Normally I would not be asking for help with Windows XP, but I am trying to use Fiddler to capture the web traffic between a couple old appliances that require using ActiveX controls that only work on really old versions of internet explorer.  I'm using Windows XP as a VM hosted by Oracle Virtual Box.
I've installed the .NET framework full profile version 4.0 and installed the 4.0.3 patch and all related patches from Microsoft Windows Update.
When I install Fiddler, it lets me install Fiddler version 4, so I know I've got the .NET prereq met.
When I launch Fiddler, I get an error from 'Microsoft Application Error Reporting' DW20.EXE and if I click details it reads:
AppName: fiddler.exe      AppVer: 4.6.20171.26113     AppStamp:593ed566
ModName: clr.dll      ModVer: 4.0.30319.2034      ModStamp:52ccfa2b
fDebug: 0       Offset: 00342980
There are two corresponding event's generated in the Event Log's application branch, which are:
Source: .NET Runtime
Event ID: 1023
Application: Fiddler.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an internal error in
the .NET Runtime at IP 79482568 (79140000)
with exit code 80131506.
----------------------------
Source: .NET Runtime 4.0 Error Reporting
Event ID: 1000
Type: Error
Faulting application fiddler.exe,
version 4.6.20171.26113,
stamp 593ed566,
faulting module clr.dll,
version 4.0.30319.1022,
stamp 52ccf666,
debug? 0,
fault address 0x00342568.

=================================================================================
I uninstalled Fiddler v4, selected to remove all registry settings, and then used 7Zip to unzip the installer, then installed Fiddler v2.
When I launch it, I get this error when I click on the details:
AppName: fiddler.exe      AppVer: 2.6.3.48898     AppStamp:5899a1e2
ModName: mscorwks.dll      ModVer: 2.0.50727.3655      ModStamp:5266e523
fDebug: 0       Offset: 002efe54
------------------------------------------------------------------
The event log has two events in the application log, which are:
Source: .NET Runtime 2.0 Error Reporting
EventID: 1000
Type: Error
Description: Faulting application fiddler.exe,
version 2.6.3.48898,
stamp 5899a1e2,
faulting module mscorwks.dll,
version 2.0.50727.3655,
stamp 5266e523,
debug? 0,
fault address 0x002efe54.
---------------------------------------
Source: .NET Runtime
EventID: 1023
Description: .NET Runtime version 2.0.50727.3655 - Fatal Execution Engine Error (7A0BD76A) (80131506)
=====================================================================================
These are the Fiddler registry entries:
Windows Registry Editor Version 5.00
[HKEY_CURRENT_USER\Software\Microsoft\Fiddler2]
"JSEditor"="C:\\Program Files\\Fiddler2\\ScriptEditor\\FSE2.exe"
"DetectedBrowser"="errorPID"
[HKEY_CURRENT_USER\Software\Microsoft\Fiddler2\Dynamic]
"Attached"=dword:00000000
[HKEY_CURRENT_USER\Software\Microsoft\Fiddler2\ImagesMenuExt]
[HKEY_CURRENT_USER\Software\Microsoft\Fiddler2\ImagesMenuExt\PNG&Distill]
"Command"="C:\\Program Files\\Fiddler2\\Tools\\PngDistill.exe"
"Parameters"="\"{in}\" prompt"
"Types"="image/png image/x-icon image/vnd.microsoft.icon"
[HKEY_CURRENT_USER\Software\Microsoft\Fiddler2\MenuExt]
[HKEY_CURRENT_USER\Software\Microsoft\Fiddler2\MenuExt\&Sandbox]
"Command"="iexplore.exe"
"Parameters"="http://fiddler2.com/r/?FiddlerSandbox"
[HKEY_CURRENT_USER\Software\Microsoft\Fiddler2\MenuExt\&View IE Cache]
"Command"="shell:cache"
[HKEY_CURRENT_USER\Software\Microsoft\Fiddler2\UI]
"frmViewer_WState"=dword:00000002

Is it odd that the "DetectedBrowser"="errorPID" in the registry?
IE launched after the install by the installer, but was blank.  I could see two IE process IDs spawned by the Fiddler install, but they did not self close when the installer was finished installing Fiddler.  I've got IE version 8 installed.  I completely uninstalled IE8, returning me to IE6, and tried again with the same issue.  I tried installing IE8 again, and also had the same issue.

