or
0 answers
82 views
Is fiddle compatible with iOS?
0 answers
62 views
Hi
I am a software tester.
After installing the latest version of fiddler(4.3.2) I am unable to inspect the traffic from iOS app which I am testing. I spend a lot of time to understand the issue and finally I found it is only happening in latest versions.
The app is getting stuck and API requests are not being shown in the fiddler. Not sure but I think it has to do with TLS 1.3.
Working version-4.0.1
When I install this version(4.0.1) it gets updated to latest version automatically when I close and relaunch the fiddler.
How to resolve this issue please?
I am a software tester.
After installing the latest version of fiddler(4.3.2) I am unable to inspect the traffic from iOS app which I am testing. I spend a lot of time to understand the issue and finally I found it is only happening in latest versions.
The app is getting stuck and API requests are not being shown in the fiddler. Not sure but I think it has to do with TLS 1.3.
Working version-4.0.1
When I install this version(4.0.1) it gets updated to latest version automatically when I close and relaunch the fiddler.
How to resolve this issue please?
Sowmya
Top achievements
Rank 1
Rank 1
asked
on
11 Jul 2023
0 answers
48 views
Hello. I want to scan the traffic in an application on iOS, but the traffic is not scanned. I've done all the debugging with the certificates. Traffic is scanned in other applications, but this app (name: arc8 application) is not visible. Is there a solution to open this http://api.prod.arc8.io:443 traffic?
Ceyhun
Top achievements
Rank 1
Rank 1
asked
on
10 Apr 2023
1 answer
100 views
I'm trying to use Fiddler to proxy an application that uses both HTTP and web sockets. The web sockets are actually BLIP.
When the application runs, I see all the http traffic just fine in Fiddler, however I see no indication of the web sockets in Fiddler. In the application logs I can see the web sockets timing out. In this particular scenario the application waits for the data on the web sockets and no longer progresses as the data is required. This only happens when using a fiddler proxy.
Is there something special I need to do in order to get fiddler to proxy the web sockets? If there's a limitation, say due to not supporting BLIP, is there a way to configure fiddler to not proxy any web sockets but still proxy http?
TIA
When the application runs, I see all the http traffic just fine in Fiddler, however I see no indication of the web sockets in Fiddler. In the application logs I can see the web sockets timing out. In this particular scenario the application waits for the data on the web sockets and no longer progresses as the data is required. This only happens when using a fiddler proxy.
Is there something special I need to do in order to get fiddler to proxy the web sockets? If there's a limitation, say due to not supporting BLIP, is there a way to configure fiddler to not proxy any web sockets but still proxy http?
TIA
Nick Iliev
Telerik team
answered
on
22 Mar 2023
1 answer
310 views
Ok no prize but this has been bothering me for a while and after endless googling and searching I can't figure it out so asking here for some help. Using Fiddler Classic and have this connection that won't work and can't figure out why.. while another almost identical and to same server works! .. so listing both, good one and bad one here and hoping someone can help and let me know what I'm missing.
The name of the party involved has been changed to protect its identity! :-P
Thank you all in advance!
The one that works:
CONNECT xx-xxxx.xxxx.com:443 HTTP/1.1
Host: cn-geo1.uber.com
User-Agent: Xxxxxx/x.xxx.xxxxx CFNetwork/1240.0.4 Darwin/20.6.0
Connection: keep-alive
Connection: keep-alive
A SSLv3-compatible ClientHello handshake was found. Fiddler extracted the parameters below.
