0

If you have used Firebug, you know that you can see the "AJAX" requests back and forth. And you can see the headers sent.

I would like the same thing. Except, I would like to sniff iTunes. I want to know the REST API that iTunes uses to talk to the cloud. As well as the user-agent and headers sent.

Alex
  • 8,111
  • 24
  • 71
  • 99
  • How do you mean 'talk to the cloud'? what cloud do you think it talks to? – Chopper3 Apr 16 '10 at 19:26
  • @Chopper3, I would guess the idea is to try and reverse engineer the iTunes Communication with the iTunes store. Or perhaps he is trying to hack into the DRM authentication. – Zoredache Apr 16 '10 at 20:19
  • What evidence do you have that the iTunes communication you would like to monitor is REST based and not some proprietary protocol? – Zoredache Apr 16 '10 at 20:19

3 Answers3

1

I would suggest Wireshark.

TCampbell
  • 2,014
  • 14
  • 14
  • I am capture all the data. But, how do I see exactly what parameters and what URL is iTunes going to? I want it to be like FireBug, where I can copy the AJAX url. – Alex Apr 16 '10 at 19:17
  • 2
    I believe iTunes uses SSL for communication with its store. Short of doing some pretty advanced hacking it may not be possible to accomplish anything useful. – Zoredache Apr 16 '10 at 20:15
0

I think your best bet would be to use something like Ethereal. It will allow you to sniff all the packets coming in and out of your machine.

nbartolomeo
  • 218
  • 1
  • 5
  • Ethereal is now [and has been for some time] Wireshark. If you check the linked site, which you provided, has not been updated in several years. – jscott Apr 16 '10 at 19:18
  • 7
    As the original author of both Ethereal and Wireshark I can confirm that jscott is correct. Ethereal is long dead. Please stop using it. – Gerald Combs Apr 16 '10 at 19:26
  • Am I the only one that thinks it's cool to see the author of Ethereal and Wireshark on the forum commenting on a question pertaining to his software? – Bart Silverstrim Apr 16 '10 at 22:18
0

I suggest Fiddler. A bit easier to read than the raw packet capture from Wireshark. Additionally, it allows you to mess with requests/responses sent.

Also check out this developer article on how to use it effectively.

NOTE: It captures HTTP(s) traffic on the wire so it can be used with virtually any program.

smoak
  • 646
  • 2
  • 7
  • 13