Questions on Fiddler Forum

1 answer

149 views

FiddlerCore - SSL Prompt every program launch

hey telerik,

I have been using fiddler core for a while now and the problem I've been having (which only recently started happening) is that when I try to capture/decrypt SSL with 'CertMaker.TrustRootCert();' it prompts me each time to install the certificate. I have used this code before and this has never happened.

This is my startup code if you need it >

CertMaker.trustRootCert();
FiddlerApplication.Startup(8877,FiddlerCoreStartupFlags.Default);
oSecureEndpoint = FiddlerApplication.CreateProxyEndpoint(iSecureEndpointPort, true, sSecureEndpointHostname);
FiddlerApplication.BeforeRequest += encodeOnReq;

thanks, xev

FiddlerCore

answered on 20 Feb 2018

1 answer

416 views

HTTPS traffic not captured using FiddlerCore on Linux

01.

public class ProxyConfig

02. {

03. private const string SecureEndpointHostname = "localhost";

04. private readonly int _secureEndpointPort = 18888;

05.

06. private static readonly ICollection<Session> AllSessions = new List<Session>();

07.

08. private static Fiddler.Proxy _secureEndpoint;

09.

10. private static readonly LoggerCnx Logger = new LoggerCnx();

11.

12. public void SetupProxyListener()

13. {

14. // This is a workaround for known issue in .NET Core - https://github.com/dotnet/coreclr/issues/12668

15. CultureInfo.DefaultThreadCurrentUICulture = new CultureInfo("en-US");

16.

17. FiddlerApplication.BeforeRequest += session =>

18. {

19. // In order to enable response tampering, buffering mode MUST

20. // be enabled; this allows FiddlerCore to permit modification of

21. // the response in the BeforeResponse handler rather than streaming

22. // the response to the client as the response comes in.

23. session.bBufferResponse = false;

24. lock (AllSessions)

25. {

26. AllSessions.Add(session);

27. }

28. };

29.

30. Logger.Info($"Starting {FiddlerApplication.GetVersionString()}...");

31. CONFIG.IgnoreServerCertErrors = true;

32. CONFIG.bCaptureCONNECT = true;

33.

34. FiddlerApplication.Prefs.SetBoolPref("fiddler.network.streaming.abortifclientaborts", true);

35.

36. FiddlerCoreStartupFlags startupFlags = FiddlerCoreStartupFlags.Default;

37. startupFlags = (startupFlags | FiddlerCoreStartupFlags.DecryptSSL);

38.

39. FiddlerApplication.Startup(BaseConfiguration.ProxyPort, startupFlags);

40.

41. Logger.Info("Created endpoint listening on port {0}", BaseConfiguration.ProxyPort);

42.

43. Logger.Info("Starting with settings: [{0}]", startupFlags);

44. Logger.Info("Gateway: {0}", CONFIG.UpstreamGateway.ToString());

45.

46. // Create a HTTPS listener, useful for when FiddlerCore is masquerading as a HTTPS server

47. // instead of acting as a normal CERN-style proxy server.

48. _secureEndpoint = FiddlerApplication.CreateProxyEndpoint(_secureEndpointPort, true, SecureEndpointHostname);

49. if (null != _secureEndpoint)

50. {

51. Logger.Info("Created secure endpoint listening on port {0}, using a HTTPS certificate for '{1}'", _secureEndpointPort, SecureEndpointHostname);

52. }

53. }

54.}

Trying to capture all traffic from browser using FiddlerCore using the .NetStandard libraries. Above is what I have.

Everything seems to work fine on Windows, all traffic is captured, HTTP and HTTPS. The problem arises when I'm trying to do the same when running the code on Linux (tried it on both VM and Linux conainer, Ubuntu 16.04). Any idea what I'm I'm missing?

Linux

answered on 19 Feb 2018

3 answers

451 views

Customize rules window not opening - xdg-open: unexpected argument

Fiddler working well except I cannot create customize rules (want to implement force CORS response)

When selecting Customize Rules from the menu nothing appears to happen.

