MacOs, Fiddler Everywhere 10, Cisco AnyConnect.
Here's the workflow...
In the morning, Cisco VPN isn't connected. All traffic is blocked by design. Attempt to start Fiddler Everywhere. WON'T START because it can't login. What is this new requirement to login? If I don't start Fiddler before the VPN, no traffic ever logs. If i don't start the VPN, Fiddler won't start. A bit of a cartch-22, ya think?
Somehow I bypass the VPN (Don't tell corp security) and get logged-in. Fiddler is up. Start the VPN. Get some work done. Shiny new UI! Still can't drag-drop from inspector to composer? Damn.
At some point the Fiddler login EXPIRES. Why does it expire? What do I even need a login for? At this point ALL TRAFFIC fails, since Fiddler was the system proxy. All work stops. Now I need to stop Fiddler, Stop the VPN, attempt to start Fiddler again....oh wait, can't login because the VPN is down... here we go again.
This is all a serious waste of time. I can see registering Fiddler so you know who your users are. What's with the REQUIREMENT to have a login, and why does it expire? It kinda makes Fiddler useless.
Please remove the requirement to login to an account before being able to use Fiddler Everywhere.
When I try to trusst the fiddler root certifficate, I get the message "not successfull" and see a line like this in the logfile:
[2021-03-01 16:29:48:866] [Information] [Fiddler] Error when trying to check if certificate is trusted: '.', hexadecimal value 0x00, is an invalid character. Line 304, position 38.
I also tried to trust the certificate by hand via the keyring utility.
What can I try?
I'm unable to connect to "gateway.icloud.com" when Fiddler is open and decrypting HTTPS traffic.
This is Fiddler Everywhere 0.10.0 on macOS 10.15.5.
Open Fiddler and make sure it's decrypting HTTPS traffic.
Open any browser and go to https://gateway.icloud.com/
Expected result: Page loads (it's blank. This is normal.)
What actually happens: fiddler.network.https> HTTPS handshake to gateway.icloud.com (for #820) failed. System.Security.Authentication.AuthenticationException The remote certificate is invalid according to the validation procedure.
Same thing happens on https://configuration.apple.com/
Steps to reproduce:
Example data posted (snippet with middle section excerpted):
There is much more data that should occur after the property "immediatePatientSafety". There does appear to possibly be additional fields presented in the Web Form inspector although some of the values are truncated and have an ellipsis (...) following those lines, so I believe that the tool is capturing the data but will not make it visible or available in the Text or Raw Inspectors.
No option exists to configure the amount of request data that is captured or to cause the Inspector to "show more" data.
I need to be able to see the full text request to troubleshoot an issue with the back-end application.
I need the data available in the Text or Raw inspector so that I can cut and paste it out for external processing and discussion with the developers.
I noted that a separate bug report has been issued for a missing "show more data" option on large response records.
Latest version of Fiddler (v0.10.0) and Android Emulator is not proxying the connections properly.
I have Fiddler Everywhere running and know it is working when I can send requests through Postman and see them show up in Fiddler properly.
However, if I set up the Android Emulator through Android Studio, and set the proxy to be Fiddler, connections do not fully reach the backend service I am sending requests to. All that shows up in Fiddler is
CONNECT 192.168.5.7:5000 HTTP/1.1
HTTP/1.1 200 Connection Established
The service is running on my local host machine (192.168.5.7) on port 5000.
If I close Fiddler and run charles-proxy, then set the Android Emulator to use that as the proxy, I see the full request, my service responds, and I see the response in Charles.
I've successfully setup fiddler-everywhere 0.4.0 and am able to sniff traffic to various websites on my linux (Ubuntu 18.04) laptop. However some https sites are not working - fiddler-everywhere severs the connection at the SSL handshake phase. These same sites work in the windows version of Fiddler (v 5.0.20192.25091 - built 04 June 2019) however.
What is the status of the SSL support in fiddler-everywhere vs windows Fiddler?
