I'm writing a PC application that communicates with an Http server. This server implementation is buggy and generates mal-formatted responses. It is something I have to deal with.
I'm trying to use Fiddler to see the content of the response, and to adapt my code in consequence. But when Fiddler detects a protocol violation, it makes changes to the response.

Here is a log from fiddler:

And the corresponding response header generated by Fiddler:

I cannot even see the original response, the only one visible in Fiddler in the 'Response' pane is the modified one.
I would like my application to receive the original (mal-formatted) response. Is there any way to configure Fiddler to forward the response exactly as it receives it?

Hi,

The CustomRules.js file is located in the '~/Documents/Fiddler2/Scripts' folder, but I would like to change this. Is there a way to do this?

Thank you,

Alex

hi at all, can Fiddler decrypt packet that transmit client program windows that use certificate ?

VMware.exe + Proxifier = Hangs or Freezes (responsible for the internet connection is but vmnat.exe/service)

if i remove the vmware rule in proxifier there is no Hangs or Freezes from vmware but too no proxy.

There is no problem with the network setup from vmware.

previously i used proxycap+Fiddler and its works with the vmnat.exe/service)
but there is a winsock conflict between proxifier and proxycap now i removed
proxycap.

 

 

Fiddler only working on http request from my android mobile apps. Fiddler is best more then others software but main problem is that, i can't capture from facebook app. Also play store, instagram and youtube are not capturing. Already i tried using 6-7 android phone, but i was can't capturing.

Admin please try on fiddler using your android phone facebook app. Then you will understand and can solve it.

I am using Lava Iris, Version 7.0, also i tried using lower version on different mobile (but not working).

 

I am waiting for admin reply and solution. Advance Thanks.

I have installed Fiddler, and made changes in Tools - Fiddler Options - HTTPs - checked "Capture HTTPs Connects" and "Decrypt HTTPs Traffic".

While running the Fiddler, I am not able to access / open any websites in any browser IE / Chrome. Below is the error I am getting.

Certificate Error: Navigation Blocked

There is a problem with this website’s security certificate.
The security certificate presented by this website is not secure.
Security certificate problems may indicate an attempt to fool you or intercept any data you send to the server.

If I close the Fiddler, I am able to open all the websites in IE / Chrome. Could you tell me how to resolve this issue.

Thanks

The beginning of the problem:

 

For months my computer would take about five minutes for HTTPS connections to function. As a result, Skype could not connect during this time and any HTTPS web requests would be stuck in "Establishing Secure Connection" during this time. I finally fixed the issue by removing all the DO_NOT_TRUST_FiddlerRoot certificates that I found in the "Personal" store.

 

Since then, fiddler is unable to decrypt HTTPS requests properly. Instead, Chrome displays a Privacy Error. I have seen other people on this forum with this problem fix the issue by upgrading Fiddler, checking a dll, or trusting the root certificate. On these points:

My Fiddler Web Debugger is v5.0.20182.28034 for .NET 4.6.1 (Running ELEVATED)
I do not understand what DLL I should be looking for in order to ensure that I have the right certificate authority. I have the CertEnroll engine.
In Tools > Options > HTTPS > Action:

• I have never noticed a change when I choose "Reset All Certificates".
• "Trust Root Certificate" does not work, the log shoes an error message: "The RFC server is unavailable"
• I am able to "Export Root Certificate to Desktop" and install these certificates in the "Personal" store, but not "Trusted Certificate authorities".

As far as I can see, the basic problem is a permissions issue:

• I can't delete a FiddlerRoot certificate (a certificate that I do not believe is the current root) from Trusted Certificate Authorities. (error: RFC server)
• I cannot install a new root into "Trusted Certificate authorities" (error: store is read only, or did not open properly)
  
  

Any ideas on what permissions specifically are neededfor these RFC server error messages to be fixed?