Checking the console i can see the following error:

xdg-open: unexpected argument '/home/patrick/Fiddler2/Scripts/CustomRules.cs'
Try 'xdg-open --help' for more information.

This message tells me fiddler is looking for the CustomRules.cs in the wrong location (basically under my HOME directory). Fiddler is installed in /home/tools/fiddler not my HOME directory.

Have I missed setting some environment variable (FIDDLER_HOME) or something.

Thanks in advance.

Linux

answered on 18 Feb 2018

0 answers

322 views

Fiddler Silent Install

I am trying to do a silent package for Fiddler 5 , latest version and I am using
FiddlerSetup.exe /S to do the silent install , it installs but it installs in c:\user folder and I want it to install in c:\programfiles folder , Is there a way to get .msi file instead of .exe ? I did not had any issues in previous version of fiddler. Please let me know any suggestions ?

Windows

asked on 14 Feb 2018

1 answer

618 views

Fiddler 'fixes' client certificate prompt - why?

Hi everyone...

I'm posting here partly out of desperation and partly because I've hit the upper limit of my knowledge and need to understand the issue I'm facing.

I have several users at my company who are based in Luxembourg and access a banking application that authenticates them via client certificates loaded from a smart card. A couple of weeks ago, Internet Explorer stopped prompting them for their client certificate when they navigate to the login page for the application.

Users at our London office who use the same application are not seeing this issue.

After a couple of days of troubleshooting using various methods I installed Fiddler to attempt to gain some insight into the https transaction/ssl handshake to try and see where the problem is.

Prior to this, using Wireshark to analyse the transaction I can tell that the Certificate Request is making it through to the workstation, along with the list of CAs trusted by the server. The client certificate is valid and present, as is the Root CA and Intermediate CA that issued the client Cert.

However, Internet Explorer 11 refuses to prompt the user to select the valid certificate and therefore they are unable to access the application.

Where it gets interesting is that as soon as I run Fiddler and fire up the login page again, it behaves exactly as I would expect, and the client certificate prompt appears. Note that this behaviour is exhibited without a client certificate specified in Fiddler and with HTTPS decryption turned off. I feel like if I can get to the bottom of why exactly this works, I might be able to solve the main issue - but I'm at a dead end.

I would greatly appreciate any advice on what to look for next. When Fiddler is proxying the traffic, the issue goes away and IE prompts for the client cert. As soon as I turn it off, it stops again.

I have read nearly every post online I can find about client certificate prompts, etc, including many written by Eric. However I just cannot seem to get to the bottom of why it's not happening.

Many thanks in advance.

Windows

answered on 13 Feb 2018

0 answers

84 views

ClamAV

Can someone please tell me what all Linux versions does ClamAV support?

Fiddler Classic

asked on 06 Feb 2018

0 answers

100 views

Exception when connecting iphone to fiddler by remote

Fiddler keeps giving me this error when I'm trying to connect to fiddler running on my PC via an iPhone which is connected to the same network:

---------------------------
Uncaught Exception in Session #2775
---------------------------
Fiddler has encountered an unexpected problem. If you believe this is a bug in Fiddler, please copy this message by hitting CTRL+C, and submit a bug report at http://www.telerik.com/forums/fiddler.

No such host is known

Type: System.Net.Sockets.SocketException
Source: System
at System.Net.Dns.HostResolutionEndHelper(IAsyncResult asyncResult)

at System.Net.Dns.EndGetHostAddresses(IAsyncResult asyncResult)

at System.Threading.Tasks.TaskFactory`1.FromAsyncCoreLogic(IAsyncResult iar, Func`2 endFunction, Action`1 endAction, Task`1 promise, Boolean requiresSynchronization)

--- End of stack trace from previous location where exception was thrown ---

at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()

at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)

at FDTrace.FiddlerExtension.ControlPlane.ControlPlaneAccessor.<ResolveDomainAsync>d__4.MoveNext() in d:\dbs\sh\anfe\0907_182501\cmd\23\src\frontdoor\tools\fdtracefiddlerextension\dev\ControlPlane\ControlPlaneAccessor.cs:line 93

