Hello, I'm having an issue where Fiddler and FiddlerCore are missing specific HTTP traffic.

I'm using both to determine where video players keep their video files by tracing the HTTP requests and issue takedowns on those locations. Problem is starting from at least last week, I am not seeing the requests/responses for these video files from a single website that I was once able to see in Fiddler or using FiddlerCore in my C# applications. I am seeing all other HTTP traffic, I have no filters on, and the missing requests are not HTTPS.

An example URL is: http://megashare.im/watch-bhaag-milkha-bhaag-2013-online-free-megashare.html

The video player on this page will make a HTTP request once clicked:


Both Fiddler and FiddlerCore do not capture this request or its response. I was able to get the missing request by using WireShark:


I have noticed that when navigating to the example URL the Fiddler GUI logs many errors in this format:


And FiddlerCore is also returning errors when I'm attempting to parse the Sessions when navigating to the example URL using Selenium in my C# application:


I'm not exactly sure why Fiddler isn't able to fully capture these video source URLs, but any help would be appreciated.

Thanks,
Anthony

Same IOS app, exactly same operation；  request a new task .

 

When I connect the phone to the fiddler run on a window XP PC, got a code say:  it generate the task locally, server response confirm message, then the app got the task.

 

When I connect the phone to the fiddler run on a windows 10 PC, got a code say:  send a request to server, server response and  generate the task, then the app got the task.

 

How could this happen? Is this a bug? The actually code should be  server generate the task.

Hi

I need to run on my computer (win7/win10) an IE session with a different account (start IE with Run As and authenticate). Is it possible to capture the traffic from that IE session with Fiddler? Running Fiddler with the other account does not work, it does not capture anything (I remember his was working a long time ago...)

If some configuration is needed in IE to make this work, can this be done "automatically" (meaning that it would not disrupt the way the browser works when Fiddler is not capturing)?

Hello,

I'm using Fiddler to intercept Java HTTPS traffic. This was accomplished by using the Fiddler Root certificate to create a keystore file which is read by the JVM.

It works fine in Fiddler GUI, but in a FiddlerCore application, the connections are not going through.

I am just wondering if I need to set the cert in FiddlerCore, or something similar to get this to work.

Hello,

I'm using Fiddler in order to check server response time on an app we develop. (ios and android)

IOS worked fine, but on Android we had some problems.

http://docs.telerik.com/fiddler/Configure-Fiddler/Tasks/ConfigureForAndroid

I completed this guide, and i could capture all the traffic from mobile web. When we tried to enter any mobile android app the app pages did not load. (stuck on the loading screen...)

Happened in various android devices and apps.

Thanks,

Yoav

I configured fiddler to redirect all https traffic destined to oldURL.com to newURL.com, using the below fiddlerscript sample from the Telerik Fiddler documentation.

This has been working fine for several months. Today I attempted to execute the same monthly process, but this time it failed.
After some investigation I noticed that fiddler is returning a certificate with the wrong CN
A quick test in Chrome shows that when browsing to https://oldURL.com, fiddler returns a certificate with a subject of CN=newURL.com

This causes the handshake to fail with my application, and the montly process to abort.

I can only assume that this issue crept in when I updated Fiddler last month to: v5.0.20181.14850 for .NET 4.6.1

I have now worked around this by also adding oSession["X-OverrideCertCN"] = "oldURL.com";

What is the correct way to redirect HTTPS request & Tunnel, whilst still providing a correctly named certificate to the client application?

 

https://docs.telerik.com/fiddler/KnowledgeBase/FiddlerScript/ModifyRequestOrResponse

Just wondering if it's possible to use Fiddler to get an idea of what is going on through a FiddlerCore program.

Ideally something like: Client -> Fiddler -> FiddlerCore -> Server

Hi,

After importing PCAP for file extraction and analysis, I've noticed that Fiddler saves the file matching the file size to the content-length from the response headers entity with NULL bytes .  When manually carving a file from PCAP and removing the headers, the file requested actually end up being an incomplete download. Is this something that Fiddler does by default?  Is there a way to turn this feature off?  Thank you.

Greetings Fellow Fiddlers

 

We've used Fiddler successfully for a while to intercept and decrypt https traffic from our iOS application (11.0.2) without any problems. However, it became necessary to move to a new Windows-10 VMWare installation. We also took the opportunity to install Fiddler 5.0.2018.1.14850.

 

We've gone through the various options to "Allow remote computers to connect" and "Decrypt HTTPS". We've also downloaded and run the FiddlerCertMaker. We can see that Fiddler reports that certificates are now generated by "BCCertificateMaker.BCCertificateMaker from CertMaker.dll" and we see the Fiddler "DO_NOT_TRUST_FiddlerRoot" certificate in the Windows-10 Certificate Manager under "Local Computer\Trusted Root Certifications Authorities"

 

Then from the iOS device we've configured the manual proxy and take our Safari browser to the Fiddler Echo Service page where we download the FiddlerRoot Certificate, installed it and finally confirmed that it is marked as "Verified"

 

However, when we run our application or browse to https sites from the iPad, Fiddler acknowledges the access and shows tunnel to various URLs, but there is no https decryption.

 

Furthermore, the Fiddler logs contains the following line repeated for each https access

• SecureClientPipeDirect failed: System.IO.IOException Authentication failed because the remote party has closed the transport stream. for pipe....

Having gone through the process a few times now, there's a fair amount of head scratching going on, What have we missed?

 

All help is very much appreciated.

 

Many Thanks

 

dp

Hi,

I've just started to work packet capturing and I'm confused about an issue.

When capturing the traffic from a website, I don't see the real target the requests are sent to. what's the reason? is it due to some kind of encoding or what?

Thanks