Hi, i'm trying to use Fiddler to test SMTPS communication through a Proxy Tunnel, in the following manner :

- The client exec an Http Connect command in order to establish a tunnel to the destination SMTP server on port 465.

- After the connect succeed, the client starts talking with the server through the created tunnel like a normal SMTPS connection.

This is working successfully if the "decrypt HTTPS traffic" option is disabled.

When the option is enabled and the interception certificate is created, the client - SMTP communication is shut down all of a sudden.
After further analysis, it turned out that the SMTP server actually replies correctly to the proxy with the classic "Service Ready" message, but for an unknown reason the message never reach the client (it seem that Fiddler is not passing it to the Proxy-Client connection). So i am wondering if Fiddler applies some kind of filter to Non-HTTP traffic once the decryption is activated. Is this the case ?

 

Thank you

 

 

I have a rule my fiddlerscript that does the following

if (oSession.utilFindInRequest("mything",false) > 1) {
.SaveResponseBody("c:\\myjson\\" + oSession.SuggestedFilename);
}

It works PERFECTLY well. It saves a the file as TXT, but inside the file it is a JSON, valid JSON. So I use a programm I made in C# that basically reads the files on this folder, and POSTS it to a PHP script I have and this PHP inserts into a mysql database.

 

But I would like to make Fiddler inject direct into my website. So I tried some workaround like creating a XMLRequest inside my rule in fiddlerscript

 

fb1 = new ActiveXObject("MSXML2.ServerXMLHTTP.3.0");

[blablabla]

And it works (does create the request)

but my PHP gets the request corrupted (because the json have some # and & and empty stuff etc). The problem is probably with the XMLHTTP3.0.

 

So I am trying to have my RESPONSEBODY encoded as base64 or something else, and Eric once posted the following for a different user

 

"nstead, keep the bytes as bytes

        // Remove chunking & compression
oS.utilDecodeResponse(); 

        // Get raw bytes
        byte[] arrBody = oS.responseBodyBytes;

        // Convert to base64
        string sBase64 = Convert.ToBase64String(arrBody);"

 

But I cannot use this line (        byte[] arrBody = oS.responseBodyBytes;  ) it does not compile.

also when I base64 encode using

var obytes = System.Text.Encoding.UTF8.GetBytes(oSession.responseBodyBytes);

var base64 = Convert.ToBase64String(obytes);

 

if I log this base64 var to CONSOLE (Fiddler) and then Decode, it works well (Valid JSON) but if I use once again my XMLHTTPREQUEST it corrupts the JSON.
The problem is with the XMLHTTPREQUEST then, how do I inject a valid JSON from Fiddlerscript to my PHP page? without messing it up because once again, my JSON has symbols like # and a lot of \/ (slashes) that the XMLHTTPREQUEST removes.

 

Hi All,

I am using a Fiddler Script to rewrite a URL and it was working fine in Fiddler v4.6.20171.9220. Once I upgraded to Fiddler v4.6.20171.14978 the script stopped working. When I verified the parameters response, I saw that oSession.PathAndQuery was not returning correct value. All below properties are returning only the Host information but not the full Url of the Request.

oSession.fullUrl
oSession.PathAndQuery
oSession.url

 

Can anyone please help if the same issue is noticed and any resolution for the same?

 

Thanks In Advance.

Hi folks,

some days ago I was debugging an application with fiddler and saw it's request in fiddler, everything was fine.

I was also able to write a simple application which was sending requests to this application and got the expectated answers.

 

Today, I wanted to debug again to check out some new stuff, sadly I'm no longer receiving any requests in fiddler (btw, the application had an update), but my application is still working, so the web service is still active and running.

 

I tried different things and settings but fiddler is no longer able to receive the traffic. Afaik, this is no .NET application.

 

When I'm running "tasklist /m" in console, I get the following output for my application: ntdll.dll, wow64.dll, wow64win.dll, wow64cpu.dll

 

Anyone, any idea what else I can do/try so that fiddler can receive the requests again?

 

Greetings

Kai

Hello,

I need to move fiddler from a PC to another, I use fiddler from remote machine,

Not a big deal, I have installed fiddler to the new PC,

But, how can I transfer the certificate to avoid need to reinstall this certificate to all client PC ?

Where is the certificate location ?

Kind regards,

Pascal

v4.6.20171.9220 Built: Wednesday, February 08, 2017  64-bit AMD64, VM: 82.0mb, WS: 114.0mb .NET 4.6.1 WinNT 6.1.7601 SP1

Running on: my-pc-name:8888
Listening to: All Adapters
Gateway: No Gateway

If I use the "show traffic from a process" filter, all traffic is filtered. I see no traffic and if I turn on troubleshooting everything is showing overstrike. If I remove the process filter I see all traffic.  In the filters tab "Use Filters" is not checked. I have tried all the troubleshooting suggestions I can find with no luck.

 

Thanks, John

I am told that we could send transactions to fiddler in TLS 1.x and fiddler then would forward transactions in TLS 2.0 to payflowpro.paypal.com.  payflowpro.paypal.com would then return TLS transactions to fiddler and fiddler then would return the transaction to our Ecommerce platform.

Where do I start with this?

Thanks,

Mike

Hi, Eric：

I have two questions. The first is as title. 

The second is: Will OnBeforeResponse be fired if the session has hidden?

Thx a lot!

I have Fiddler v4.6 20171.14978 and ever since upgrading from an older build I cannot capture secure traffic anymore.

I have the option set to Capture HTTPS CONNECTs > Decrypt HTTPS traffic and installed the requested certifications but still no luck.

 

Any ideas? 

 

Thank you!

I am developing IPhone app, I want to use Fiddler to monitor the traffic to identity some request being sent from my app. 

I am using latest FiddlerCore with the following flag set:

var flags = FiddlerCoreStartupFlags.DecryptSSL
                | FiddlerCoreStartupFlags.MonitorAllConnections
                | FiddlerCoreStartupFlags.AllowRemoteClients
                | FiddlerCoreStartupFlags.ChainToUpstreamGateway
                | FiddlerCoreStartupFlags.CaptureLocalhostTraffic;

And i am only collecting the session when AfterSessionComplete raise.

Now what i found is, it seems when i have fiddler core running, it adds some delay into all the traffic during when fiddler is monitoring the traffic. Specially when i am simulating 3G network condition on IPhone developer. 

I used side by side comparison with same network condition on 2 IPhone, one with fiddlercore and one without. I can clear see the one with fiddlercore has slow traffic (results takes longer to load).

I am not sure what is going on. I am trying to see if i missed something when i startup the fiddlercore ?

 

Thanks