1

I am trying to observe the network traffic from another Windows application that uses socket.io and is built with Electron.

I can observe the socket.io messages when I run the application in chrome, but I would like to observe it from my own c++ application, without having to run it in the browser.

I have already found out that the complete javascript code, as well as the socket.io messages, can be read directly from memory with a tool like CheatEngine. However, I'd prefer to take a more robust route than "guessing" memory locations.

Can you give me any hint on where to start?

Johannes Stricker
  • 1,701
  • 13
  • 23
  • Any particular reason to create a custom tool for that and not using an already existing tool? – user1810087 Jul 18 '19 at 08:03
  • Yes, I want to work with the data in my application and don't want to install extra tools on my clients' computers. – Johannes Stricker Jul 18 '19 at 08:17
  • 1
    You could use some [pcap](https://en.wikipedia.org/wiki/Pcap) library, for example [libpcap](https://github.com/the-tcpdump-group/libpcap) which is also used by [wireshark](https://www.wireshark.org/)... The answers from [this question](https://stackoverflow.com/questions/2198972/is-there-an-api-for-wireshark-to-develop-programs-plugins-that-interact-with-it) maybe could help... – user1810087 Jul 18 '19 at 08:25
  • Okay, thank you, that helps at least. I'd appreciate any additional links on the topic, for example on what to do when the traffic is SSL encrypted or how to spy on socket.io specifically. – Johannes Stricker Jul 19 '19 at 09:27
  • I actually hope, you won't be able to spy on SSL encrypted traffic! – user1810087 Jul 19 '19 at 09:34

0 Answers0