capture traffic from IE sessions running under different account

16 posts, 0 answers
  1. F
    F avatar
    9 posts
    Member since:
    May 2018

    Posted 23 May Link to this post

    Hi

    I need to run on my computer (win7/win10) an IE session with a different account (start IE with Run As and authenticate). Is it possible to capture the traffic from that IE session with Fiddler? Running Fiddler with the other account does not work, it does not capture anything (I remember his was working a long time ago...)

    If some configuration is needed in IE to make this work, can this be done "automatically" (meaning that it would not disrupt the way the browser works when Fiddler is not capturing)?

  2. Alexander
    Admin
    Alexander avatar
    336 posts

    Posted 29 May Link to this post

    Hello,

    Yes, it is possible.

    The scenario where Fiddler is started with the same user as IE should work just fine. Another way of achieving this without using the same user is to make the proxy settings system-wide instead of per-user. This is done with a group policy.

    Regards,
    Alexander
    Progress Telerik
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
  3. F
    F avatar
    9 posts
    Member since:
    May 2018

    Posted 29 May in reply to Alexander Link to this post

    "The scenario where Fiddler is started with the same user as IE should work just fine"

    If it should work, then how could we make it work? or troubleshoot it?

    "Another way of achieving this without using the same user is to make the proxy settings system-wide instead of per-user. This is done with a group policy."

    Can you provide some step by step instructions on how to achieve this?

     

  4. Alexander
    Admin
    Alexander avatar
    336 posts

    Posted 31 May Link to this post

    Hi,

    There is no special setup really. Start IE as admin and start Fiddler as the same admin. The order should not matter.

    In order to troubleshoot:
    - Go to File and check if "Capture Traffic" is turned on.
    - Check which processes Fiddler is set to capture traffic from. This can be found in the bottom left corner of the screen.
    - Go to Tools -> WinINET options -> LAN settings -> Advanced and check if the proxy settings are correct.
    - Go to Help -> Troubleshoot, thus disabling all filters. Fiddler will show all sessions with strike-through font that would be otherwise hidden.

    Regards,
    Alexander
    Progress Telerik
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
  5. F
    F avatar
    9 posts
    Member since:
    May 2018

    Posted 31 May in reply to Alexander Link to this post

    Hi,

    On win7, I started Fiddler and IE using a user that is added to the Admin group. Both processes show the correct user in Task Manager. Fiddler is set to capture all processes and capturing is enabled, but NOT working.

    The WinINET options bring up the Internet Options window. On Connections->LAN Settings there is nothing set (Automatically detect settings - unchecked, Use automatic configuration script - unchecked, Use a proxy server - unchecked). How do I know "if the proxy settings are correct" (any sites in internet and intranet are working fine)?

    If I start the troubleshooter then only the "troubleshooter.cgi" requests are captured.

    Can you help further?

     

     

  6. Alexander
    Admin
    Alexander avatar
    336 posts

    Posted 05 Jun Link to this post

    Hi,

    It seems that it fails to set the proxy settings and that is causing the problem. The "Use a proxy server..." settings should not be unchecked. You can try workarounding this by setting the proxy settings manually - check the setting, go to Advanced, for HTTP and HTTPS type 127.0.0.1 and port 8888 (assuming you have not changed the default port of Fiddler). It should start working right away. Do not forget to remove this settings once you are done with Fiddler or you will not be able to browse the web.

    This is however a workaround and we will try to troubleshoot it. When Fiddler is started normally as the admin (i.e. the admin is logged in normally and just double click it) are the proxy settings set automatically?

    Regards,
    Alexander
    Progress Telerik
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
  7. F
    F avatar
    9 posts
    Member since:
    May 2018

    Posted 05 Jun in reply to Alexander Link to this post

    Hi.

    I am logged with my user on win7. When running IE with another user (run as), there is nothing set at the proxy settings indeed! I try to set the 127.0.0.1 address and port 8888 manually, but after closing the settings window the settings are not persisted.

    Any idea?

