Hi,

I'm making an api call and trying to modify the status code in the https response but the response is failing without returning a status code and I'm also getting a ERR_TUNNEL_CONNECTION_FAILED.

I can see my https request coming in. Also managed to modify/add headers on the response to test if my code in the ScriptEditor works - works fine.

NOTE: The status code changes also works fine for http request.

 

I am probably missing something simple, here is the code below. For testing I also checked other https calls from different sites and the same is happening.

In OnBeforeResponse I have: oSession.responseCode = 500;

 

Any ideas?

Thanks

Hello guys, i am using fiddlercore4 and selenium, i am setting chromes proxy server to a custom proxy, but it prevents fiddler from working. It is mandatory for me to add proxies into my software, any reason to why this is happening?

 

log are as follows

---------------------------
Awww, Fiddlesticks!
---------------------------
Fiddler has encountered an unexpected problem. If you believe this is a bug in Fiddler, please copy this message by hitting CTRL+C, and submit a bug report at http://www.telerik.com/forums/fiddler.

无法加载或初始化请求的服务提供程序。

Type: System.Net.Sockets.SocketException
Source: System
   在 System.Net.SafeCloseSocketAndEvent.CreateWSASocketWithEvent(AddressFamily addressFamily, SocketType socketType, ProtocolType protocolType, Boolean autoReset, Boolean signaled)

   在 System.Net.NetworkInformation.NetworkChange.AddressChangeListener.StartHelper(NetworkAddressChangedEventHandler caller, Boolean captureContext, StartIPOptions startIPOptions)

   在 System.Net.NetworkInformation.NetworkChange.AvailabilityChangeListener.Start(NetworkAvailabilityChangedEventHandler caller)

   在 Fiddler.Proxy..ctor(Boolean isPrimary, ProxySettings upstreamProxySettings) 位置 C:\Jenkins\Fiddler_Windows\workspace\Fiddler2\Common\Core\Proxy.cs:行号 209

   在 Fiddler.frmViewer.‹•(String[] ˆ•) 位置 C:\Jenkins\Fiddler_Windows\workspace\Fiddler2\Viewer.cs:行号 2940

   在 Fiddler.frmViewer.‡•(String[] ˆ•) 位置 C:\Jenkins\Fiddler_Windows\workspace\Fiddler2\Viewer.cs:行号 2758


Fiddler v5.0.20194.41348 (x64 AMD64) [.NET 4.0.30319.42000 on Microsoft Windows NT 10.0.18362.0] 
---------------------------
确定   
---------------------------

How to solve this problem？

hi! fiddler not open

 

Hi team, 

I follow this article to collect log on mobile https://www.telerik.com/blogs/how-to-capture-android-traffic-with-fiddler. But after set proxy manually, I'm unable to access internet in my mobile anymore. Please help.

Regards,

Chinh.

Hi,

I have a 3 layer .NET application where i'm not able to capture the traffic between the frontend application server and the backend application server (both  windows server 2019 with IIS 10).

 

I opened fiddler in the frontend server, in order to capture all the requestes to the backend server and in my machine I use the application normally and I cannot see any traffic being captured by fiddler:

 

If I open the application in the frontend server, I'm able to see the html requests from the browser to the frontend server, but what I want is to capture the communication between the 2 servers.

 

I've another server, running windows server 2012 with IIS 8, where I can perfectly capture all traffic from the frontend server to the backend server.

 

Are there any issues with windows server 2019 version? I'm missing some configuration?

 

 

Any help is appeciated.

 

Regards,

LMC

 

 

Hello.

Im not "pro" fiddler user, just using some its features in my work.

But today smth happened, not sure what, and next trouble now:

when im just pressing E(or right button>reissue and edit) on request i need to modify and re-run - it just completed immediately, without any breaking and ability to edit it.

Why it can be? Years before today i never had such trouble.

I'm using fiddler to decrypt https traffic from a mobile app which was working fine till someone said it wouldn't work for him, after isolating the user and testing different accounts (app requires authentication), I realized his specific account behavior connection was different and it fails every time the app wants to stablish the secure channel with the server.  After capturing a few good/bad sessions and comparing I noticed that although the same TLS 1.2 protocol is being used by both of them, every time the client declared is was capable of managing newest TLS 1.3 and reserved ciphers are used fiddler seems not to be able to stablish the connection.. I understand TLS 1.3 hand-shake is different and improved over TLS 1.2 but as I said both seem to use TLS 1.2 (I also notices the user agent declaration is different but don't think it's relevant).  I'm of course not security expert and certificates and protocols are not my best strength so I'm looking for some guidance here on how to debug further to address my issue.  I tried adding TLS 1.3 to the supported protocols but of course it didn't work (it would not even save the modified string) and then learned fiddler has dependency on .net support also.  I'm running fiddler in a Windows 2019 server and as so far I could find it's not possible yet to configure the server to accept TLS 1.3 (as server, client is different), but I'm not even sure if I'm looking this on the right path.