Version: 3.3 (TLS/1.2)
Random: D6 98 B2 86 F9 D5 6C 89 44 34 E5 CE 3D 7E DE B8 5E 17 80 09 C8 1B 4A 89 32 E9 76 33 02 B8 13 1D
"Time": 8/11/2041 12:31:18 PM
SessionID: D7 1A 00 00 28 58 81 5E 09 42 2C 7D FF 52 69 45 04 1F 6A 9A F1 AC 7F 1C 8A 4F BB 05 B6 90 1D 07
Extensions:
grease (0xcaca) empty
server_name xx-xxxx.xxxx.com
extended_master_secret empty
renegotiation_info 00
supported_groups grease [0xdada], x25519 [0x1d], secp256r1 [0x17], secp384r1 [0x18], secp521r1 [0x19]
ec_point_formats uncompressed [0x0]
ALPN http/1.1
status_request OCSP - Implicit Responder
signature_algs ecdsa_secp256r1_sha256, rsa_pss_rsae_sha256, rsa_pkcs1_sha256, ecdsa_secp384r1_sha384, ecdsa_sha1, rsa_pss_rsae_sha384, rsa_pss_rsae_sha384, rsa_pkcs1_sha384, rsa_pss_rsae_sha512, rsa_pkcs1_sha512, rsa_pkcs1_sha1
SignedCertTimestamp (RFC6962) empty
key_share 00 29 DA DA 00 01 00 00 1D 00 20 FB 83 F0 42 95 E5 7A A0 20 36 5D 34 31 B9 CF D2 F1 1C 6C D7 E4 4A 32 0E 4B 33 96 4C 90 4C 91 12
psk_key_exchange_modes 01 01
supported_versions grease [0xa0a], Tls1.3, Tls1.2
grease (0x6a6a) 00
padding 210 null bytes
Ciphers:
[5A5A] Unrecognized cipher - See https://www.iana.org/assignments/tls-parameters/
[1301] TLS_AES_128_GCM_SHA256
[1302] TLS_AES_256_GCM_SHA384
[1303] TLS_CHACHA20_POLY1305_SHA256
[C02C] TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
[C02B] TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
[CCA9] TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
[C030] TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
[C02F] TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
[CCA8] TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
[C024] TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
[C023] TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
[C00A] TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
[C009] TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
[C028] TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
[C027] TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
[C014] TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
[C013] TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
Compression:
[00] NO_COMPRESSION
HTTP/1.1 200 Connection Established
FiddlerGateway: Direct
StartTime: 17:35:47.943
Connection: close
Encrypted HTTPS traffic flows through this CONNECT tunnel. HTTPS Decryption is enabled in Fiddler, so decrypted sessions running in this tunnel will be shown in the Web Sessions list.
Secure Protocol: Tls12
Cipher: Aes128 128bits
Hash Algorithm: Sha256 ?bits
Key Exchange: ECDHE_RSA (0xae06) 255bits
== Server Certificate ==========
[Subject]
CN=*.xxxx.com, O="Xxxx Xxxxxxxxxxxx, Inc.", L=San Francisco, S=California, C=US
[Issuer]
CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
[Serial Number]
04B114FE39AFD58E244CD867F6289C33
[Not Before]
9/29/2022 8:00:00 PM
[Not After]
10/3/2023 7:59:59 PM
[Thumbprint]
A3973CE541FA00B8ABFAF00A7A656566D9C8B85E
[SubjectAltNames]
*.xxxx.com, xxxx.com
The one that does NOT work:
CONNECT xx-xxxx.xxxx.com:443 HTTP/1.1
Host: cn-geo1.uber.com
User-Agent: com.apple.WebKit.Networking/8611.4.1.0.3 CFNetwork/1240.0.4 Darwin/20.6.0
Connection: keep-alive
Connection: keep-alive
A SSLv3-compatible ClientHello handshake was found. Fiddler extracted the parameters below.
