Telerik Forums
Fiddler Forum
or
Ask question
All Questions
Unanswered
Answered
4 questions
1 answer
109 views
Fiddler failed capture the https packer

Here my output of curl : 

curl --proxy 172.26.160.1:8888 https://google.com -v
root@ubuntuserver:/home# curl --proxy 172.26.160.1:8888 https://google.com -v
*   Trying 172.26.160.1:8888...
* Connected to (nil) (172.26.160.1) port 8888 (#0)
* allocate connect buffer!
* Establish HTTP proxy tunnel to google.com:443
> CONNECT google.com:443 HTTP/1.1
> Host: google.com:443
> User-Agent: curl/7.81.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 Connection Established
< FiddlerGateway: Direct
< StartTime: 15:42:31.930
< Connection: close
<
* Proxy replied 200 to CONNECT request
* CONNECT phase completed!
* ALPN, offering h2
* ALPN, offering http/1.1
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS header, Finished (20):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS header, Finished (20):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
*  subject: OU=Created by http://www.fiddler2.com; O=DO_NOT_TRUST; CN=google.com
*  start date: Aug 27 18:11:42 2022 GMT
*  expire date: Aug 27 18:11:42 2023 GMT
*  subjectAltName: host "google.com" matched cert's "google.com"
*  issuer: OU=Created by http://www.fiddler2.com; O=DO_NOT_TRUST; CN=DO_NOT_TRUST_FiddlerRoot
*  SSL certificate verify ok.
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
> GET / HTTP/1.1
> Host: google.com
> User-Agent: curl/7.81.0
> Accept: */*
>
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* Mark bundle as not supporting multiuse
< HTTP/1.1 301 Moved Permanently
< Location: https://www.google.com/
< Content-Type: text/html; charset=UTF-8
< Cross-Origin-Opener-Policy-Report-Only: same-origin-allow-popups; report-to="gws"
< Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
< Date: Fri, 09 Dec 2022 08:42:32 GMT
< Expires: Sun, 08 Jan 2023 08:42:32 GMT
< Cache-Control: public, max-age=2592000
< Server: gws
< Content-Length: 220
< X-XSS-Protection: 0
< X-Frame-Options: SAMEORIGIN
< Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
<
* TLSv1.2 (IN), TLS header, Supplemental data (23):
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="https://www.google.com/">here</A>.
</BODY></HTML>
* Connection #0 to host (nil) left intact
root@ubuntuserver:/home#

See : 

subject: OU=Created by http://www.fiddler2.com; O=DO_NOT_TRUST; CN=google.com

 

Success ....

 

But the problem is whe use without --proxy 


root@ubuntuserver:/home# curl https://google.com -v
*   Trying 142.251.12.100:443...
* Connected to google.com (142.251.12.100) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS header, Finished (20):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS header, Finished (20):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
*  subject: OU=Created by http://www.fiddler2.com; O=DO_NOT_TRUST; CN=142.251.12.100
*  start date: Aug 27 17:44:07 2022 GMT
*  expire date: Aug 27 17:44:07 2023 GMT
*  subjectAltName does not match google.com
* SSL: no alternative certificate subject name matches target host name 'google.com'
* Closing connection 0
* TLSv1.2 (OUT), TLS header, Unknown (21):
* TLSv1.2 (OUT), TLS alert, close notify (256):
curl: (60) SSL: no alternative certificate subject name matches target host name 'google.com'
More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.
root@ubuntuserver:/home#

See : 

subject: OU=Created by http://www.fiddler2.com; O=DO_NOT_TRUST; CN=142.251.12.100

 

How to fix this 

Im also try to edit fiddler rules

 

static function OnBeforeRequest(oSession: Session) {

if (oSession.HTTPMethodIs("CONNECT") && 
oSession.HostnameIs("142.251.12.102"))
{
oSession["X-OverrideCertCN"] = "google.com";
}

 

Still failed

 

 

What i do is in this tutorial : https://anasfanani.id/post/redirect-all-linux-traffict-to-httphttpssocks-proxy-fiddlerburp

Fiddler Classic
Linux
Anas
Top achievements
Rank 1
 updated question on 09 Dec 2022
1 answer
877 views
Problem when trying to monitor http(s) requests of Ubuntu on Windows 10
I am a new Fiddler classic user on Windows 10.  I can easily monitor http(s) requests of my browsers such as Chrome or Microsoft Edge. However, no http(s) requests are seen from my Application "Ubuntu on Windows". I have checked it (exemted) in WinConfig toolbar. What could be the problem here. Thanks in advance!
Fiddler Classic
Fiddler Everywhere
Linux
Nick Iliev
Telerik team
 answered on 05 Jul 2022
1 answer
229 views
BCCert can't make certificates resulting in Https requests not being captured

As the title says BCCertMaker can't make certificates

I am on Manjaro Linux and using Mono 6.12 and am using Fiddler to capture IOS 15 requests

