Socket is referred to as a socket, and it is an encapsulation of the TCP/IP protocol, serving as an abstraction layer between the transport layer and the application layer.
Compared to the short connection communication method of HTTP, Socket can achieve long connection communication between the client and the server.
Fiddler and Charles can only capture data at the application layer. If you want to capture data from other layers, such as the network layer, transport layer, or data link layer, it is strongly recommended to use Wireshark.
Wireshark is a very powerful tool for intercepting data streams. It can not only monitor HTTP(S) requests but also TCP/UDP requests, capturing data from almost all layers of the OSI seven-layer model.
2-1 Main Interface
The main interface includes:
2-2 Data List Display Area
This area is used to display message data passing through specific network ports. The data list and display methods can be customized.
For example: modifying the display format of the message time.
Each message intuitively displays: message number, time, source IP address, destination IP address, protocol name, message length, and detailed information about the message (port number, flags field).
2-3 Hierarchical Data Display Area
The relationship with messages in this area is as follows:
2-4 Data Filtering Area
The data filtering area facilitates us to screen and filter messages, quickly locating the data we want.
This allows filtering by IP address, port number, operators, logical operators, and protocol names.
Taking TCP as a common example, we simulate a Socket communication process locally, and then use Wireshark to capture packets.
Here, we use the socket module in Python for quick implementation.
Among them:
3-1 Server Side
3-2 Client Side
3-3 Packet Capture
Itâs important to note that to capture packets from the local machine to the local machine with Wireshark, you need to switch the listening network port to: Loopback:lo0.
Run the code to normally simulate data communication between the client and the server.
Use protocol + port number to filter data in Wireshark, and you can capture the complete transmission data.
For capturing data from mobile Socket communications, if itâs a PC, you can open the hotspot from your machine and then connect the phone to the hotspot; select the corresponding network port in Wireshark to capture packets.
For Mac, it is recommended to enable network sharing and connect the phone via USB for network data capture.