Version: 3.3 (TLS/1.2)
Random: 14 C3 70 A0 97 D7 EE 8D 7E 4D 55 83 5B 7E 11 78 B4 0D 5A 05 A7 CA FF 72 E7 6F D3 FE 84 80 57 67
"Time": 4/19/2055 6:48:52 AM
SessionID: 94 40 2D 65 53 37 B5 35 DB 44 9C 7C 02 08 6E CF D3 D2 96 F1 5F 2F 8D F6 16 E3 00 69 28 89 F1 1A
Extensions:
grease (0xbaba) empty
server_name xx-xxxx.xxxx.com
extended_master_secret empty
renegotiation_info 00
supported_groups grease [0x2a2a], x25519 [0x1d], secp256r1 [0x17], secp384r1 [0x18], secp521r1 [0x19]
ec_point_formats uncompressed [0x0]
ALPN h2, http/1.1
status_request OCSP - Implicit Responder
signature_algs ecdsa_secp256r1_sha256, rsa_pss_rsae_sha256, rsa_pkcs1_sha256, ecdsa_secp384r1_sha384, ecdsa_sha1, rsa_pss_rsae_sha384, rsa_pss_rsae_sha384, rsa_pkcs1_sha384, rsa_pss_rsae_sha512, rsa_pkcs1_sha512, rsa_pkcs1_sha1
SignedCertTimestamp (RFC6962) empty
key_share 00 29 2A 2A 00 01 00 00 1D 00 20 D5 A3 35 60 CC 62 00 38 0B DD F3 4E FC 27 42 B6 5C 0B 4A CA 6B 98 5A 0D 4C 64 A9 8E 38 74 A9 0A
psk_key_exchange_modes 01 01
supported_versions grease [0x3a3a], Tls1.3, Tls1.2
grease (0x4a4a) 00
padding 207 null bytes
Ciphers:
[6A6A] Unrecognized cipher - See https://www.iana.org/assignments/tls-parameters/
[1301] TLS_AES_128_GCM_SHA256
[1302] TLS_AES_256_GCM_SHA384
[1303] TLS_CHACHA20_POLY1305_SHA256
[C02C] TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
[C02B] TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
[CCA9] TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
[C030] TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
[C02F] TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
[CCA8] TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
[C024] TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
[C023] TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
[C00A] TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
[C009] TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
[C028] TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
[C027] TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
[C014] TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
[C013] TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
Compression:
[00] NO_COMPRESSION
HTTP/1.1 200 Connection Established
FiddlerGateway: Direct
StartTime: 17:36:31.802
Connection: close
Nick Iliev
Telerik team
answered
on
28 Dec 2022
1 answer
62 views
Hello everyone , i trying to capture my friend iphone not on my network, in his iphone he set the proxy is my pc puplic ip and set the port is smae fiddler port. Even that he cannot acces to my pc .
anyone know how to make it possible: and how to traffic other phones not on my network.
thankx
anyone know how to make it possible: and how to traffic other phones not on my network.
thankx
Nick Iliev
Telerik team
answered
on
07 Dec 2022
2 answers
220 views
Hi, I can't open some apps on ios. I enter the application, but fiddler does not scan the traffic. I am attaching a screenshot as an example. Screnshoot link Please help me how to scan the sites mentioned in the picture.
0 answers
89 views
There's a 3rd party ios app that i want to capture traffic from, and i'm not having any luck in doing so. It is specifically the Twinkly app. My web requests from the browser seem to be getting decoded and i did not expect the apple apps to be decoded, due to certificate pinning, but I really would like to get this working for a 3rd party app. I installed a bouncy castle certificate and tried that, and I also set up a trial of Fiddler Everywhere and started over, with no luck. Any ideas? I am willing to jump through any kind of hoop necessary to get this to work, including jailbreaking the phone.
John
Top achievements
Rank 2
Iron
Iron
Veteran
Rank 2
Iron
Iron
Veteran
asked
on
24 Oct 2022
1 answer
66 views
Hello
I am Using Fiddler and Nox Player.
But when ever i try to connect to a website i will get this many errors and in fiddler with 443 on sites
How Do i Fix that?
I already tried
To Reset and re install the cert but didnt work.
any other solutions?
Nick Iliev
Telerik team
answered
on
23 Jun 2022
0 answers
367 views
I was able to run the FiddlerCore demo (that comes with the package) without issue. I see both http and https traffic being logged on my PC.
My goal now is to do the same for my iOS traffic but I can't figure out what I am missing. I can see my https traffic fine when I use the desktop Fiddler app, by following the instructions at ConfigureForiOS.
I run the console FiddlerCore demo, hit 't' to trust the root certificate and then try to follow the same steps on my iPhone as I did for the Fidder app, namely setting my proxy to the Fiddler instance (my machine's IP and port 7777 as that is what it looks like the demo is using) and trusting the Fiddler cert that I had already installed on my phone when setting it up to work with the desktop Fiddler app. Then when I try to start an app on my phone that goes over https (for example a game) it just hangs. I don't see any errors being logged in the console app. It works ok when just running the desktop Fiddler app.
My SSL/cert/Fiddler knowledge is weak so I am hoping I am just missing a simple step or two. Do I have to somehow copy the root certificate that the demo creates over to my phone? I thought the one already installed when using the Fiddler desktop app would suffice.
Questions:
How can I capture iOS HTTPS traffic using the FiddlerCore demo app?