=====================================================================================
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\CDF]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\CDF\v4.0]
"WMIInstalled"=dword:00000001
"SMSvcHostPath"="C:\\WINDOWS\\Microsoft.NET\\Framework\\v4.0.30319\\"
"NetTcpPortSharingInstalled"=dword:00000001
"HttpNamespaceReservationInstalled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v1.1.4322]
"Install"=dword:00000001
"MSI"=dword:00000001
"SP"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v1.1.4322\1033]
"Install"=dword:00000001
"MSI"=dword:00000001
"SP"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v2.0.50727]
"Install"=dword:00000001
"Version"="2.2.30729"
"MSI"=dword:00000001
"Increment"="3053"
"SP"=dword:00000002
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v2.0.50727\1033]
"Install"=dword:00000001
"MSI"=dword:00000001
"SP"=dword:00000002
"Version"="2.2.30729"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v3.0]
"Install"=dword:00000001
"Increment"="01"
"Version"="3.2.30729"
"SP"=dword:00000002
"MSI"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v3.0\1033]
"Install"=dword:00000001
"SP"=dword:00000002
"MSI"=dword:00000001
"Version"="3.2.30729"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v3.0\Servicing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v3.0\Servicing\Windows Workflow Foundation]
"Install"=dword:00000001
"SPName"="SP2"
"SP"=dword:00000002
"MSI"=dword:00000001
"SPIndex"=dword:00000000
"Hotfix"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v3.0\Setup]
"Version"="3.2.30729"
"InstallSuccess"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v3.0\Setup\Windows Communication Foundation]
"ReferenceInstallPath"="c:\\Program Files\\Reference Assemblies\\Microsoft\\Framework\\v3.0\\"
"Version"="3.0.4506.2152"
"InstallSuccess"=dword:00000001
"RuntimeInstallPath"="c:\\WINDOWS\\Microsoft.NET\\Framework\\v3.0\\Windows Communication Foundation\\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v3.0\Setup\Windows Presentation Foundation]
@="Windows Presentation Foundation"
"InstallSuccess"=dword:00000001
"ProductVersion"="3.0.6920.1427"
"InstallRoot"="c:\\WINDOWS\\Microsoft.NET\\Framework\\v3.0\\WPF\\"
"Version"="3.0.6920.1427"
"WPFReferenceAssembliesPathx86"="c:\\Program Files\\Reference Assemblies\\Microsoft\\Framework\\v3.0\\"
"WPFNonReferenceAssembliesPathx86"="c:\\WINDOWS\\Microsoft.NET\\Framework\\v3.0\\WPF\\"
"WPFCommonAssembliesPathx86"="c:\\WINDOWS\\system32\\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v3.0\Setup\Windows Workflow Foundation]
"ProductVersion"="3.0.0.0"
"InstallDir"="c:\\Program Files\\Reference Assemblies\\Microsoft\\Framework\\v3.0\\"
"FileVersion"="3.0.4203.2152"
@="Windows Workflow Foundation"
"MajorBuildNum"="4203"
"InstallSuccess"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v3.5]
"Install"=dword:00000001
"MSI"=dword:00000001
"SP"=dword:00000001
"Version"="3.5.30729.01"
"InstallPath"="c:\\WINDOWS\\Microsoft.NET\\Framework\\v3.5\\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v3.5\1033]
"Install"=dword:00000001
"MSI"=dword:00000001
"SP"=dword:00000001
"Version"="3.5.30729.01"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\Client]
"Version"="4.0.30319"
"TargetVersion"="4.0.0"
"Install"=dword:00000001
"MSI"=dword:00000001
"Servicing"=dword:00000000
"InstallPath"="C:\\WINDOWS\\Microsoft.NET\\Framework\\v4.0.30319\\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\Client\1033]
"Version"="4.0.30319"
"TargetVersion"="4.0.0"
"Install"=dword:00000001
"Servicing"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\Full]
"Version"="4.0.30319"
"TargetVersion"="4.0.0"
"Install"=dword:00000001
"MSI"=dword:00000001
"Servicing"=dword:00000000
"InstallPath"="c:\\WINDOWS\\Microsoft.NET\\Framework\\v4.0.30319\\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\Full\1033]
"Version"="4.0.30319"
"TargetVersion"="4.0.0"
"Install"=dword:00000001
"Servicing"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4.0]
@="deprecated"

Under:
HKLM/SOFTWARE\Microsoft\NET Framework Setup\NDP I've got:

Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\CDF]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\CDF\v4.0]
"WMIInstalled"=dword:00000001
"SMSvcHostPath"="C:\\WINDOWS\\Microsoft.NET\\Framework\\v4.0.30319\\"
"NetTcpPortSharingInstalled"=dword:00000001
"HttpNamespaceReservationInstalled"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v1.1.4322]
"Install"=dword:00000001
"MSI"=dword:00000001
"SP"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v1.1.4322\1033]
"Install"=dword:00000001
"MSI"=dword:00000001
"SP"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v2.0.50727]
"Install"=dword:00000001
"Version"="2.2.30729"
"MSI"=dword:00000001
"Increment"="3053"
"SP"=dword:00000002
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v2.0.50727\1033]
"Install"=dword:00000001
"MSI"=dword:00000001
"SP"=dword:00000002
"Version"="2.2.30729"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v3.0]
"Install"=dword:00000001
"Increment"="01"
"Version"="3.2.30729"
"SP"=dword:00000002
"MSI"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v3.0\1033]
"Install"=dword:00000001
"SP"=dword:00000002
"MSI"=dword:00000001
"Version"="3.2.30729"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v3.0\Servicing]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v3.0\Servicing\Windows Workflow Foundation]
"Install"=dword:00000001
"SPName"="SP2"
"SP"=dword:00000002
"MSI"=dword:00000001
"SPIndex"=dword:00000000
"Hotfix"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v3.0\Setup]
"Version"="3.2.30729"
"InstallSuccess"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v3.0\Setup\Windows Communication Foundation]
"ReferenceInstallPath"="c:\\Program Files\\Reference Assemblies\\Microsoft\\Framework\\v3.0\\"
"Version"="3.0.4506.2152"
"InstallSuccess"=dword:00000001
"RuntimeInstallPath"="c:\\WINDOWS\\Microsoft.NET\\Framework\\v3.0\\Windows Communication Foundation\\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v3.0\Setup\Windows Presentation Foundation]
@="Windows Presentation Foundation"
"InstallSuccess"=dword:00000001
"ProductVersion"="3.0.6920.1427"
"InstallRoot"="c:\\WINDOWS\\Microsoft.NET\\Framework\\v3.0\\WPF\\"
"Version"="3.0.6920.1427"
"WPFReferenceAssembliesPathx86"="c:\\Program Files\\Reference Assemblies\\Microsoft\\Framework\\v3.0\\"
"WPFNonReferenceAssembliesPathx86"="c:\\WINDOWS\\Microsoft.NET\\Framework\\v3.0\\WPF\\"
"WPFCommonAssembliesPathx86"="c:\\WINDOWS\\system32\\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v3.0\Setup\Windows Workflow Foundation]
"ProductVersion"="3.0.0.0"
"InstallDir"="c:\\Program Files\\Reference Assemblies\\Microsoft\\Framework\\v3.0\\"
"FileVersion"="3.0.4203.2152"
@="Windows Workflow Foundation"
"MajorBuildNum"="4203"
"InstallSuccess"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v3.5]
"Install"=dword:00000001
"MSI"=dword:00000001
"SP"=dword:00000001
"Version"="3.5.30729.01"
"InstallPath"="c:\\WINDOWS\\Microsoft.NET\\Framework\\v3.5\\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v3.5\1033]
"Install"=dword:00000001
"MSI"=dword:00000001
"SP"=dword:00000001
"Version"="3.5.30729.01"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\Client]
"Version"="4.0.30319"
"TargetVersion"="4.0.0"
"Install"=dword:00000001
"MSI"=dword:00000001
"Servicing"=dword:00000000
"InstallPath"="C:\\WINDOWS\\Microsoft.NET\\Framework\\v4.0.30319\\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\Client\1033]
"Version"="4.0.30319"
"TargetVersion"="4.0.0"
"Install"=dword:00000001
"Servicing"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\Full]
"Version"="4.0.30319"
"TargetVersion"="4.0.0"
"Install"=dword:00000001
"MSI"=dword:00000001
"Servicing"=dword:00000000
"InstallPath"="c:\\WINDOWS\\Microsoft.NET\\Framework\\v4.0.30319\\"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4\Full\1033]
"Version"="4.0.30319"
"TargetVersion"="4.0.0"
"Install"=dword:00000001
"Servicing"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\NET Framework Setup\NDP\v4.0]
@="deprecated"
=========================================================================
I followed the recommendations at:
https://stackoverflow.com/questions/14056667/faulting-module-name-clr-dll-error-message-when-you-run-a-microsoft-net-fram/20028205#20028205
I installed the NDP40-KB2640103-x86.exe and the newer NDP40-KB2889629-x86.exe hotfixes for the .NET 4 Framework, but that didn't seem to change anything.
I also tried adding '<gcConcurrent enabled="false"/>' to the 'Fiddler.exe.config' file, but the crashing continues even with garbage collection disabled:
  <runtime>
    <generatePublisherEvidence enabled="false"/>
    <gcConcurrent enabled="false"/>
  </runtime>

I killed the 'Microsoft Application Error Reporting' DW20.EXE, so I could capture it's DMP files.  I have two DMP files, one from when launching Fiddlerv4 and another from launching Fiddlerv2.