--- End of stack trace from previous location where exception was thrown ---

at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()

at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)

at FDTrace.FiddlerExtension.ControlPlane.ControlPlaneAccessor.<GetControlPlaneResourceAsync>d__3.MoveNext() in d:\dbs\sh\anfe\0907_182501\cmd\23\src\frontdoor\tools\fdtracefiddlerextension\dev\ControlPlane\ControlPlaneAccessor.cs:line 73

--- End of stack trace from previous location where exception was thrown ---

at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()

at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)

at FDTrace.FiddlerExtension.FiddlerExtension.GetControlPlaneResource(String host) in d:\dbs\sh\anfe\0907_182501\cmd\23\src\frontdoor\tools\fdtracefiddlerextension\dev\FiddlerExtension.cs:line 396

at FDTrace.FiddlerExtension.FiddlerExtension.AutoTamperResponseAfter(Session oSession) in d:\dbs\sh\anfe\0907_182501\cmd\23\src\frontdoor\tools\fdtracefiddlerextension\dev\FiddlerExtension.cs:line 255

at Fiddler.FiddlerExtensions.(Session ) in C:\JenkinsHome\jobs\FiddlerReleaseBuild\workspace\Fiddler2\Common\Application\Extensions.cs:line 866

at Fiddler.Session.() in C:\JenkinsHome\jobs\FiddlerReleaseBuild\workspace\Fiddler2\Common\Core\Session.cs:line 3973

at Fiddler.ServerChatter.() in C:\JenkinsHome\jobs\FiddlerReleaseBuild\workspace\Fiddler2\Common\Core\ServerChatter.cs:line 1520

at Fiddler.ServerChatter.() in C:\JenkinsHome\jobs\FiddlerReleaseBuild\workspace\Fiddler2\Common\Core\ServerChatter.cs:line 1474

at Fiddler.Session.() in C:\JenkinsHome\jobs\FiddlerReleaseBuild\workspace\Fiddler2\Common\Core\Session.cs:line 3651

at Fiddler.Session.(Object ) in C:\JenkinsHome\jobs\FiddlerReleaseBuild\workspace\Fiddler2\Common\Core\Session.cs:line 3426

Fiddler v5.0.20173.50948 (x64 AMD64) [.NET 4.0.30319.42000 on Microsoft Windows NT 10.0.14393.0]
---------------------------
OK
---------------------------

Windows

asked on 05 Feb 2018

2 answers

454 views

Fiddler is not capturing traffic for Qt Applications

We have developed a Qt application and it is connecting to a wcf service hosted in remote location. I want to monitor the Http request using fiddler. but fiddler is not capturing the request. Am I missing any configuration. I am using fiddler with default configuration.

Windows

answered on 02 Feb 2018

1 answer

993 views

The remote certificate is invalid according to the validation procedure.

I set my app to proxy traffic through fiddler by adding the following in web.config

<system.net>

As soon as I've done that, I get the following error

The remote certificate is invalid according to the validation

...specifically on a connection to windows azure service bus - but don't think that's relevant to this question

I've re-generated the certs, exported root cert, trusted it etc...

Just can't get past this error!

Windows

answered on 01 Feb 2018

2 answers

538 views

Dumping Data From Fiddler in HTTP Archive Format

Hey,

I am trying to dump data to a file automatically. I have added the following in " OnBeforeResponse" of fiddler script.

if (oSession.url.Contains("?_ctrl-state=")) {

var directory: String = "D:\\me\\usefull\\data";

var path: String = System.IO.Path.Combine(directory, Guid.NewGuid() + ".json");

oSession.utilDecodeRequest();

oSession.utilDecodeResponse();

oSession.SaveSession(path , false);

}

But when I do File>ExportSession>SelectedSession i can see list of file formats in which the same session data can be stored. Is there any way that i can save the file in HTTP Archive format using the script.

Thanks

Alle

Fiddler Classic

answered on 29 Jan 2018