or
1 answer
95 views
Hello,
can Fiddler caputre between an Windows application and a destination IP?
Thank's!
Joe
Nick Iliev
Telerik team
answered
on
21 Dec 2022
1 answer
155 views
Not so much of a question, but more like presenting a straight-up issue I'm having while trying to install Telerik Fiddler Classic v5.0.20211.51073
Every time I try to start the setup, I get this error message (see attachment).
Needless to say I've no idea why my Internet Connection would be the issue, as I'm using it right now to write this. I've already tried running the installer as administrator, compatibility mode, disabling my antivirus and even the firewall to no use.
Any ideas?
Nick Iliev
Telerik team
answered
on
20 Dec 2022
1 answer
149 views
I get the error This endpoint does not support HTTP CONNECTs. Try GET or POST instead.
Nick Iliev
Telerik team
answered
on
19 Dec 2022
1 answer
141 views
Sucessful GET Requests have a Content-Type of text/html;charset=ISO-8859-1.
In FiddlerScript I have built the exact same Request as a string variable. When I send it using FiddlerObject.utilIssueRequest it fails with an HTTP 500 error and no value in the Session Content-Type column.
How does one set the Content-Type of the entire GET Request?
Jerry
Nick Iliev
Telerik team
answered
on
19 Dec 2022
1 answer
443 views
Hello,
I want to automate the download of a file in a website that requires authentication.
I've used Fiddler to look at the authentication method and to find out the url and parameters to download the file I need.
I manage to call via Postman a first POST that gives me a token (using basic authentication), but then, when I try to call the GET url, it says I am not connected but I cannot find out the authentication method (I can see no WWW-Authenticate header in the previous calls made when sniffing with Fiddler).
How can I know the authentication method needed for the download, where can I find this info on Fiddler ? (I have tried to pass the token via Bearer Token method and setting the token retrieve from my first POST call but that doesn't work (401/Unauthorized). Can it be via cookies ? If so, How can I build the right cookie and pass it to my GET request ?
Thanks in advance,
Nick Iliev
Telerik team
answered
on
19 Dec 2022
1 answer
213 views
Here my output of curl :
curl --proxy 172.26.160.1:8888 https://google.com -v
root@ubuntuserver:/home# curl --proxy 172.26.160.1:8888 https://google.com -v
* Trying 172.26.160.1:8888...
* Connected to (nil) (172.26.160.1) port 8888 (#0)
* allocate connect buffer!
* Establish HTTP proxy tunnel to google.com:443
> CONNECT google.com:443 HTTP/1.1
> Host: google.com:443
> User-Agent: curl/7.81.0
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 Connection Established
< FiddlerGateway: Direct
< StartTime: 15:42:31.930
< Connection: close
<
* Proxy replied 200 to CONNECT request
* CONNECT phase completed!
* ALPN, offering h2
* ALPN, offering http/1.1
* CAfile: /etc/ssl/certs/ca-certificates.crt
* CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS header, Finished (20):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS header, Certificate Status (22):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS header, Finished (20):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
* ALPN, server did not agree to a protocol
* Server certificate:
* subject: OU=Created by http://www.fiddler2.com; O=DO_NOT_TRUST; CN=google.com
* start date: Aug 27 18:11:42 2022 GMT
* expire date: Aug 27 18:11:42 2023 GMT
* subjectAltName: host "google.com" matched cert's "google.com"
* issuer: OU=Created by http://www.fiddler2.com; O=DO_NOT_TRUST; CN=DO_NOT_TRUST_FiddlerRoot
* SSL certificate verify ok.
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
> GET / HTTP/1.1
> Host: google.com
> User-Agent: curl/7.81.0
> Accept: */*
>
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* Mark bundle as not supporting multiuse
< HTTP/1.1 301 Moved Permanently
< Location: https://www.google.com/
< Content-Type: text/html; charset=UTF-8
< Cross-Origin-Opener-Policy-Report-Only: same-origin-allow-popups; report-to="gws"
< Report-To: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
< Date: Fri, 09 Dec 2022 08:42:32 GMT
< Expires: Sun, 08 Jan 2023 08:42:32 GMT
< Cache-Control: public, max-age=2592000
< Server: gws
< Content-Length: 220
< X-XSS-Protection: 0
< X-Frame-Options: SAMEORIGIN
< Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
<
* TLSv1.2 (IN), TLS header, Supplemental data (23):
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="https://www.google.com/">here</A>.
</BODY></HTML>
* Connection #0 to host (nil) left intact
root@ubuntuserver:/home#See :
subject: OU=Created by http://www.fiddler2.com; O=DO_NOT_TRUST; CN=google.com
Success ....