19:53:46:8198 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
19:53:46:8534 Fiddler.BCCertMaker> Failed to create certificate for *.gc.apple.com: Operation is not supported on this platform.
  at BCCertMaker.BCCertMaker.CreateCertificateFromCA (System.String sCN, Org.BouncyCastle.X509.X509Certificate caCert, Org.BouncyCastle.Crypto.AsymmetricKeyParameter caKey) [0x00377] in <186d138a6ba64111bc4131af9c9cbf93>:0 
  at BCCertMaker.BCCertMaker.MakeNewCert (System.String sHostname) [0x00102] in <186d138a6ba64111bc4131af9c9cbf93>:0 
19:53:46:8534 fiddler.https> Failed to obtain certificate for stats.gc.apple.com due to Certificate Maker returned null when asked for a certificate for stats.gc.apple.com
19:53:48:6149 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
19:53:48:6510 Fiddler.BCCertMaker> Failed to create certificate for *.apple.com: Operation is not supported on this platform.
  at BCCertMaker.BCCertMaker.CreateCertificateFromCA (System.String sCN, Org.BouncyCastle.X509.X509Certificate caCert, Org.BouncyCastle.Crypto.AsymmetricKeyParameter caKey) [0x00377] in <186d138a6ba64111bc4131af9c9cbf93>:0 
  at BCCertMaker.BCCertMaker.MakeNewCert (System.String sHostname) [0x00102] in <186d138a6ba64111bc4131af9c9cbf93>:0 
19:53:48:6510 fiddler.https> Failed to obtain certificate for news-edge.apple.com due to Certificate Maker returned null when asked for a certificate for news-edge.apple.com
19:53:48:7116 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
19:53:48:7477 Fiddler.BCCertMaker> Failed to create certificate for *.apple.com: Operation is not supported on this platform.
  at BCCertMaker.BCCertMaker.CreateCertificateFromCA (System.String sCN, Org.BouncyCastle.X509.X509Certificate caCert, Org.BouncyCastle.Crypto.AsymmetricKeyParameter caKey) [0x00377] in <186d138a6ba64111bc4131af9c9cbf93>:0 
  at BCCertMaker.BCCertMaker.MakeNewCert (System.String sHostname) [0x00102] in <186d138a6ba64111bc4131af9c9cbf93>:0 
19:53:48:7478 fiddler.https> Failed to obtain certificate for news-edge.apple.com due to Certificate Maker returned null when asked for a certificate for news-edge.apple.com
19:53:50:0979 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
19:53:50:1347 Fiddler.BCCertMaker> Failed to create certificate for *.icloud.com: Operation is not supported on this platform.
  at BCCertMaker.BCCertMaker.CreateCertificateFromCA (System.String sCN, Org.BouncyCastle.X509.X509Certificate caCert, Org.BouncyCastle.Crypto.AsymmetricKeyParameter caKey) [0x00377] in <186d138a6ba64111bc4131af9c9cbf93>:0 
  at BCCertMaker.BCCertMaker.MakeNewCert (System.String sHostname) [0x00102] in <186d138a6ba64111bc4131af9c9cbf93>:0 
19:53:50:1347 fiddler.https> Failed to obtain certificate for gateway.icloud.com due to Certificate Maker returned null when asked for a certificate for gateway.icloud.com
19:53:50:2913 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
19:53:50:2921 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
19:53:50:2928 HTTPSLint> Warning: ClientHello record was 508 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
19:53:50:3244 Fiddler.BCCertMaker> Failed to create certificate for c.apple.news: Operation is not supported on this platform.
  at BCCertMaker.BCCertMaker.CreateCertificateFromCA (System.String sCN, Org.BouncyCastle.X509.X509Certificate caCert, Org.BouncyCastle.Crypto.AsymmetricKeyParameter caKey) [0x00377] in <186d138a6ba64111bc4131af9c9cbf93>:0 
  at BCCertMaker.BCCertMaker.MakeNewCert (System.String sHostname) [0x00102] in <186d138a6ba64111bc4131af9c9cbf93>:0 
19:53:50:3245 fiddler.https> Failed to obtain certificate for c.apple.news due to Certificate Maker returned null when asked for a certificate for c.apple.news
19:53:50:3245 !Certificate cache didn't find certificate for [c.apple.news]. Returning null to thread #66.
19:53:50:3245 !Certificate cache didn't find certificate for [c.apple.news]. Returning null to thread #65.
19:53:50:3245 fiddler.https> Failed to obtain certificate for c.apple.news due to Certificate Maker returned null when asked for a certificate for c.apple.news
19:53:50:3245 fiddler.https> Failed to obtain certificate for c.apple.news due to Certificate Maker returned null when a

 

EDIT: It also seems like HTTPS requests are being sent like http://example.com:443/

Fiddler Classic
Linux
Rosen Vladimirov
Telerik team
 answered on 21 Jun 2022
1 answer
272 views
Fiddler classic initialization fails

The steps that were followed to initialize the fiddler tool are mentioned below.

Steps (Commands used in linux):

  1. sudo apt-get install mono-complete libcanberra-gtk-module
  2. mkdir $HOME/fiddler-linux
  3. cd $HOME/fiddler-linux
  4. wget http://www.telerik.com/docs/default-source/fiddler/fiddler-linux.zip
  5. unzip -x fiddler-linux.zip
  6. mono --debug Fiddler.exe

 

 

System Environment:

Can any one of you please suggest to me how to resolve this error?

Fiddler Classic
Linux
Nick Iliev
Telerik team
 answered on 10 May 2021
Narrow your results
Done
Selected tags
Fiddler Classic
Linux
Tags
Windows
FiddlerCore
Fiddler Everywhere
Mobile
Extensions and Customization
MacOS
Android
iOS
Fiddler Jam
Fiddler Jam Embedded
+? more
Top users last month
Patrick
Top achievements
Rank 1
Iron
Iron
Iron
MIS
Top achievements
Rank 1
Ross
Top achievements
Rank 1
Marcin
Top achievements
Rank 1
Iron
Iron
Sean
Top achievements
Rank 2
Iron
Want to show your ninja superpower to fellow developers?
Learn how
Top users last month
Patrick
Top achievements
Rank 1
Iron
Iron
Iron
MIS
Top achievements
Rank 1
Ross
Top achievements
Rank 1
Marcin
Top achievements
Rank 1
Iron
Iron
Sean
Top achievements
Rank 2
Iron
Want to show your ninja superpower to fellow developers?
Learn how
Want to show your ninja superpower to fellow developers?
Learn how