  8. F
    F avatar
    9 posts
    Member since:
    May 2018

    Posted 05 Jun in reply to Alexander Link to this post

    When I start Fiddler and IE normally (not using run as), then the proxy settings are set automatically and Fiddler works.
  9. Alexander
    Admin
    Alexander avatar
    336 posts

    Posted 12 Jun Link to this post

    Hi,

    "When I start Fiddler and IE normally (not using run as), then the proxy settings are set automatically and Fiddler works."

    Did you try starting them with the admin user (which you use to start them with "Run as") or you tried to start them with your user? It may be user-specific problem, so it is important to try start Fiddler normally with the user you want to use to start Fiddler with "Run as".

    As a side note - in this case you should always access the "Internet options" menu with Fiddler's Tools -> WinINET options, because the proxy settings we are interested in are user-specific and accesing it through the Windows search (or some other matter) will not show you the settings for the correct user.

    Regards,
    Alexander
    Progress Telerik
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
  10. F
    F avatar
    9 posts
    Member since:
    May 2018

    Posted 12 Jun in reply to Alexander Link to this post

    Both my user and the user for Run As have admin privileges. When starting IE and Fiddler directly with my user, then it works. When I start them with Run as and use the other user, the proxy settings do not get saved. It seems that those setting don't get saved even if I enter them manually in an IE session running with the other user (start as). Any ideas?
  11. Alexander
    Admin
    Alexander avatar
    336 posts

    Posted 14 Jun Link to this post

    Hi,

    If you start Fiddler directly with the user for Run As (i.e. you login with this user and run Fiddler normally) does the proxy settings get changed?

    Regards,
    Alexander
    Progress Telerik
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
  12. F
    F avatar
    9 posts
    Member since:
    May 2018

    Posted 17 Jun in reply to Alexander Link to this post

    If I login with the other user and start Fiddler/IE normally, then the proxy settings do get changed, and Fiddler works properly. While logged with the other user, if I start Fiddler/IE with Runs As and I enter my credentials, then again the proxy settings are not changed, and Fiddler does not work. 

    So it seems a problem with persisting the changed settings while running Fiddler/IE with Run As (with a user other than the one that is logged in). Not sure what to try further...

  13. Alexander
    Admin
    Alexander avatar
    336 posts

    Posted 21 Jun Link to this post

    Hello,

    What version of Fiddler are youu using? I'm unable to reproduce the problem and I'm trying to think of workaround. Is making the proxy settings system-wide instead of per-user an option?

    Regards,
    Alexander
    Progress Telerik
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
  14. F
    F avatar
    9 posts
    Member since:
    May 2018

    Posted 21 Jun in reply to Alexander Link to this post

    I'm using the latest version, but the versions before that worked the same way. The issue seems to be the fact that a user who is not logged in (meaning he is running IE with runas) cannot persist the changes he makes in IE settings. 

    How do I make proxy setting system-wide?

  15. Alexander
    Admin
    Alexander avatar
    336 posts

    Posted 22 Jun Link to this post

    Hi,

    Go to Control panel -> Administrative tools -> Edit group policy. Here you can find where is the settings, what's called and what does it values mean.

    Please, note that this is not a fefature of Fiddler and you are doing it at your own risk.

    Regards,
    Alexander
    Progress Telerik
    Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
  16. F
    F avatar
    9 posts
    Member since:
    May 2018

    Posted 22 Jun in reply to Alexander Link to this post

    Hi,

    I made the make proxy setting system-wide by editing the group policy. Now if I start Fiddler with any user, it captures the traffic from any session.

    Some weird things that also happen(ed):

    - I had to reinstall the Fiddler root certificate, most https sites were not working. This seems weird since this was working fine before, and I remember trusting the fiddler root certificate right after installing Fiddler.

    - Sometimes Fiddler does not capture a session or a tab, this happens randomly. However, restarting Fiddler/ the browser fixes that.

    But overall, it works.

    Thank you very much for the support and suggestions!

     

Back to Top