Hello,

I'm using Fiddler to intercept Java HTTPS traffic. This was accomplished by using the Fiddler Root certificate to create a keystore file which is read by the JVM.

It works fine in Fiddler GUI, but in a FiddlerCore application, the connections are not going through.

I am just wondering if I need to set the cert in FiddlerCore, or something similar to get this to work.

Hello,

I'm using Fiddler in order to check server response time on an app we develop. (ios and android)

IOS worked fine, but on Android we had some problems.

http://docs.telerik.com/fiddler/Configure-Fiddler/Tasks/ConfigureForAndroid

I completed this guide, and i could capture all the traffic from mobile web. When we tried to enter any mobile android app the app pages did not load. (stuck on the loading screen...)

Happened in various android devices and apps.

Thanks,

Yoav

I configured fiddler to redirect all https traffic destined to oldURL.com to newURL.com, using the below fiddlerscript sample from the Telerik Fiddler documentation.

This has been working fine for several months. Today I attempted to execute the same monthly process, but this time it failed.
After some investigation I noticed that fiddler is returning a certificate with the wrong CN
A quick test in Chrome shows that when browsing to https://oldURL.com, fiddler returns a certificate with a subject of CN=newURL.com

This causes the handshake to fail with my application, and the montly process to abort.

I can only assume that this issue crept in when I updated Fiddler last month to: v5.0.20181.14850 for .NET 4.6.1

I have now worked around this by also adding oSession["X-OverrideCertCN"] = "oldURL.com";

What is the correct way to redirect HTTPS request & Tunnel, whilst still providing a correctly named certificate to the client application?

https://docs.telerik.com/fiddler/KnowledgeBase/FiddlerScript/ModifyRequestOrResponse

Just wondering if it's possible to use Fiddler to get an idea of what is going on through a FiddlerCore program.

Ideally something like: Client -> Fiddler -> FiddlerCore -> Server

Hi,

After importing PCAP for file extraction and analysis, I've noticed that Fiddler saves the file matching the file size to the content-length from the response headers entity with NULL bytes .  When manually carving a file from PCAP and removing the headers, the file requested actually end up being an incomplete download. Is this something that Fiddler does by default?  Is there a way to turn this feature off?  Thank you.

Greetings Fellow Fiddlers

We've used Fiddler successfully for a while to intercept and decrypt https traffic from our iOS application (11.0.2) without any problems. However, it became necessary to move to a new Windows-10 VMWare installation. We also took the opportunity to install Fiddler 5.0.2018.1.14850.

We've gone through the various options to "Allow remote computers to connect" and "Decrypt HTTPS". We've also downloaded and run the FiddlerCertMaker. We can see that Fiddler reports that certificates are now generated by "BCCertificateMaker.BCCertificateMaker from CertMaker.dll" and we see the Fiddler "DO_NOT_TRUST_FiddlerRoot" certificate in the Windows-10 Certificate Manager under "Local Computer\Trusted Root Certifications Authorities"

Then from the iOS device we've configured the manual proxy and take our Safari browser to the Fiddler Echo Service page where we download the FiddlerRoot Certificate, installed it and finally confirmed that it is marked as "Verified"

However, when we run our application or browse to https sites from the iPad, Fiddler acknowledges the access and shows tunnel to various URLs, but there is no https decryption.

Furthermore, the Fiddler logs contains the following line repeated for each https access

• SecureClientPipeDirect failed: System.IO.IOException Authentication failed because the remote party has closed the transport stream. for pipe....

Having gone through the process a few times now, there's a fair amount of head scratching going on, What have we missed?

All help is very much appreciated.

Many Thanks

dp

Hi,

I've just started to work packet capturing and I'm confused about an issue.

When capturing the traffic from a website, I don't see the real target the requests are sent to. what's the reason? is it due to some kind of encoding or what?

Thanks

Let me know if further steps I can help troubleshoot on this. Thanks.

Hello, help me please:

how can I do this with a fiddler?

https://imgur.com/a/KI7ta45

profile for test: https://steamcommunity.com/id/_Snowy_/inventory/#730

Hello

I need help with inserting cookies through FiddlerScript. I have cookies like below which contains " inside cookie value, when I remove " from cookie value I stopped getting response from server. Now the real problem is FiddlerScript doesn't consider any cookie value outside " if I am correct. Pls help in finding some solution for me.