Afternoon folks...

I have an application that keeps sending DNS traffic over HTTPS and ultimately fails because it resolves as external where it should be internal. So I'm tracing it down using Fiddler. The application is spawned by Edge WebView2 and I can see the requests to Google and CloudFlare over :443 for DNS (through WireShark). What is very odd, is when I am running Fiddler the application never fails. So I'm trying to understand what Fiddler does while it's capturing so I can pick it apart and see which bit is making this work.

I know it uses WPAD for a bit of its operations too, I have that enabled on my machine now too. I killed DoH on my laptop too as well as Secure DNS in Edge/Chrome.

Anyone know the innerworkings of Fiddler (obviously not at an intellectual property level) but more what is it doing while it's running.

I have a client shipping application that interfaces with a server. The server then communicates with FedEx.com web services. The communication works fine but I need to analyze the web service communications (request & response) to troubleshoot a problem in the application. I am using Fiddler Classic installed on the Windows Server 2019 application server. I have followed the document on configuring for HTTPS.

When I start capturing, Fiddler shows only HTTP transactions, no HTTPS. I see a HTTP transaction Tunnel to ws.fedex.com:443 but not HTTPS transactions. The shipping application will display an error stating "An error occurred while making the HTTP request to https://ws.fedex.com/web-services/." 

Attached is a screenshot showing captured and HTTPS configuration.

The Fiddler log shows
15:59:56:3692 Progress Telerik Fiddler Classic Running...
15:59:56:3848 Windows 8+ AppContainer isolation feature detected.
15:59:56:3848 Fiddler.Network.AutoProxy> AutoProxy Detection failed.
15:59:56:3848 AutoProxy failed. Disabling for this network.
15:59:56:6035 fiddler.network.https> HTTPS handshake to www.fiddler2.com (for #1) failed. System.IO.IOException Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. < An existing connection was forcibly closed by the remote host


16:00:07:7907 HTTPSLint> Warning: ClientHello record was 347 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
16:00:07:7907 Assembly 'C:\Users\Latitude\AppData\Local\Programs\Fiddler\CertMaker.dll' was not found. Using default Certificate Generator.
16:00:07:8219 /Fiddler.CertMaker> Using .‰+˜ for certificate generation; UseWildcards=True.
16:00:08:0250 [Fiddler] No HTTPS request was received from (w3wp:3636) new client socket, port 51113.
16:00:43:0082 [Fiddler] No HTTPS request was received from (w3wp:3636) new client socket, port 51117.

I checked Tools > WinINET Options > LAN Settings while Fiddler is "Capturing". It is  127.0.0.1:8888 

I tried overriding chaining to the system default proxy by setting Manual configuration in the setting the Tools > Options - Gateway tab http & https to 127.0.0.1:8888. That caused a different problem.Setting it to the IP address still did not work. The application error was " Could not establish trust relationship for the SSL/TLS secure channel with authority 'ws.fedex.com'." . 

The Fiddler log was:
16:52:21:8478 fiddler.network.gateway.connect>Connection to 172.17.3.232 failed. No connection could be made because the target machine actively refused it 172.17.3.232:8888. Will try DNS Failover if available.
16:52:32:8162 fiddler.network.gateway.connect>Connection to fe80::c9b2:e9db:ff6b:5d95%9 failed. No connection could be made because the target machine actively refused it [fe80::c9b2:e9db:ff6b:5d95%9]:8888. Will try DNS Failover if available.
16:52:33:8475 fiddler.network.gateway.connect>Connection to 172.17.3.232 failed. No connection could be made because the target machine actively refused it 172.17.3.232:8888. Will try DNS Failover if available.
16:52:33:9099 WinINET Registry change detected. Verifying proxy keys are intact...
16:52:42:0660 HTTPSLint> Warning: ClientHello record was 347 bytes long. Some servers have problems with ClientHello's greater than 255 bytes. https://github.com/ssllabs/research/wiki/Long-Handshake-Intolerance
16:52:42:2534 [Fiddler] No HTTPS request was received from (w3wp:3636) new client socket, port 52666.

Hoping some one can help,

Leo Zipper

Can fiddler support IPv4-Mapped IPv6 Address ? Such as POST http://[::ffff:220.233.36.113]/

I found when some app use this type post, fiddler can not get the response.

[Fiddler] The connection to '::ffff:220.233.36.113' failed. <br />Error: AddressNotAvailable (0x2741). <br />System.Net.Sockets.SocketException The requested address is not valid in its context [::ffff:220.233.36.113]:80                                                                                                                                                                                                                                                                                                    

 

I use "Echo Mirage" to capture program traffic and it give me this

but when i tried with "Fiddler Classic" it didn't show me the traffic of this program.

Hi,

 

I set Fiddler as a proxy per this official link , but when I ran my NET Core app in Visual Studio and Firefox I noticed that no requests between FF and my app were displayed in Fiddler. At the same time, all requests from Firefox to the Internet were shown excellently. All applications (Visual Studio, Fiddler and Firefox) were run under administrative account on my machine. What should I do to have requests from FF to  my NET Core app shown in Fiddler?

OS: Win 10 x64 Pro 21H2 (19044.1526)

Firefox: 103.0.2 (64-bit)

Fiddler: v5.0.20211.51073 for .NET 4.6.1 Built: Wednesday, December 15, 2021 64-bit AMD64, VM: 75.0mb, WS: 125.0mb .NET 4.8 WinNT 10.0.19044.0

Visual Studio: Microsoft Visual Studio Community 2022 (64-bit) - Version 17.3.0

please help i want to make one of these param as response

Example params : test.com/test.php?p=p&u=u&c=code

Previously I could not play games without Fiddler classic open,  hoping my computer would go back to how it was before I installed fiddler, but now I can't play games at all. How can I play games without fiddler, or how can I restore my computer to what it was before without erasing my files or something?

In Fiddler Classic decryption I set <client> and tls 1.2, I'm capturing traffic from mobile application via Fiddler proxy working in local network on Win 10 machine,

but still B2C in Safari shows me message "This Connection Is Not Private", and says it shows this because site uses tls 1.0 and tls 1.1;

is it solvable?

In the beginning I had only tokens: <client>; ssl3; tls1.0; tls1.1 - but then I added 1.2, should have I reissue certificates ?? (suppose that not)

What can be the issue?

Thank you much.

Hello i want to know how do i remove this and i am getting desprate since it has taken me atleast 2 hours on how to remove this. i uninstalled it properly by going to the fiddler folder and use the uninst.exe i think it was called but this wasnt remove so i wanna know how

I installed Fiddler Everywhere in order to view saz file . However,  I don't get the email with the six digits code to verify my email.

I have tried to uninstall, reinstall, but nothing worked.

If i tried to login with my telerik account, it gives :

If I tried to create an account, I don't get the verification email.

Not sure what I missed.

 

Sincerely,

 

Julia Tian