Some servers react differently depending on the Client Hello. Is there some way to mimic the hello of applications like Chrome?
Chrome for example uses its own ssl library which for example provides GREASE. Which library does Fiddler use on a Linux system ?
I found: https://www.telerik.com/blogs/fiddler-and-modern-tls-versions
Which seems to go a bit in the direction of customizing the client-server connection. Is it possible to use selected ciphers and extensions?
For reference:
https://github.com/refraction-networking/utls
https://engineering.salesforce.com/tls-fingerprinting-with-ja3-and-ja3s-247362855967
3 Answers, 1 is accepted
Hi Tom,
The classic Fiddler for Linux was experimental and is not currently supported- the team introduced Fiddler Everywhere which aims to provide cross-OS support (Windows.Mac, Linux). However, GREASE is not yet supported by the classic Fiddler (feature request logged here) or by Fiddler Everywhere.
Regards,
Nick Iliev
Progress Telerik
Virtual Classroom, the free self-paced technical training that gets you up to speed with Telerik and Kendo UI products quickly just got a fresh new look + new and improved content including a brand new Blazor course! Check it out at https://learn.telerik.com/.
Rank 1
Hi Tom,
Both Fiddler and Fiddler Everywhere use the System.Net.Security.SslStream class from the .NET Framework in order to establish secure connections. Its API allows only for choosing which SSL\TLS protocols to use for the connection. Unfortunately, it does not allow to choose which specific ciphers and extensions to use for the Client/Server Hello messages.
Regards,
Simeon
Progress Telerik
Five days of Blazor, Angular, React, and Xamarin experts live-coding on twitch.tv/CodeItLive , special prizes and more, for FREE?! Register now for DevReach 2.0(20).