234
```
// sniff the traffic
```sh
sudo tcpdump -i lo -netvv port 1234
// move the socket
sudo mv /var/run/docker.sock /var/run/docker.sock.original
// redirect all socket communications to a tcp listener in port 1234
sudo socat TCP-LISTEN:1234,reuseaddr,fork UNIX-CONNECT:/var/run/docker.sock.original
// create a new proxy socket to be use by the application
sudo socat UNIX-LISTEN:/var/run/docker.sock,fork TCP-CONNECT:127.0.0.1:1234
// sniff the traffic
sudo tcpdump -i lo -netvv port 1234