Hello,

I recently installed fiddler to reverse engineer an android app. How that I'm finished with my research I uninstalled fiddler. However it seems like that fiddler messed with my windows settings. I can no longer send a http request using .NET. When running the request via Postman or simply my webbrowser the request reaches my webserver and I get the answer.

This is the code I use to perform the request, which results in 'No connection could be made because the target machine actively refused it. (192.168.0.96:8888)'.

So I was wondering, where this port was coming from, because I specified 5004 but it ended up to be 8888. I checked my windows proxy settings.

I also tried clearing the IWinNet Cache using fiddler. No effect.

Then I discovered that when running fiddler again, my requests goes through. I also noticed that the Capture Traffic options has no effect. No matter if I monitor the traffic or not, my request is shown in fiddler.

I don't know what to do, and really hate the fact that I always have to run a proxy in order to work!

 

Thanks in advance!

Sebastian

CONNECT apicl3.celcom.com.my:443 HTTP/1.1
Host: apicl3.celcom.com.my
User-Agent: celcom_life/200333 CFNetwork/1240.0.4 Darwin/20.5.0
Connection: keep-alive
Connection: keep-alive

A SSLv3-compatible ClientHello handshake was found. Fiddler extracted the parameters below.

Version: 3.3 (TLS/1.2)
Random: 44 84 7D 65 07 24 79 BB A3 1A 28 9C 74 13 25 86 09 32 96 4C 68 86 E1 8D BA 8E EE F6 D7 09 00 3A
"Time": 16/12/2023 7:04:36 PM
SessionID: CA 31 92 D7 01 7E ED B3 00 56 BE 7E 29 BF B7 09 07 30 47 FB 02 21 6D 71 F5 82 B0 0F BC A0 91 AC
Extensions: 
grease (0x3a3a) empty
server_name apicl3.celcom.com.my
extended_master_secret empty
renegotiation_info 00
supported_groups grease [0x3a3a], x25519 [0x1d], secp256r1 [0x17], secp384r1 [0x18], secp521r1 [0x19]
ec_point_formats uncompressed [0x0]
ALPN h2, http/1.1
status_request OCSP - Implicit Responder
signature_algs ecdsa_secp256r1_sha256, rsa_pss_rsae_sha256, rsa_pkcs1_sha256, ecdsa_secp384r1_sha384, ecdsa_sha1, rsa_pss_rsae_sha384, rsa_pss_rsae_sha384, rsa_pkcs1_sha384, rsa_pss_rsae_sha512, rsa_pkcs1_sha512, rsa_pkcs1_sha1
SignedCertTimestamp (RFC6962) empty
key_share 00 29 3A 3A 00 01 00 00 1D 00 20 88 B4 9B C1 94 50 43 4C 36 70 D6 65 FF 6D 03 C0 64 80 87 A8 3C 9C 5B A9 CF DF 87 26 69 21 4E 1F
psk_key_exchange_modes 01 01
supported_versions grease [0x3a3a], Tls1.3, Tls1.2, Tls1.1
grease (0x8a8a) 00
padding 181 null bytes
Ciphers: 
[6A6A] Unrecognized cipher - See https://www.iana.org/assignments/tls-parameters/
[1301] TLS_AES_128_GCM_SHA256
[1302] TLS_AES_256_GCM_SHA384
[1303] TLS_CHACHA20_POLY1305_SHA256
[C02C] TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
[C02B] TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
[CCA9] TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
[C030] TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
[C02F] TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
[CCA8] TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
[C024] TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
[C023] TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
[C00A] TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
[C009] TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
[C028] TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
[C027] TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
[C014] TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
[C013] TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
[009D] TLS_RSA_WITH_AES_256_GCM_SHA384
[009C] TLS_RSA_WITH_AES_128_GCM_SHA256
[003D] TLS_RSA_WITH_AES_256_CBC_SHA256
[003C] TLS_RSA_WITH_AES_128_CBC_SHA256
[0035] TLS_RSA_WITH_AES_256_CBC_SHA
[002F] TLS_RSA_WITH_AES_128_CBC_SHA
[C008] TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA
[C012] TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
[000A] SSL_RSA_WITH_3DES_EDE_SHA

Compression: 
[00] NO_COMPRESSION

Hello Team,

I'm using fiddler to diagnose some intermittent https timeout issue(need to check internal cookie).