They are on my OneDrive and can be downloaded here:
https://1drv.ms/f/s!Au7APktuLWGumgk2WndQJzoVbMTM

The files are named:
Fiddlerv4CrashOnStartup.dmp
Fiddlerv2CrashOnStartup.dmp

Please let me know what further steps I can do to aid in resolving this issue.

Thank you,

-=Tyson Flint

It would be really great if you could export the request inspector to a cURL request where a user can repeat the request or send the cURL string to others for testing.  PostMan provides a code pull-down menu that allows the user to export the http request to a variety of formats like a c# (restSharp), cURL, Python, etc.  

I realize it may be too much to expect all of the exports that PostMan supports.  However, cURL is the one that I needed the most in all my years of using Fiddler.  Frequently we need to send the original or modified request in the inspector to a colleague to try. 

Hi,

I've got W2012R2 with WPF app. This WPF app makes wrong HTTP call to a WCF service. However, when I run Fiddler on this local machine, I see no packets from this app. Moreover, Fiddler doesn't show this WPF app in available processes for intercepting. How can I make Fiddler intercept all HTTP traffic from a WPF app?

Hi,

I am using fiddlercore to analyze network traffic. Now I want to store the session recorded in a HAR file and load it later from the HAR file itself.

I am able to save the session in a SAZ file and load the same session later from SAZ file.

So, is there a way to convert SAZ file to HAR file.

OR

Store all session as HAR file.

And, load the session recorded from HAR file.

Thanks in advance !!

Regards,

Kallol Ghose

Hi,

I am using FiddlerCore to perform the below functions in order

     - Running fiddler core and storing the sessions in a SAZ file

     - Uploading the SAZ file and load sessions

     - Using autoresponder to respond to a session from the loaded session(if it exists)

I am using the following code to auto-respond

foreach (Session loadedSession in loadSessions)
                {
                    if (loadedSession.fullUrl.Equals(oS.fullUrl))
                    {
                        Console.WriteLine("Session Available in Loaded Session");
                        oS.utilCreateResponseAndBypassServer();
                        oS.requestBodyBytes = loadedSession.responseBodyBytes;
                        oS.oResponse.headers = loadedSession.oResponse.headers;
                        break;
                    }
                }

Where loadSessions are loaded from SAZ file

But I am not getting receiving any response if i open the pages for which the session have been loaded.

What am I doing wrong and what should be the correct approach.

Thanks in advance !!!!

Whenever I surf into example.com/*/* (as in 1 folder deep), I want the referer to be bla.com instead of the real referer.

Can you assist in how to create such a rule?

Thanks!

I am using PKI for my web application. From the browser i am able to select the client certificate and website is working fine. I want to debug our website through Fiddler. But through fiddler i am unable to send the client certificate to server. I modified fillder's CustomeRules.js file as below.

static function OnBeforeRequest(oSession: Session)
{
oSession["https-Client-Certificate"] = "E:\\Cer\\AuthCer.cer";
//Other Code....
}

But still no change. I am getting below error in chrome
This site can’t be reached.

Please help me to solve this issue

Hi,

I have big issue with fiddler in Windows Server 2012 and IE 11.

When I run fiddler, it offers me WinConfig option to click from top left corner but it throws errors:

Unable to use NetIsoEnumAppContainers to get AppContainer list.
ErrorCode: 0x0
Attempting manual registry crawl; some information will be unavailable.

I am receiving error: Failed to get AppContainer info   as WinConfig action.

My Windows Firewall Service in services.msc is started and windows firewalls for  domain, public and private network are off.

I read that for someone starting the Windows Firewall Service resolved the issue but it is already started on my server.

I read on internet:

https://blogs.msdn.microsoft.com/fiddler/2011/12/10/revisiting-fiddler-and-win8-immersive-applications/

https://mymemorysucks.wordpress.com/2013/11/12/issues-with-fiddler-on-windows-8-1-and-ie-11/

https://blogs.msdn.microsoft.com/fiddler/2011/12/10/revisiting-fiddler-and-win8-immersive-applications/

What else should I do how to resolve it?

Thanks

Hello.

I would like to understand the meaning of the statistics tab.

It is clear to me what is the request count, Bytes and Bytes received, but are the bytes from the sent/received from my ? Or does it refer to all the bytes generated after the request left my ?

Request Count:   1
Bytes Sent:      182 (headers:182; body:0)
Bytes Received:  183 (headers:183; body:0)
Tunnel Sent:     841
Tunnel Received: 5.880

What means the yellow highlight color on the Fiddler2?

All this calls are for images and those 2 in yellow are not presented on Internet Explorer 11 (but ok on Chrome, Firefox and Edge).
Searching the Fiddler's documentation

"The default text coloring of the Session entries derives from the HTTP Status (red for errors, yellow for authentication demands)"

This says text coloring so I don't know if it is the same 'yellow', because there is no problem in authentication...