Do I need to trust the root certificate each time I start the demo app (hitting 't')?
Thanks.
P.S. I added the demo app here, which can be found in the FiddlerCore package, for reference.
using Fiddler;using System;using System.Collections.Generic;using System.Threading;namespace FiddlerCoreDemo{ class Program { static Proxy oSecureEndpoint; static string sSecureEndpointHostname = "localhost"; static int iSecureEndpointPort = 7777; public static void WriteCommandResponse(string s) { ConsoleColor oldColor = Console.ForegroundColor; Console.ForegroundColor = ConsoleColor.Yellow; Console.WriteLine(s); Console.ForegroundColor = oldColor; } public static void DoQuit() { WriteCommandResponse("Shutting down..."); if (null != oSecureEndpoint) oSecureEndpoint.Dispose(); Fiddler.FiddlerApplication.Shutdown(); Thread.Sleep(500); } private static string Ellipsize(string s, int iLen) { if (s.Length <= iLen) return s; return s.Substring(0, iLen - 3) + "..."; }#if SAZ_SUPPORT private static void ReadSessions(List<Fiddler.Session> oAllSessions) { Session[] oLoaded = Utilities.ReadSessionArchive(Environment.GetFolderPath(Environment.SpecialFolder.Desktop) + Path.DirectorySeparatorChar + "ToLoad.saz", false); if ((oLoaded != null) && (oLoaded.Length > 0)) { oAllSessions.AddRange(oLoaded); WriteCommandResponse("Loaded: " + oLoaded.Length + " sessions."); } } private static void SaveSessionsToDesktop(List<Fiddler.Session> oAllSessions) { bool bSuccess = false; string sFilename = Environment.GetFolderPath(Environment.SpecialFolder.DesktopDirectory) + Path.DirectorySeparatorChar + DateTime.Now.ToString("hh-mm-ss") + ".saz"; try { try { Monitor.Enter(oAllSessions); string sPassword = null; Console.WriteLine("Password Protect this Archive (Y/N)?"); ConsoleKeyInfo oCKI = Console.ReadKey(); if ((oCKI.KeyChar == 'y') || (oCKI.KeyChar == 'Y')) { Console.WriteLine("\nEnter the password:"); sPassword = Console.ReadLine(); Console.WriteLine(String.Format("\nEncrypting with Password: '{0}'", sPassword)); } Console.WriteLine(); bSuccess = Utilities.WriteSessionArchive(sFilename, oAllSessions.ToArray(), sPassword, false); } finally { Monitor.Exit(oAllSessions); } WriteCommandResponse( bSuccess ? ("Wrote: " + sFilename) : ("Failed to save: " + sFilename) ); } catch (Exception eX) { Console.WriteLine("Save failed: " + eX.Message); } }#endif private static void WriteSessionList(List<Fiddler.Session> oAllSessions) { ConsoleColor oldColor = Console.ForegroundColor; Console.ForegroundColor = ConsoleColor.White; Console.WriteLine("Session list contains..."); try { Monitor.Enter(oAllSessions); foreach (Session oS in oAllSessions) { Console.Write(String.Format("{0} {1} {2}\n{3} {4}\n\n", oS.id, oS.oRequest.headers.HTTPMethod, Ellipsize(oS.fullUrl, 60), oS.responseCode, oS.oResponse.MIMEType)); } } finally { Monitor.Exit(oAllSessions); } Console.WriteLine(); Console.ForegroundColor = oldColor; } static void Main(string[] args) { List<Fiddler.Session> oAllSessions = new List<Fiddler.Session>(); // <-- Personalize for your Application, 64 chars or fewer Fiddler.FiddlerApplication.SetAppDisplayName("FiddlerCoreDemoApp"); #region AttachEventListeners // // It is important to understand that FiddlerCore calls event handlers on session-handling // background threads. If you need to properly synchronize to the UI-thread (say, because // you're adding the sessions to a list view) you must call .Invoke on a delegate on the // window handle. // // If you are writing to a non-threadsafe data structure (e.g. List<t>) you must // use a Monitor or other mechanism to ensure safety. // // Simply echo notifications to the console. Because Fiddler.CONFIG.QuietMode=true // by default, we must handle notifying the user ourselves. Fiddler.FiddlerApplication.OnNotification += delegate (object sender, NotificationEventArgs oNEA) { Console.WriteLine("** NotifyUser: " + oNEA.NotifyString); }; Fiddler.FiddlerApplication.Log.OnLogString += delegate (object sender, LogEventArgs oLEA) { Console.WriteLine("** LogString: " + oLEA.LogString); }; Fiddler.FiddlerApplication.BeforeRequest += delegate (Fiddler.Session oS) { // Console.WriteLine("Before request for:\t" + oS.fullUrl); // In order to enable response tampering, buffering mode MUST // be enabled; this allows FiddlerCore to permit modification of // the response in the BeforeResponse handler rather than streaming // the response to the client as the response comes in. oS.bBufferResponse = false; Monitor.Enter(oAllSessions); oAllSessions.Add(oS); Monitor.Exit(oAllSessions); // Set this property if you want FiddlerCore to automatically authenticate by // answering Digest/Negotiate/NTLM/Kerberos challenges itself // oS["X-AutoAuth"] = "(default)"; /* If the request is going to our secure endpoint, we'll echo back the response. Note: This BeforeRequest is getting called for both our main proxy tunnel AND our secure endpoint, so we have to look at which Fiddler port the client connected to (pipeClient.LocalPort) to determine whether this request was sent to secure endpoint, or was merely sent to the main proxy tunnel (e.g. a CONNECT) in order to *reach* the secure endpoint. As a result of this, if you run the demo and visit https://localhost:7777 in your browser, you'll see Session list contains... 1 CONNECT http://localhost:7777 200 <-- CONNECT tunnel sent to the main proxy tunnel, port 8877 2 GET https://localhost:7777/ 200 text/html <-- GET request decrypted on the main proxy tunnel, port 8877 3 GET https://localhost:7777/ 200 text/html <-- GET request received by the secure endpoint, port 7777 */ if ((oS.oRequest.pipeClient.LocalPort == iSecureEndpointPort) && (oS.hostname == sSecureEndpointHostname)) { oS.utilCreateResponseAndBypassServer(); oS.oResponse.headers.SetStatus(200, "Ok"); oS.oResponse["Content-Type"] = "text/html; charset=UTF-8"; oS.oResponse["Cache-Control"] = "private, max-age=0"; oS.utilSetResponseBody("<html><body>Request for httpS://" + sSecureEndpointHostname + ":" + iSecureEndpointPort.ToString() + " received. Your request was:<br /><plaintext>" + oS.oRequest.headers.ToString()); } }; /* // The following event allows you to examine every response buffer read by Fiddler. Note that this isn't useful for the vast majority of // applications because the raw buffer is nearly useless; it's not decompressed, it includes both headers and body bytes, etc. // // This event is only useful for a handful of applications which need access to a raw, unprocessed byte-stream Fiddler.FiddlerApplication.OnReadResponseBuffer += new EventHandler<RawReadEventArgs>(FiddlerApplication_OnReadResponseBuffer); */ /* Fiddler.FiddlerApplication.BeforeResponse += delegate(Fiddler.Session oS) { // Console.WriteLine("{0}:HTTP {1} for {2}", oS.id, oS.responseCode, oS.fullUrl); // Uncomment the following two statements to decompress/unchunk the // HTTP response and subsequently modify any HTTP responses to replace // instances of the word "Microsoft" with "Bayden". You MUST also // set bBufferResponse = true inside the beforeREQUEST method above. // //oS.utilDecodeResponse(); oS.utilReplaceInResponse("Microsoft", "Bayden"); };*/ Fiddler.FiddlerApplication.AfterSessionComplete += delegate (Fiddler.Session oS) { //Console.WriteLine("Finished session:\t" + oS.fullUrl); Console.Title = ("Session list contains: " + oAllSessions.Count.ToString() + " sessions"); }; // Tell the system console to handle CTRL+C by calling our method that // gracefully shuts down the FiddlerCore. // // Note, this doesn't handle the case where the user closes the window with the close button. // See http://geekswithblogs.net/mrnat/archive/2004/09/23/11594.aspx for info on that... // Console.CancelKeyPress += new ConsoleCancelEventHandler(Console_CancelKeyPress); #endregion AttachEventListeners string sSAZInfo = "NoSAZ";#if