This is a migrated thread and some comments may be shown as answers.

Using Fiddler for NodeJS Application

1 Answer 290 Views
Windows
This is a migrated thread and some comments may be shown as answers.
Tony
Top achievements
Rank 1
Tony asked on 07 Jun 2019, 06:03 PM

Hi All,

I need to reverse engineer HTTPS web requests that a node-JS application is making.  Unfortunately the app hasn't been coded with Proxy support and it does not respect system proxy settings.

I'd like to redirect all requests for "BuggedDomain" through fiddler and pipe them to 192.168.0.10.

 

My understanding is that I need to do the following:

1.  Add this to my host file:

127.0.0.1 BuggedDomain

2. Run this command in Fiddler:

!listen 443 BuggedDomain

3.

Add something like this to my Fiddler Script:

if ((oSession.HostnameIs("buggeddomain")) && (oSession.oRequest.pipeClient.LocalPort == 443) ) 
        {
            oSession.bypassGateway = true;
            oSession["x-overrideHost"] = "192.168.0.10";
            
        }

 

But i'm not seeing any of the requests from the app show up.

Any thoughts?

1 Answer, 1 is accepted

Sort by
0
Simeon
Telerik team
answered on 21 Jun 2019, 11:51 AM

Hi Tony,

I tried to reproduce your issue by using Fiddler as a reverse proxy for a web site dir.bg and opening it from a web browser and I succeeded. I did the following:
1. Added 127.0.0.1 dir.bg to my hosts file in C:\Windows\System32\drivers\etc
2. Added this inside the OnBeforeRequest handler:

  • if (oSession.HostnameIs("dir.bg") && oSession.oRequest.pipeClient.LocalPort == 443) {

        oSession["x-overrideHost"] = "194.145.63.12";
    }
Please, note that I do not need to bypass the gateway. If there are any proxies and firewalls in your organization they will stop Fiddler to forward the request to the server.
3. From Tools\Options HTTPS I checked the 'Ignore server certificate errors' option - this is because in the FiddlerScript we are overriding the host with an IP address and Fiddler will expect the server to authenticate with a certificate with a Subject CN = "194.145.63.12" but the server is authenticating with a Subject CN = "dir.bg"
4. Turned off the capturing to make sure that the browser will not use the proxy settings pointing to Fiddler listenning on the 8888 port.
5. Ran the command !listen 443 dir.bg

Then when I opened the website from the browser, Fiddler captured the HTTPS session. However, I have to mention that while I was testing I opened the website with Chrome without the setup and I believed that Chrome cached the IP of the site for some time because the session didn't show up. I had to use other browsers.

So maybe your node-JS app "knows" the IP of the server and does not respect the hosts file as well.

I hope I was helpful.

Regards,
Simeon
Progress Telerik
Do you want to have your say when we set our development plans? Do you want to know when a feature you care about is added or when a bug fixed? Explore the Telerik Feedback Portal and vote to affect the priority of the items
Tags
Windows
Asked by
Tony
Top achievements
Rank 1
Answers by
Simeon
Telerik team
Share this question
or