Just wondering if it's possible to use Fiddler to get an idea of what is going on through a FiddlerCore program.

Ideally something like: Client -> Fiddler -> FiddlerCore -> Server

Hi,

After importing PCAP for file extraction and analysis, I've noticed that Fiddler saves the file matching the file size to the content-length from the response headers entity with NULL bytes .  When manually carving a file from PCAP and removing the headers, the file requested actually end up being an incomplete download. Is this something that Fiddler does by default?  Is there a way to turn this feature off?  Thank you.

Greetings Fellow Fiddlers

We've used Fiddler successfully for a while to intercept and decrypt https traffic from our iOS application (11.0.2) without any problems. However, it became necessary to move to a new Windows-10 VMWare installation. We also took the opportunity to install Fiddler 5.0.2018.1.14850.

We've gone through the various options to "Allow remote computers to connect" and "Decrypt HTTPS". We've also downloaded and run the FiddlerCertMaker. We can see that Fiddler reports that certificates are now generated by "BCCertificateMaker.BCCertificateMaker from CertMaker.dll" and we see the Fiddler "DO_NOT_TRUST_FiddlerRoot" certificate in the Windows-10 Certificate Manager under "Local Computer\Trusted Root Certifications Authorities"

Then from the iOS device we've configured the manual proxy and take our Safari browser to the Fiddler Echo Service page where we download the FiddlerRoot Certificate, installed it and finally confirmed that it is marked as "Verified"

However, when we run our application or browse to https sites from the iPad, Fiddler acknowledges the access and shows tunnel to various URLs, but there is no https decryption.

Furthermore, the Fiddler logs contains the following line repeated for each https access

• SecureClientPipeDirect failed: System.IO.IOException Authentication failed because the remote party has closed the transport stream. for pipe....

Having gone through the process a few times now, there's a fair amount of head scratching going on, What have we missed?

All help is very much appreciated.

Many Thanks

dp

Hi,

I've just started to work packet capturing and I'm confused about an issue.

When capturing the traffic from a website, I don't see the real target the requests are sent to. what's the reason? is it due to some kind of encoding or what?

Thanks

Let me know if further steps I can help troubleshoot on this. Thanks.

Hello, help me please:

how can I do this with a fiddler?

https://imgur.com/a/KI7ta45

profile for test: https://steamcommunity.com/id/_Snowy_/inventory/#730

Hello

I need help with inserting cookies through FiddlerScript. I have cookies like below which contains " inside cookie value, when I remove " from cookie value I stopped getting response from server. Now the real problem is FiddlerScript doesn't consider any cookie value outside " if I am correct. Pls help in finding some solution for me.

Hi there,

I know we don't have a GUI option to filter bodies.

I was thinking about using OnDone for hiding/filtering them.

I just need a way to get the body and a way to block this.

I'm getting too many packets. I would like Fiddler to exclude packets that have no information valuable for my analysis.

Hello

I want to see only the sessions that set or read cookies, I guess I need a script for that ?!  Any hints are usefull.

Thanks Michael