SAZ_SUPPORT sSAZInfo = Assembly.GetAssembly(typeof(Ionic.Zip.ZipFile)).FullName; // You can load Transcoders from any different assembly if you'd like, using the ImportTranscoders(string AssemblyPath) // overload. // //if (!FiddlerApplication.oTranscoders.ImportTranscoders(Assembly.GetExecutingAssembly())) //{ // Console.WriteLine("This assembly was not compiled with a SAZ-exporter"); //} DNZSAZProvider.fnObtainPwd = () => { Console.WriteLine("Enter the password (or just hit Enter to cancel):"); string sResult = Console.ReadLine(); Console.WriteLine(); return sResult; }; FiddlerApplication.oSAZProvider = new DNZSAZProvider();#endif Console.WriteLine(String.Format("Starting {0} ({1})...", Fiddler.FiddlerApplication.GetVersionString(), sSAZInfo)); // For the purposes of this demo, we'll forbid connections to HTTPS // sites that use invalid certificates. Change this from the default only // if you know EXACTLY what that implies. Fiddler.CONFIG.IgnoreServerCertErrors = false; // ... but you can allow a specific (even invalid) certificate by implementing and assigning a callback... // FiddlerApplication.OnValidateServerCertificate += new System.EventHandler<ValidateServerCertificateEventArgs>(CheckCert); FiddlerApplication.Prefs.SetBoolPref("fiddler.network.streaming.abortifclientaborts", true); // For forward-compatibility with updated FiddlerCore libraries, it is strongly recommended that you // start with the DEFAULT options and manually disable specific unwanted options. FiddlerCoreStartupFlags oFCSF = FiddlerCoreStartupFlags.Default; // E.g. If you want to add a flag, start with the .Default and "OR" the new flag on: // oFCSF = (oFCSF | FiddlerCoreStartupFlags.CaptureFTP); // ... or if you don't want a flag in the defaults, "and not" it out: // Uncomment the next line if you don't want FiddlerCore to act as the system proxy // oFCSF = (oFCSF & ~FiddlerCoreStartupFlags.RegisterAsSystemProxy); // ******************************* // Important HTTPS Decryption Info // ******************************* // When FiddlerCoreStartupFlags.DecryptSSL is enabled, you must include either // // MakeCert.exe // // *or* // // CertMaker.dll // BCMakeCert.dll // // ... in the folder where your executable and FiddlerCore.dll live. These files // are needed to generate the self-signed certificates used to man-in-the-middle // secure traffic. MakeCert.exe uses Windows APIs to generate certificates which // are stored in the user's \Personal\ Certificates store. These certificates are // NOT compatible with iOS devices which require specific fields in the certificate // which are not set by MakeCert.exe. // // In contrast, CertMaker.dll uses the BouncyCastle C# library (BCMakeCert.dll) to // generate new certificates from scratch. These certificates are stored in memory // only, and are compatible with iOS devices. // Uncomment the next line if you don't want to decrypt SSL traffic. // oFCSF = (oFCSF & ~FiddlerCoreStartupFlags.DecryptSSL); // NOTE: In the next line, you can pass 0 for the port (instead of 8877) to have FiddlerCore auto-select an available port int iPort = 8877; Fiddler.FiddlerApplication.Startup(iPort, oFCSF); FiddlerApplication.Log.LogFormat("Created endpoint listening on port {0}", iPort); FiddlerApplication.Log.LogFormat("Starting with settings: [{0}]", oFCSF); FiddlerApplication.Log.LogFormat("Gateway: {0}", CONFIG.UpstreamGateway.ToString()); Console.WriteLine("Hit CTRL+C to end session."); // We'll also create a HTTPS listener, useful for when FiddlerCore is masquerading as a HTTPS server // instead of acting as a normal CERN-style proxy server. oSecureEndpoint = FiddlerApplication.CreateProxyEndpoint(iSecureEndpointPort, true, sSecureEndpointHostname); if (null != oSecureEndpoint) { FiddlerApplication.Log.LogFormat("Created secure endpoint listening on port {0}, using a HTTPS certificate for '{1}'", iSecureEndpointPort, sSecureEndpointHostname); } bool