I'm using ODBC driver for apache hive to connect my websites.

but when I use fiddler classic trying to capture https traffic send out by ODBC driver, but I could see any captured by fiddler (but could see in wireshark).

can we capture ODBC https traffic via fiddler? what i think we can do that but i'm not what config i missed. Appreciate your help.

Thanks,

Vincent

---------------------------
Folder Creation Failed
---------------------------
Fiddler has encountered an unexpected problem. If you believe this is a bug in Fiddler, please copy this message by hitting CTRL+C, and submit a bug report at http://www.telerik.com/forums/fiddler.

The tag present in the reparse point buffer is invalid.



Type: System.IO.IOException
Source: mscorlib
   at System.IO.__Error.WinIOError(Int32 errorCode, String maybeFullPath)

   at System.IO.Directory.InternalCreateDirectory(String fullPath, String path, Object dirSecurityObj, Boolean checkHost)

   at System.IO.Directory.InternalCreateDirectoryHelper(String path, Boolean checkHost)

   at Fiddler.CONFIG.() in C:\Jenkins\Fiddler_Windows\workspace\FiddlerCore\FiddlerCore.Shared\Common\Application\Config.cs:line 1825


Fiddler v5.0.20204.45441 (x64 AMD64) [.NET 4.0.30319.42000 on Microsoft Windows NT 10.0.19043.0] 
---------------------------
OK   
---------------------------

 

Hello,

I'm trying to capture the traffic from an app which is refusing to connect to local proxy (127.0.0.1, 192.168.X.X), but accepts other proxies.

My goal is to create a local virtual interface, with an IP such as 10.0.0.1, and I would like to set my proxy to this IP.

It would be convenient for me if I could tell Fiddler to set the local proxy to this IP and listen on this interface instead of the usual 127.0.0.1. Is it possible ? How ?

As an other option, I could use the setting "Allow remote computers to connect" and set the proxy settings manually, but Fiddlers doesn't let me do that on the same computer as it stops listening when I manually change proxy settings.

Any help would be much appreciated.

I wanted to obtain the HTTPS POST URL generated from a "highly obfuscated" Phish in HTML format.  But I had problems.

I exported the Certificate generated by Fiddler Classic, v5.0.20204.45441, and I was surprised to see the Certificate expired on 6/12/'21.  I see that that is is the last released version.

Is there an update to Fiddler Classic that will generate a Trusted Cert that is current and not expired ?

 

 

 

I am working on fiddler core with C#. But FiddlerApplication.Shutdown(); I don't think your command works. FiddlerApplication.Shutdown(); After the application, the internet access of the current computer is turned off. When the fiddler core application is closed, as in the picture I shared, internet access is cut off when the fiddlerapplication.shutdown command is applied.

How can I solve this problem?

 

For example, we cannot access any websites or internet when the internet is disconnect ;

 

Note: This problem happens when I close and open the program 3 or 5 times.

Hello,

I have attached the source code of my work. When the program opens, it installs a certificate and asks such questions. I want it to install and pass the fiddler certificate without asking this question. Is it possible?

A "yes, no" screen appears like this while installing the certificate. I want it to install without asking. (Hidden Install Certificate) Is that possible?

Hello,

I have added request by timer custom code.

FiddlerApplication.UI.actCaptureScreenshot(false);

What should be added in this part to Stop Timer using hotkey?

Thanks.

Regards,

Adam

Been using Fiddler for awhile.  It's an amazing program.  I'm no longer able to capture https traffic from the Android Facebook app.  I've read all the threads and searched all around for a solution.  I've seen discussions on ssl pinning, killswitch, etc.  I've used proxydroid in the past, as well.  Does Facebook now have this certificate pinning issue or is there another workaroud available.  It used to work great.  I would rather test on a non-rooted device.  Thanks.