But the problem is whe use without --proxy
root@ubuntuserver:/home# curl https://google.com -v * Trying 142.251.12.100:443... * Connected to google.com (142.251.12.100) port 443 (#0) * ALPN, offering h2 * ALPN, offering http/1.1 * CAfile: /etc/ssl/certs/ca-certificates.crt * CApath: /etc/ssl/certs * TLSv1.0 (OUT), TLS header, Certificate Status (22): * TLSv1.3 (OUT), TLS handshake, Client hello (1): * TLSv1.2 (IN), TLS header, Certificate Status (22): * TLSv1.3 (IN), TLS handshake, Server hello (2): * TLSv1.2 (IN), TLS handshake, Certificate (11): * TLSv1.2 (IN), TLS handshake, Server key exchange (12): * TLSv1.2 (IN), TLS handshake, Server finished (14): * TLSv1.2 (OUT), TLS header, Certificate Status (22): * TLSv1.2 (OUT), TLS handshake, Client key exchange (16): * TLSv1.2 (OUT), TLS header, Finished (20): * TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1): * TLSv1.2 (OUT), TLS header, Certificate Status (22): * TLSv1.2 (OUT), TLS handshake, Finished (20): * TLSv1.2 (IN), TLS header, Finished (20): * TLSv1.2 (IN), TLS header, Certificate Status (22): * TLSv1.2 (IN), TLS handshake, Finished (20): * SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384 * ALPN, server did not agree to a protocol * Server certificate: * subject: OU=Created by http://www.fiddler2.com; O=DO_NOT_TRUST; CN=142.251.12.100 * start date: Aug 27 17:44:07 2022 GMT * expire date: Aug 27 17:44:07 2023 GMT * subjectAltName does not match google.com * SSL: no alternative certificate subject name matches target host name 'google.com' * Closing connection 0 * TLSv1.2 (OUT), TLS header, Unknown (21): * TLSv1.2 (OUT), TLS alert, close notify (256): curl: (60) SSL: no alternative certificate subject name matches target host name 'google.com' More details here: https://curl.se/docs/sslcerts.html curl failed to verify the legitimacy of the server and therefore could not establish a secure connection to it. To learn more about this situation and how to fix it, please visit the web page mentioned above. root@ubuntuserver:/home#
See :
subject: OU=Created by http://www.fiddler2.com; O=DO_NOT_TRUST; CN=142.251.12.100
How to fix this
Im also try to edit fiddler rules
static function OnBeforeRequest(oSession: Session) {
if (oSession.HTTPMethodIs("CONNECT") &&
oSession.HostnameIs("142.251.12.102"))
{
oSession["X-OverrideCertCN"] = "google.com";
}
Still failed
What i do is in this tutorial : https://anasfanani.id/post/redirect-all-linux-traffict-to-httphttpssocks-proxy-fiddlerburp
Anas
Top achievements
Rank 1
Rank 1
updated question
on
09 Dec 2022
1 answer
116 views
Hello everyone , i trying to capture my friend iphone not on my network, in his iphone he set the proxy is my pc puplic ip and set the port is smae fiddler port. Even that he cannot acces to my pc .
anyone know how to make it possible: and how to traffic other phones not on my network.
thankx
anyone know how to make it possible: and how to traffic other phones not on my network.
thankx
Nick Iliev
Telerik team
answered
on
07 Dec 2022
1 answer
154 views
I'd like to see my requests grouped like requests "collect/" to appear at the top of my monitor or saved to some folder. Is it possible?
Nick Iliev
Telerik team
answered
on
05 Dec 2022
1 answer
343 views
The following page loads ok when not using Fiddler Classic as a proxy...
https://www.investing.com/currencies/eur-usd
But if I use Fiddler, the chart on the page will not load! I checked everything and the problem seems to be related to the fact that some resources needed by the page above do not load, and that is because Cloudflare is returning a captcha question instead of data. One such resource file is this, for which I am always getting a captcha when using Fiddler (it works ok otherwise):
https://api.investing.com/api/financialdata/table/list/1?fieldmap=general.slim
Is there any way to fix this, please? I would like to pass all the traffic through Fiddler, and have the page load ok every time.
My Fiddler is not set to make any kind of changes to the page headers, or its content. So I guess Cloudflare is using other ways to detect when traffic is not coming directly from a web browser.
Thank you!
Alex
Nick Iliev
Telerik team
answered
on
05 Dec 2022
1 answer
114 views
a
Andriy
Top achievements
Rank 1
Iron
Rank 1
Iron
answered
on
02 Dec 2022