bDone = false; do { Console.WriteLine("\nEnter a command [C=Clear; L=List; G=Collect Garbage; W=write SAZ; R=read SAZ;\n\tS=Toggle Forgetful Streaming; T=Trust Root Certificate; Q=Quit]:"); Console.Write(">"); ConsoleKeyInfo cki = Console.ReadKey(); Console.WriteLine(); switch (Char.ToLower(cki.KeyChar)) { case 'c': Monitor.Enter(oAllSessions); oAllSessions.Clear(); Monitor.Exit(oAllSessions); WriteCommandResponse("Clear..."); FiddlerApplication.Log.LogString("Cleared session list."); break; case 'd': FiddlerApplication.Log.LogString("FiddlerApplication::Shutdown."); FiddlerApplication.Shutdown(); break; case 'l': WriteSessionList(oAllSessions); break; case 'g': Console.WriteLine("Working Set:\t" + Environment.WorkingSet.ToString("n0")); Console.WriteLine("Begin GC..."); GC.Collect(); Console.WriteLine("GC Done.\nWorking Set:\t" + Environment.WorkingSet.ToString("n0")); break; case 'q': bDone = true; DoQuit(); break; case 'r':#if SAZ_SUPPORT ReadSessions(oAllSessions);#else WriteCommandResponse("This demo was compiled without SAZ_SUPPORT defined");#endif break; case 'w':#if SAZ_SUPPORT if (oAllSessions.Count > 0) { SaveSessionsToDesktop(oAllSessions); } else { WriteCommandResponse("No sessions have been captured"); }#else WriteCommandResponse("This demo was compiled without SAZ_SUPPORT defined");#endif break; case 't': try { WriteCommandResponse("Result: " + Fiddler.CertMaker.trustRootCert().ToString()); } catch (Exception eX) { WriteCommandResponse("Failed: " + eX.ToString()); } break; // Forgetful streaming case 's': bool bForgetful = !FiddlerApplication.Prefs.GetBoolPref("fiddler.network.streaming.ForgetStreamedData", false); FiddlerApplication.Prefs.SetBoolPref("fiddler.network.streaming.ForgetStreamedData", bForgetful); Console.WriteLine(bForgetful ? "FiddlerCore will immediately dump streaming response data." : "FiddlerCore will keep a copy of streamed response data."); break; } } while (!bDone); } /* /// <summary> /// This callback allows your code to evaluate the certificate for a site and optionally override default validation behavior for that certificate. /// You should not implement this method unless you understand why it is a security risk. /// </summary> static void CheckCert(object sender, ValidateServerCertificateEventArgs e) { if (null != e.ServerCertificate) { Console.WriteLine("Certificate for " + e.ExpectedCN + " was for site " + e.ServerCertificate.Subject + " and errors were " + e.CertificatePolicyErrors.ToString()); if (e.ServerCertificate.Subject.Contains("fiddler2.com")) { Console.WriteLine("Got a certificate for fiddler2.com. We'll say this is also good for any other site, like https://fiddlertool.com."); e.ValidityState = CertificateValidity.ForceValid; } } } */ /* // This event handler is called on every socket read for the HTTP Response. You almost certainly don't want // to add a handler for this event, but the code below shows how you can use it to mess up your HTTP traffic. static void FiddlerApplication_OnReadResponseBuffer(object sender, RawReadEventArgs e) { // NOTE: arrDataBuffer is a fixed-size array. Only bytes 0 to iCountOfBytes should be read/manipulated. // // Just for kicks, lowercase every byte. Note that this will obviously break any binary content. for (int i = 0; i < e.iCountOfBytes; i++) { if ((e.arrDataBuffer[i] > 0x40) && (e.arrDataBuffer[i] < 0x5b)) { e.arrDataBuffer[i] = (byte)(e.arrDataBuffer[i] + (byte)0x20); } } Console.WriteLine(String.Format("Read {0} response bytes for session {1}", e.iCountOfBytes, e.sessionOwner.id)); } */ /// <summary> /// When the user hits CTRL+C, this event fires. We use this to shut down and unregister our FiddlerCore. /// </summary> /// <param name="sender"></param> /// <param name="e"></param> static void Console_CancelKeyPress(object sender, ConsoleCancelEventArgs e) { DoQuit(); } }}
Red
Top achievements
Rank 1
Rank 1
asked
on
19 Nov 2017
