Fiddler Proxy Acts Like Virus

4 posts, 0 answers
  1. Brian
    Brian avatar
    2 posts
    Member since:
    Oct 2015

    Posted 06 Oct 2015 Link to this post

    Hi All,

    I am running fiddler as a proxy so that I can debug a webview on a mobile device. However when I run fiddler, it takes over my proxy settings (as expected) but never releases them. It adds certificates to my personal certs that are flagged as fiddler and it also modifies my proxy settings so even when it is not running, it says that I my system administrator has set my system to not allow me to change. After running Malware Bytes, I am able again to change my proxy settings.

    This only happens after I run fiddler. Also this makes it such that I need to run Fiddler to do any localhost development on a web site. If I uninstall fiddler, remove the extra certs, and use Malware Bytes to remove the registry changes that it modifies, then I can run my localhost without fiddler. I am seriously considering that there is something extra wrong here but I think I will have to get a different proxy system.

    Any ideas?

    Thanks,
    Brian

  2. Eric Lawrence
    Admin
    Eric Lawrence avatar
    833 posts

    Posted 06 Oct 2015 Link to this post

    Hi, Brian--

    Unfortunately, your subject line is pretty confusing, so let's walk through your concerns one-by-one.

    1> However when I run fiddler, it takes over my proxy settings (as expected) but never releases them.

    Fiddler changes your proxy settings to point to itself when it starts capturing. When it shuts down, it returns your proxy settings to what they were before.

    If you find that the settings are not properly returned to what they were before, the most likely explanation is that there's some other software on your system with a bug that corrupts the Windows proxy settings. Poorly-written networking or security software is the typical culprit.

    2> It adds certificates to my personal certs that are flagged as fiddler 

    Yes, when HTTPS decryption is enabled, Fiddler generates certificates for interception, as described here: http://www.telerik.com/blogs/faq---certificates-in-fiddler. You can configure Fiddler to remove these certificates each time it closes (slower performance) by choosing the "Clear server certs on exit" checkbox shown on the configuration screen (Tools > Fiddler Options > HTTPS > Link: Certificates are generated by). Alternatively, you can install the Fiddler CertMaker add-on which does not store created certificates (other than the root) in the Windows Certificate store.

    3> it also modifies my proxy settings so even when it is not running, it says that I my system administrator has set my system to not allow me to change

    I'm afraid I have no idea what this means; Fiddler has no feature of this nature. How could Fiddler "say" anything when it isn't running? If you see this message in some other software, it's not coming from Fiddler. Again, such a warning could be caused by poorly written networking or security software, or it could be a legitimate message related to an administrator-applied Group Policy.

    Eric Lawrence
    Telerik
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
  3. Brian
    Brian avatar
    2 posts
    Member since:
    Oct 2015

    Posted 07 Oct 2015 in reply to Eric Lawrence Link to this post

    It is not fiddler that is saying that my proxy settings but IE and Chrome when I try to modify them. It is fiddler that leaves it like this after running so that neither IE or Chrome will allow me to modify my proxy settings. This is true when Fiddler is running which I understand since it has modified the settings but after I stop Fiddler, I would expect it to leave the proxy settings in such a way as that I can modify them again but it does not.

     Are you suggesting then that something that Dell installs for a driver is making Fiddler leave itself set up as a proxy? Or are you saying that some other software (not that I have installed any software other than Cisco VPN) is doing this? I ask because there is someone else with this exact setup that does not experience these problems running Fiddler.

     Charles Proxy software does not behave like this. It sets itself up and then removes itself properly. NOTE: Charles proxy gives me the same warning from Chrome and IE when running that the sys admin has set my proxy settings and I cannot modify them but not after it shuts down.

    So right now I am reading, Fiddler will not work for you please use a different solution.

    Thanks,
    Brian

  4. Eric Lawrence
    Admin
    Eric Lawrence avatar
    833 posts

    Posted 07 Oct 2015 Link to this post

    Hi,

    >So right now I am reading, Fiddler will not work for you please use a different solution.

    No, what you're reading is: "Fiddler works without problems on millions of computers running in 170 different countries on every version of Windows. Your computer appears to have some other software which is causing you problems."

    You mention Cisco's VPN software: "Cisco AnyConnect VPN/Mobility Client" is one example of software which modifies the system's proxy settings when you connect or disconnect from the VPN. I've not seen it prevent modification of the proxy settings, but perhaps that's an option.

    It might be helpful for you to explain more about your PC: e.g. "It's a domain-joined Windows 7 PC with IE10 and my user-account is a Local Administrator but I run with UAC enabled." or similar.

    In your system registry, do you have a key HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\? If so, is there a ProxySettingsPerUser registry key there?

    You can use SysInternals' Process Monitor filtered to watch for registry writes to keys containing ProxyS and this will help show what software is making changes to your proxy configuration.

    Regards,
    Eric Lawrence
    Telerik
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
Back to Top