IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [fiddler]

Fiddler is a debugging proxy.

16 questions
5
votes
4 answers

Fiddler show external requests but not initiated by any legitimate process

While debugging my web application in Fiddler, I found out that there are some suspicious requests to some hotel sites, search requests to google.pl. etc. See below images. Strangely there no process displayed in Fiddler. It's definitely a virus.…
Kiran Ambati
  • 161
  • 1
  • 1
  • 4
4
votes
1 answer

How come I can see a full HTTPS requests via Fiddler?

I am testing a C# web API hosted on a remote server, and I am monitoring HTTPS traffic using Fiddler. What confuses me is that via Fiddler I can see all of the POST payload, headers and host URL addresses for both the request and the response.…
mko
  • 179
  • 1
  • 6
2
votes
3 answers

Is it possible to extract a certificate that an application uses to connect to an API server?

There's an API server that only allows connections including specific SSL certificates. Talking about an Android application that has those certificates. Using Fiddler without SSL decryption as a proxy between the app and the server, I can see the…
Ali Padida
  • 135
  • 9
2
votes
1 answer

Decrypting SSL traffic using Fiddler to see requests being sent by malware written in .NET

I tried to find the GET data of some malware but it appears that this malware is encrypting traffic using SSL. When I tried to decrypt the SSL data via Fiddler, I always get nothing — only information about the SSL configuration as you can see in…
Harry G
  • 21
  • 2
1
vote
0 answers

How do I intercept packages in a Facebook application?

I can not listen to HTTPS traffic in the Facebook application through Fiddler and Burp. SSL-Pinning is disabled through SLL Kill Switch 2 (other applications such as Twitter, Snapchat with SSL-Pinning are well-audible) and Mobile Assistant (for…
Dmitry Maslennikov
  • 131
  • 6
0
votes
0 answers

Fiddler with Android Emulator mostly shows "A SSLv3-compatible ClientHello handshake was found" with no headers or data

When I run fiddler with a proxy for the BlueStacks Android emulator (on Windows), many of the results are listed as "Tunnel to" a random IP address, with no headers and no information on the data sent. Clicking on one reveals "A SSLv3-compatible…
Adam
  • 1
0
votes
1 answer

Can applications or websites know if their traffic is decrypted and re-encrypted by Fiddler?

Can websites, server-side apps such as those that rely on a constant connection with server e.g. messaging apps, server-side online games such as those that rely on constant server connection for player movement, inventory data etc. tell that I used…
user279925
0
votes
0 answers

Export Fiddler Site Specific Cert

I have a site example.com that I am currently intercepting https traffic for and pointing it to my local server using fiddler. I would like to take fiddler out of the equation by installing the site's certificate that is generated by fiddler on my…
PGBRULES
  • 1
0
votes
0 answers

Decrypt mobile phone app TLS/SSL traffic using Wireshark and Fiddler/Charles/MITM Proxy

I currently use fiddler/Charles Proxy/MITM proxy to decrypt and analyze SSL/TLS traffic from suspect mobile apps I want to analyze. The process I follow is to export a CA cert from Fiddler, then import that cert onto the physical phone. I then…
IM3CPO
  • 1
0
votes
1 answer

What are the risks when using proxy such as Fiddler

I would like to understand a point. When I use fiddler it creates a local proxy to analyze the traffic, so far everything is fine. However when Fiddler is launched and I browse an HTTPS site the certificate on the browser is "replaced" by the one…
Marc Alves
  • 49
  • 4
0
votes
0 answers

Watch Encrypted IMAP Responses

I'm trying to see if I can decipher the messages coming back from Exchange when I try and login via secure IMAP. My office 365 accounts are under attack and I've disabled IMAP (and legacy login) but I'm still getting errors (bad passwords) in…
Sean
  • 1
0
votes
0 answers

capturing web-sockets packets from IOS using fiddler

I am using latest Fiddler version trying to capture web-sockets requests from an IOS application. I am able to see only HTTP and HTTPS requests. Laptop(Running fiddler on port 8888) and mobile both are on same network Laptop IP - 192.168.4.2 mobile…
Gowtham
  • 983
  • 6
  • 13
0
votes
0 answers

Decryption of TLS/SSL Traffic With the debug file of fiddler on wireshark

I wanna decrypt some packets on Wireshark, when I search the Internet, some people were said to use SSLKEYLOGFILE environment, I do the stuff, but it looks like that chorme doesn`t update that file when I'm visiting my targeted site. by the way,…
Lord ST
  • 101
0
votes
1 answer

how to capture and decrypt packets sent over TLS

I have been using MITM for decrypting https traffic , using tools like fiddler and burpsuite . Is there a way to decrypt packet sent over TLS, any guidance would be a real help.
Amit Chahal
  • 1
  • 1
  • 1
-3
votes
4 answers

How do i know some software send data behind the scene to internet

Is there any way to use tools such as Fiddler to easily figure out if any software from my system sends data to the internet behind the scene? I have downloaded some open source free software's to achieve some tasks. But worried if they scan my PC…
kudlatiger
  • 149
  • 1
  • 8
1
2