I am attempting to create a plugin to allow the WebTest export to enable me to achieve the following:

1. Add the ReportingName to each WebTest request from using a combination of form element values.
2. Replace a value with a WebTest parameter: {{exampleParameter}}

Current issue:
1. I can't seem to retrieve the ReportingName setter from the IFiddlerWebTestPlugin interface?
2. I believe I can do this with current functionality as it's a simple transform from one value to another prior to saving the request.

Any help gratefully received.

I have attached a simple WebTest file with a snippet below (you'll need to convert the .jpeg to a .webtest (or .txt).

WebTest snippet:

  <Items>
    <Request Method="GET" Guid="c2bdeaaa-352c-4835-ad7b-ea7d723cdfa8" Version="1.1" Url="http://www.google.co.uk/" ThinkTime="0" Timeout="300" ParseDependentRequests="True" FollowRedirects="True" RecordResult="True" Cache="False" ResponseTimeGoal="0" Encoding="utf-8" ExpectedHttpStatusCode="0" ExpectedResponseUrl="https://www.google.co.uk/?gws_rd=ssl" ReportingName="Navigate to Google" IgnoreHttpStatusCode="False">

Not sure whether this is a bug or I'm doing something wrong:

In composer's scratchpad, I have successfully issued a couple of requests to the same host (lets call it host1) with different paths and queries. Now I copy/paste one of those requests and edit it to point to host2 and also slightly change the path. I select this request in scratchpad and click "execute". The request is issued with the right path etc. but still using host1 instead of host2.

Even updating and restarting Fiddler couldn't change this behavior. It's still using host1.

Now what do i do?

Thanks!

I followed these instructions to be able to capture https traffic from my tomcat (7.0.59) server, but with the -Djavax.net.ssl.trustStore and -Djavax.net.ssl.trustStorePassword options, I keep on getting:
Servlet.service() for servlet [dispatcher-tiles] in context with path [] threw exception [Handler processing failed; nested exception is java.lang.OutOfMemoryError: PermGen space] with root cause
java.lang.OutOfMemoryError: PermGen space

in certain situations, removing the two options, and closing Fiddler, makes everything fine again.

Any advice on how to proceed with this issue?

/Pär

Hi,

We are want to use Oracle 10g Express Edition, but after installation this software, IE browser sends message Fiddler Echo Service (display screenshot is in attachment). There are 20 PC's in lab network and Fiddler or any other proxy software not installed.

What's wrong?


Regards,
Daniel

After installing Fiddler on the client PC, and enabling capture, websites are not loading and giving error 404.
It works on my own system but not the user I am trying to assist.
What should I check?

Hello,
I was was capturing some traffic from a users environment and see some info which is unclear
under host: "tunnel to" and then under url: xxxx.com:443 
someone told me that means an https connection
but the protocol shows http not https
would this indicate the user's connection is via a corporate proxy or that type of connection or is the connection indeed https - if so why would fiddler show http and not https?
Thanks,
Andy
 

My objective is to capture and decrypt all incoming https traffic(specifically just a 2 rest api url end points) to a asp mvc website on an IIS 7.5 webserver.

steps I've completed
1. I've unbinded the website from 443 and moved it to 444.
2. I altered the fiddlercore(4.4.9.8) sample demo to just have a secure listener on port 443 and display the request headers in  a windows form application.
3. I've attached the server's real certificate using Proxy.AssignEndpointCertificate(x509Certificate2). I've confirmed the attached certificate was found by messagebox 

of the thumbprint. here is the code

oSecureEndpoint = FiddlerApplication.CreateProxyEndpoint(iSecureEndpointPort, true, sSecureEndpointHostname);
if (isCertFound) {
oSecureEndpoint.AssignEndpointCertificate(x509Certificate2);
}

4. I've written the logs to a text file and I see : 
a. /Fiddler.CertMaker> Using Fiddler.DefaultCertificateProvider+MakeCertEngine for certificate generation
and
b. !SecureClientPipeDirect failed: System.NotSupportedException The server mode SSL must use a certificate with the associated private key. on pipe to (CN=*.ourdomain.com, OU=Domain Control Validated)


things i don't get
1. how does the fiddlercore app know to send the forward requests to port 444 (of the website). How do i specify this? If I don't specify this, where does it go?
2. What is causing the !secureclientpipdirect failed from 4b above?

Hello Eric ,

Thanks for bring us Fiddler. It's pretty useful.

Here is the problem:

 if (oSession.HostnameIs("www.test.com"))  { 
            oSession.utilDecodeResponse();
             if (oSession.utilFindInResponse("cacheKey",false) > -1){ 
                    var oBody = oSession.GetResponseBodyAsString (); 
                    var regex =/value=\"(.*)\" id=\"cacheKey/i;
                    if(oBody.match(regex)){
                        MessageBox.Show("AAAA" );
                        var cachekey = RegExp.$1;            // <--------------------   Error Line
                      }

Every time i save it, fiddler report :

Object doesn't support this property or method.

I try many times but the problem is still here.

Could you help me?  thanks anyway!


