This is a migrated thread and some comments may be shown as answers.

Customize Client Hello

3 Answers 92 Views
Fiddler Classic
This is a migrated thread and some comments may be shown as answers.
Tom
Top achievements
Rank 1
Tom asked on 13 Sep 2020, 06:47 PM

Some servers react differently depending on the Client Hello. Is there some way to mimic the hello of applications like Chrome?
Chrome for example uses its own ssl library which for example provides GREASE. Which library does Fiddler use on a Linux system ?

I found: https://www.telerik.com/blogs/fiddler-and-modern-tls-versions

Which seems to go a bit in the direction of customizing the client-server connection. Is it possible to use selected ciphers and extensions?

For reference:
https://github.com/refraction-networking/utls
https://engineering.salesforce.com/tls-fingerprinting-with-ja3-and-ja3s-247362855967

3 Answers, 1 is accepted

Sort by
0
Nick Iliev
Telerik team
answered on 14 Sep 2020, 06:53 AM

Hi Tom,

 

The classic Fiddler for Linux was experimental and is not currently supported-  the team introduced Fiddler Everywhere which aims to provide cross-OS support (Windows.Mac, Linux). However, GREASE is not yet supported by the classic Fiddler (feature request logged here) or by Fiddler Everywhere.

 

Regards,
Nick Iliev
Progress Telerik

Virtual Classroom, the free self-paced technical training that gets you up to speed with Telerik and Kendo UI products quickly just got a fresh new look + new and improved content including a brand new Blazor course! Check it out at https://learn.telerik.com/.

0
Tom
Top achievements
Rank 1
answered on 14 Sep 2020, 08:47 AM
Can you customize ciphers (or cipher order, extensions ...) to some extend with Fiddler Everywhere except GREASE? Does it use its own ssl library or the one provided by the OS?
0
Simeon
Telerik team
answered on 17 Sep 2020, 10:40 PM

Hi Tom,

Both Fiddler and Fiddler Everywhere use the System.Net.Security.SslStream class from the .NET Framework in order to establish secure connections. Its API allows only for choosing which SSL\TLS protocols to use for the connection. Unfortunately, it does not allow to choose which specific ciphers and extensions to use for the Client/Server Hello messages.

Regards,
Simeon
Progress Telerik

Five days of Blazor, Angular, React, and Xamarin experts live-coding on twitch.tv/CodeItLive , special prizes and more, for FREE?! Register now for DevReach 2.0(20).

Tags
Fiddler Classic
Asked by
Tom
Top achievements
Rank 1
Answers by
Nick Iliev
Telerik team
Tom
Top achievements
Rank 1
Simeon
Telerik team
Share this question
or