 

Appreciate your help.

windows 10 connected to the internet through wifi, no proxy. I need to read a curl request to rewrite in c# code.

using curl 7.61.0 and fiddler 5.

this command just works fine:

  curl -X POST -u "73b63264-b68c-4591-af76-96f325969d0b":"X7bECApaBi0o" -F "file=@c:\temp\1.json" https://gateway-fra.watsonplatform.net/discovery/api/v1/environments/e40e7c0d-25de-4ae5-a079-90877a745de0/collections/029a29d3-2ed1-4cf3-be81-b78e35d5ce0f/documents?version=2017-11-07

with fiddler running the command above works fine too ma no traced into fiddler.

this command is traced into fiddler but fails to execute:

curl --proxy http://127.0.0.1:8888 -X POST -u "73b63264-b68c-4591-af76-96f325969d0b":"X7bECApaBi0o" -F "file=@c:\temp\1.json" https://gateway-fra.watsonplatform.net/discovery/api/v1/environments/e40e7c0d-25de-4ae5-a079-90877a745de0/collections/029a29d3-2ed1-4cf3-be81-b78e35d5ce0f/documents?version=2017-11-07

this the error "curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above"

 

Inspecting the requerst in fiddler , this the raw data of request, but i need to extract the body of request. How do i do?

Thanks.

 

CONNECT gateway-fra.watsonplatform.net:443 HTTP/1.1
Host: gateway-fra.watsonplatform.net:443
User-Agent: curl/7.61.0
Connection: Keep-Alive

A SSLv3-compatible ClientHello handshake was found. Fiddler extracted the parameters below.

Version: 3.3 (TLS/1.2)
Random: 14 67 89 3B 5E 0D 45 EF 2B 75 A0 39 5D C0 B0 BB EB 78 1E 49 BC F1 64 5C ED F6 19 BF 37 79 80 07
"Time": 26/08/2001 23:16:04
SessionID: empty
Extensions:
    server_name    gateway-fra.watsonplatform.net
    ec_point_formats    uncompressed [0x0], ansiX962_compressed_prime [0x1], ansiX962_compressed_char2  [0x2]
    elliptic_curves    unknown [0x1D), secp256r1 [0x17], secp521r1 [0x19], secp384r1 [0x18]
    NextProtocolNego    empty
    ALPN        h2, http/1.1
    encrypt_then_mac (RFC7366)    empty
    extended_master_secret    empty
    signature_algs    sha512_rsa, sha512_dsa, sha512_ecdsa, sha384_rsa, sha384_dsa, sha384_ecdsa, sha256_rsa, sha256_dsa, sha256_ecdsa, sha224_rsa, sha224_dsa, sha224_ecdsa, sha1_rsa, sha1_dsa, sha1_ecdsa
Ciphers:
    [C02C]    TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
    [C030]    TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
    [009F]    TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
    [CCA9]    TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
    [CCA8]    TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
    [CCAA]    TLS_DHE_RSA_WITH_CHACHA20_POLY1305
    [C02B]    TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
    [C02F]    TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
    [009E]    TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
    [C024]    TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
    [C028]    TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
    [006B]    TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
    [C023]    TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
    [C027]    TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
    [0067]    TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
    [C00A]    TLS1_CK_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
    [C014]    TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA
    [0039]    TLS_DHE_RSA_WITH_AES_256_SHA
    [C009]    TLS1_CK_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
    [C013]    TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA
    [0033]    TLS_DHE_RSA_WITH_AES_128_SHA
    [009D]    TLS_RSA_WITH_AES_256_GCM_SHA384
    [009C]    TLS_RSA_WITH_AES_128_GCM_SHA256
    [003D]    TLS_RSA_WITH_AES_256_CBC_SHA256
    [003C]    TLS_RSA_WITH_AES_128_CBC_SHA256
    [0035]    TLS_RSA_AES_256_SHA
    [002F]    TLS_RSA_AES_128_SHA
    [00FF]    TLS_EMPTY_RENEGOTIATION_INFO_SCSV

Compression:
    [00]    NO_COMPRESSION

 

 

Hi,

 I have been using Fiddler for a long and working fine but this morning I updated to latest version and things got weird. I am hitting API from Visual Studio C# code but fiddler has stopped capturing my request. On top of it , it has blocked my request as well, so I am not able to run my code in capturing request.

When I turn off the capture, it let my code execution complete but that way I am not able to see my request in fiddler.

 

I have also enabled the Decrypt HTTPS traffic but I did not get the option to save the Certificate "Trust the Fiddler Root certificate?"

 

Although if I am doing browsing through browser, it is capturing all the request but few request have the Lock icon against them.

 

Hello forum,

i would like to use Fiddler under Linux:-) Does the Windows-version and the Linux-version
currently offer the same features ?

Thank you!

Joe