        

Hi,

I have a .net web application and deployed on my localhost IIS. And my .net web application make queries to server.
 How can I use fiddler to capture the HTTP traffic made between my IIS .net and the outside server?

I find this link:

https://mgrowan.wordpress.com/2015/02/19/capture-iis-network-traffic-in-fiddler/

I don't see  web.config in my project. 

Hi,
I'm using NTLM authentication in my site .
I'm trying to find out how can I extract the User Name sent to the server by the client.
After reading MS article  (https://msdn.microsoft.com/en-us/library/windows/desktop/aa378749%28v=vs.85%29.aspx) I thought that the User Name is sent from the client after the first 401 challenge the server sends. (which means the scond request the client initiates)
However , when looking in Fiddler I have realized that the second request from the client (after the first 401) did not include the User Name
Only the third request (ending with 200 status code) included the User Name (as plain Text).
Can you please explain ?
_________________________________________________
First Request ended with 401 ;
No Proxy-Authorization Header is present.

No Authorization Header is present.
_________________________________________________



_________________________________________________
Second request ended with 401 (challenge from server)

No Proxy-Authorization Header is present.

Authorization Header is present: Negotiate
4E 54 4C 4D 53 53 50 00 01 00 00 00 97 82 08 E2  NTLMSSP.....—‚.â
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
06 02 F0 23 00 00 00 0F                          ..ð#....        


-[NTLM Type1: Negotiation]------------------------------
Provider: NTLMSSP
Type: 1
OS Version: 6.2:9200
Flags: 0xe2088297
Unicode supported in security buffer.
OEM strings supported in security buffer.
Request server's authentication realm included in Type2 reply.
Sign (integrity)
NTLM authentication.
Negotiate Always Sign.
Negotiate NTLM2 Key.
Supports 56-bit encryption.
Supports 128-bit encryption.
Client will provide master key in Type 3 Session Key field.
Domain_Offset: 0; Domain_Length: 0; Domain_Length2: 0
Host_Offset: 0; Host_Length: 0; Host_Length2: 0
Host: 
Domain: 
------------------------------------



_________________________________________________
third request ended with 200

No Proxy-Authorization Header is present.

Authorization Header is present: Negotiate
4E 54 4C 4D 53 53 50 00 03 00 00 00 18 00 18 00  NTLMSSP.........
80 00 00 00 18 00 18 00 98 00 00 00 06 00 06 00  €.......˜.......
58 00 00 00 0C 00 0C 00 5E 00 00 00 16 00 16 00  X.......^.......
6A 00 00 00 10 00 10 00 B0 00 00 00 15 82 88 E2  j.......°....‚ˆâ
06 02 F0 23 00 00 00 0F 6F 4B 84 5D 4A 6A 67 C5  ..ð#....oK„]JjgÅ
49 E7 9B E6 ED D5 B9 9F 47 00 45 00 52 00 73 00  Iç›æíÕ¹ŸG.E.R.s.
6B 00 61 00 72 00 6E 00 69 00 53 00 4B 00 41 00  k.a.r.n.i.S.K.A.
52 00 4E 00 49 00 2D 00 4D 00 4F 00 42 00 4C 00  R.N.I.-.M.O.B.L.
26 FB C4 DC FC BE 0B 6A 00 00 00 00 00 00 00 00  &ûÄÜü¾.j........
00 00 00 00 00 00 00 00 64 0B 2C 82 FA 33 05 17  ........d.,‚ú3..
CF 6D 43 44 06 C0 F0 50 5D EA E3 E5 34 69 38 B4  ÏmCD.ÀðP]êãå4i8´
E8 F1 E0 A5 46 72 6F CF D3 36 4A 25 BB 0D DF 16  èñà¥FroÏÓ6J%».ß.


-[NTLM Type3: Authentication]------------------------------
Provider: NTLMSSP
Type: 3
OS Version: 6.2:9200
Flags: 0xe2888215
Unicode supported in security buffer.
Request server's authentication realm included in Type2 reply.
Sign (integrity)
NTLM authentication.
Negotiate Always Sign.
Negotiate NTLM2 Key.
Target Information block provided for use in calculation of the NTLMv2 response.
Supports 56-bit encryption.
Supports 128-bit encryption.
Client will provide master key in Type 3 Session Key field.
lmresp_Offset: 128; lmresp_Length: 24; lmresp_Length2: 24
ntresp_Offset: 152; ntresp_Length: 24; ntresp_Length2: 24
Domain_Offset: 88; Domain_Length: 6; Domain_Length2: 6
User_Offset: 94; User_Length: 12; User_Length2: 12
Host_Offset: 106; Host_Length: 22; Host_Length2: 22
msg_len: 176
Domain: GER
User: skarni
Host: SKARNI-MOBL
lm_resp: 26 FB C4 DC FC BE 0B 6A 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
nt_resp: 64 0B 2C 82 FA 33 05 17 CF 6D 43 44 06 C0 F0 50 5D EA E3 E5 34 69 38 B4
------------------------------------

_________________________________________________