 

Here is a good connection:

 

CONNECT xxxxx.yyyyy.com:443 HTTP/1.1
Host: xxxxx.yyyyy.com
User-Agent: /iphone/4.241.10001
Connection: keep-alive
Connection: keep-alive
A SSLv3-compatible ClientHello handshake was found. Fiddler extracted the parameters below.
Version: 3.3 (TLS/1.2)
Random: AF 05 C3 7D 33 D7 B8 97 66 0A 1E 36 7F 4E 1C 1B 99 F3 4B EC 4D EF A1 73 FE 07 8A 87 AD 76 E6 4C
"Time": 11/10/2036 7:29:35 AM
SessionID: 35 3B 00 00 94 37 B2 B8 9B 63 8D 94 B4 1D 58 A8 3C D6 8B 2B D0 91 49 A2 86 5C CF 65 93 79 AB AD
Extensions:
 renegotiation_info 00
 server_name xxxxx.yyyyy.com
 extended_master_secret empty
 signature_algs ecdsa_secp256r1_sha256, rsa_pss_rsae_sha256, rsa_pkcs1_sha256, ecdsa_secp384r1_sha384, rsa_pss_rsae_sha384, rsa_pkcs1_sha384, rsa_pss_rsae_sha512, rsa_pkcs1_sha512, rsa_pkcs1_sha1
 status_request OCSP - Implicit Responder
 SignedCertTimestamp (RFC6962) empty
 ec_point_formats uncompressed [0x0]
 supported_groups x25519 [0x1d], secp256r1 [0x17], secp384r1 [0x18], secp521r1 [0x19]
Ciphers:
 [C02C] TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
 [C02B] TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
 [C024] TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
 [C023] TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
 [C00A] TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
 [C009] TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
 [CCA9] TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
 [C030] TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
 [C02F] TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
 [C028] TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
 [C027] TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
 [C014] TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
 [C013] TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
 [CCA8] TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
Compression:
 [00] NO_COMPRESSION

 

And here is the bad (unsuccessful) one:

 

CONNECT xxxxx.yyyyy.com:443 HTTP/1.1
Host: xxxxx.yyyyy.com:443
Connection: keep-alive
User-Agent: Cronet/78.0.3904.84
A SSLv3-compatible ClientHello handshake was found. Fiddler extracted the parameters below.
Version: 3.3 (TLS/1.2)
Random: 24 CC E5 01 0A 78 1E 18 F9 73 7F 75 FB DF 67 E1 FA A7 FF D8 64 8E E6 9D E4 C9 05 77 88 B7 25 D0
"Time": 1/4/1971 6:40:20 AM
SessionID: 7D BB 95 E2 C8 0F 37 12 FF 2D EC 20 80 24 5D 3B 10 34 7C D8 4D 54 DF 1C 82 16 7D 30 2B EA 64 AD
Extensions:
 grease (0x6a6a) empty
 server_name xxxxx.yyyyy.com
 extended_master_secret empty
 renegotiation_info 00
 supported_groups grease [0x2a2a], x25519 [0x1d], secp256r1 [0x17], secp384r1 [0x18]
 ec_point_formats uncompressed [0x0]
 SessionTicket empty
 ALPN  h2, http/1.1
 status_request OCSP - Implicit Responder
 signature_algs ecdsa_secp256r1_sha256, rsa_pss_rsae_sha256, rsa_pkcs1_sha256, ecdsa_secp384r1_sha384, rsa_pss_rsae_sha384, rsa_pkcs1_sha384, rsa_pss_rsae_sha512, rsa_pkcs1_sha512, rsa_pkcs1_sha1
 SignedCertTimestamp (RFC6962) empty
 key_share 00 29 2A 2A 00 01 00 00 1D 00 20 0B 2A 17 56 D8 37 26 5C 47 91 C9 EC DB 0F 89 D4 CD 86 16 38 74 8C 9D 68 CD 82 B2 3F CE D5 48 37
 psk_key_exchange_modes 01 01
 supported_versions grease [0xeaea], Tls1.3, Tls1.2, Tls1.1
 0x001b  02 00 02
 grease (0x5a5a) 00
 padding  200 null bytes
Ciphers:
 [0A0A] Unrecognized cipher - See https://www.iana.org/assignments/tls-parameters/
 [1301] TLS_AES_128_GCM_SHA256
 [1302] TLS_AES_256_GCM_SHA384
 [1303] TLS_CHACHA20_POLY1305_SHA256
 [C02B] TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
 [C02F] TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
 [C02C] TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
 [C030] TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
 [CCA9] TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
 [CCA8] TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
 [C013] TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
 [C014] TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
 [009C] TLS_RSA_WITH_AES_128_GCM_SHA256
 [009D] TLS_RSA_WITH_AES_256_GCM_SHA384
 [002F] TLS_RSA_WITH_AES_128_CBC_SHA
 [0035] TLS_RSA_WITH_AES_256_CBC_SHA
 [000A] SSL_RSA_WITH_3DES_EDE_SHA
Compression:
 [00] NO_COMPRESSION

 

Hope someone can help :-)

 

Hello, I have a project that will allow users to view and modify traffic etc. The project is all about simplicity. I have not decided if I am going to monetize it or not. The project utilizes Titanium Web Proxy, by default. Though, I want to allow the users to use FiddlerCore, as an option.

I know that FiddlerCore is currently paid, so I have a question. Is it alright if I support FiddlerCore in my project without providing any of its dependencies.. I will instruct the users that FiddlerCore is paid, and will refer them to Telerik, to evaluate the trial. They can place the FiddlerCore dependencies into the program's folder and use FiddlerCore, instead of Titanium.

Will I be obligated to pay any fees if I only provide support for FiddlerCore (without adding any of its dependencies)?

Thanks for your time.

Fiddler freezes and becomes virtually unusable when you try to inspect the form field with long value. In my case it's around 20,000 characters, which I don't think in this day and age is a particularly large piece of data to handle for modern applications running on modern computers??