Example site that fails over https:
Example site that works over https:
Fiddler captures for absa.co.za
CONNECT www.absa.co.za:443 HTTP/1.1 Host: www.absa.co.za:443 Connection: keep-alive User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36 A SSLv3-compatible ClientHello handshake was found. Fiddler extracted the parameters below. Version: 3.3 (TLS/1.2) Random: 1F 0E B0 54 5D 66 42 82 C9 A8 A6 D5 8F C2 F0 C6 A8 16 0C 8E 14 45 F2 B4 B5 95 92 66 B6 53 D6 F4 "Time": 2015/01/09 19:21:35 SessionID: empty Extensions: 0x5a5a empty server_name www.absa.co.za extended_master_secret empty renegotiation_info 00 elliptic_curves unknown [0xBABA), unknown [0x1D), secp256r1 [0x17], secp384r1 [0x18] ec_point_formats uncompressed [0x0] SessionTicket empty ALPN h2, http/1.1 status_request OCSP - Implicit Responder signature_algs sha256_ecdsa, Unknown[0x8]_Unknown[0x4], sha256_rsa, sha384_ecdsa, Unknown[0x8]_Unknown[0x5], sha384_rsa, Unknown[0x8]_Unknown[0x6], sha512_rsa, sha1_rsa SignedCertTimestamp (RFC6962) empty 0x001b 02 00 02 0xeaea 00 Ciphers: [5A5A] Unrecognized cipher - See http://www.iana.org/assignments/tls-parameters/ [C02B] TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 [C02F] TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 [C02C] TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 [C030] TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 [CCA9] TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 [CCA8] TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 [C013] TLS1_CK_ECDHE_RSA_WITH_AES_128_CBC_SHA [C014] TLS1_CK_ECDHE_RSA_WITH_AES_256_CBC_SHA [009C] TLS_RSA_WITH_AES_128_GCM_SHA256 [009D] TLS_RSA_WITH_AES_256_GCM_SHA384 [002F] TLS_RSA_AES_128_SHA  TLS_RSA_AES_256_SHA [000A] SSL_RSA_WITH_3DES_EDE_SHA Compression:  NO_COMPRESSION
HTTP/1.1 200 Connection Established FiddlerGateway: Direct StartTime: 10:28:40.706 Connection: close fiddler.network.https> HTTPS handshake to www.absa.co.za (for #329) failed. System.IO.IOException Unable to read data from the transport connection: Connection reset by peer. < Connection reset by peer
On Request Inspector, Web Forms Tab, the header row seems duplicate.
While inspecting requests where Content-Length > 3000, only 3000 characters of the request body gets displayed in both Raw and Text views. When I copy the whole contents of the selectable area (CMD + A, CMD + C) and paste it into a text editor, it seems like there is a 'View full request...' text somewhere which does not show up. I remember this button from previous versions.
OS : macOS Mojave Version 10.14.6
A sample HTML with dummy form to reproduce the bug and recorded session is attached.
I fire up Fiddler Everywhere on my Mac. Generally, it appears to do nothing.
In further detail, "Stream" and "Decode" can be toggled, but otherwise do nothing. The connections icon has a hover-over describing my host and states I have a network connection. The help icon goes to the very limited documentation via browser. The settings icon pops open the settings dialog, which does appear to save changes, but not impact the "nothing" being done by the application. The capture button and inspectors button appear to do nothing. The main viewing area states "No records available." The area to the right of the main area states "Please, select a single Web Session to inspect." And that is it.
Either I'm doing (or not doing) something dumb, or it just isn't working for me. Any help would be appreciated :)
Mac specs: High Sierra 10.13.6, 2.6GHz i7, 16 GB memory
Simple as that: fiddler everywhere does not capture traffic to localhost, 184.108.40.206 AND when you insert your local address, it captures your request only to return that "
[Fiddler] DNS Lookup for "www.192.168.0.18" failed. System.Net.Internals.SocketExceptionFactory+ExtendedSocketException Device not configured
MAC OSX, using safari.
Other address are captured as expected
Describe the bug
When the location of the Windows Desktop is changed (e.g. like described here), the functionality for exporting the root certificate is not working.
Steps to reproduce the behavior:
Could not find a part of the path 'C:\Users<username>\Desktop\FiddlerRootCertificate.crt'.
The certificate is exported.
Desktop (please complete the following information):
Fiddler can't connect to domains with 3 consecutive hyphens.
This error occurs:
fiddler.network.https> HTTPS handshake to r1---sn-ab5szn7e.googlevideo.com (for #793) failed. System.ArgumentException Decoded string is not a valid IDN name.
Parameter name: unicode
Start Fiddler Everywhere (at least on Mac), make sure HTTPS decryption is enabled.
Go to www.youtube.com and try to watch a video.
The aforementioned error will occur in Fiddler.