Extend Fiddler everywhere with .NET Code

Fiddler Everywhere Feedback Portal

Create an account Log In

Back to Feed

Request a Feature Report a Bug

Unplanned

Last Updated: 08 May 2024 05:47 by ADMIN

walker

Created on: 06 May 2024 06:33

Type: Feature Request

Extend Fiddler everywhere with .NET Code

I am a follower of fiddler classic. I want to know if Extend Fiddler everywhere with .NET Code. Because the http response in my web project is encrypted, I need to decrypt it before I can see the plain text. This has been implemented in fiddler classic and it works fine. But I wonder if it can be done in fiddler everywhere as well?

4 comments

walker

Posted on: 08 May 2024 01:55

Yes, this is an AES encryption and decryption algorithm. Will you consider adding support for this feature in the future? Because this part of the demand does exist in the real scene.

This is the algorithm I used, and the key parts have been desensitized：

using System;
using System.Text;
using System.Security.Cryptography;
using System.IO;


namespace Util
{
    class DecryptionUtil
    {
        public static byte[] AES_IV = Encoding.UTF8.GetBytes("AES_IV");

       
        public static string Encrypt(string data)
        {
            using (AesCryptoServiceProvider aesAlg = new AesCryptoServiceProvider())
            {
                aesAlg.Key = Encoding.UTF8.GetBytes("key");
                aesAlg.IV = AES_IV;
                ICryptoTransform encryptor = aesAlg.CreateEncryptor(aesAlg.Key, aesAlg.IV);
                using (MemoryStream msEncrypt = new MemoryStream())
                {
                    using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, encryptor, CryptoStreamMode.Write))
                    {
                        using (StreamWriter swEncrypt = new StreamWriter(csEncrypt))
                        {
                            swEncrypt.Write(data);
                        }
                        byte[] bytes = msEncrypt.ToArray();
                        return Convert.ToBase64String(bytes);
                    }
                }
            }

        }
     
        public static string Decrypt(string data)
        {
            try {
                string dummyData = data.Trim().Replace("%", "").Replace(",", "").Replace(" ", "+");
                if (dummyData.Length % 4 > 0)
                {
                    dummyData = dummyData.PadRight(dummyData.Length + 4 - dummyData.Length % 4, '=');
                }
                {
                    byte[] inputBytes = Convert.FromBase64String(dummyData);

                    using (AesCryptoServiceProvider aesAlg = new AesCryptoServiceProvider())
                    {
                        aesAlg.Key = Encoding.UTF8.GetBytes("key");
                        aesAlg.IV = AES_IV;

                        ICryptoTransform decryptor = aesAlg.CreateDecryptor(aesAlg.Key, aesAlg.IV);
                        using (MemoryStream msEncrypt = new MemoryStream(inputBytes))
                        {
                            using (CryptoStream csEncrypt = new CryptoStream(msEncrypt, decryptor, CryptoStreamMode.Read))
                            {
                                using (StreamReader srEncrypt = new StreamReader(csEncrypt))
                                {
                                    return srEncrypt.ReadToEnd();
                                }
                            }
                        }
                    }
                }

            }
            catch (Exception) {
                return null;
            }


        }

        internal static bool Decrypt()
        {
            throw new NotImplementedException();
        }
    }


}

ADMIN

Nick Iliev

Posted on: 07 May 2024 09:59

Currently, the Fiddler Everywhere application does not allow for the creation of custom inspectors or the addition of custom decryption methods. Can you provide more details about the task you're working on? For instance, are you attempting to decrypt a known encryption/compression algorithm or a custom one?

walker

Posted on: 06 May 2024 07:01

Hi ,Nick Iliev

I'm sorry. Maybe I didn't make myself clear. I was wondering if you could implement a tab in inspector to display decrypted traffic, as I did in fiddler classic. The logic goes like this: first get the response content, then call the decryption method to decrypt it, and finally display the decrypted text in a custom TAB in inspector.

ADMIN

Nick Iliev

Posted on: 06 May 2024 06:41

Hello,

As far as I understand, you must capture and decrypt traffic from .NET applications. If so, you can use the Fiddler's terminal (with preconfigured proxy and CA) or manually configure your .NET applications. Instructions for both approaches are available in the following documentation section:

https://docs.telerik.com/fiddler-everywhere/knowledge-base/capturing-net-traffic

Regards,
Nick Iliev
Progress Telerik

A brand new ThemeBuilder course was just added to the Virtual Classroom. The training course was designed to help you get started with ThemeBuilder for styling Telerik and Kendo UI components for your applications. You can check it out at https://learn.telerik.com