5
1
Possible Duplicate:
Find what URL an EXE file is sending data to
Is it possible to find out what URL (not IP address and port) a program is requesting on Windows 7?
Propeller
Posted 2012-08-23T08:25:12.670
Reputation: 1 055
Finding out what URLs a program accesses? - Windows 7
Answers
4
I have used Fiddler 2 for quite some times for such purposes. Also very handy to tinker with requests and see what exactly goes over the wire with HTTP.
Joey
Posted 2012-08-23T08:25:12.670
Reputation: 36 381
3
The Charles web debug proxy, for instance, can intercept and show you the URLs and data accessed by a program. I believe it is able to set itself up as the Windows system proxy, so should be able to intercept all URL calls made by programs.
There are lots of other debug proxies out there - google will find them for you. We've had great results with Charles though, so maybe start there.
Faelkle
Posted 2012-08-23T08:25:12.670
Reputation: 215
1
Install Wireshark - it'll let you monitor all outgoing and incoming traffic, and it is capable of examining the traffic in order to extract the URL being accessed.
Note that this cannot be done for https (secure) websites as the URL is encrypted. So you'll only get the IP address in those situations.
PhonicUK
Posted 2012-08-23T08:25:12.670
Reputation: 2 921
@Joey And an H-bomb is a bit overkill for killing a fly. (I've used Wireshark once--a royal pain due to the amount of data it recorded.) – Loren Pechtel – 2019-09-09T03:57:39.860
1Wireshark is probably a bit overkill for monitoring just a single protocol. – Joey – 2012-08-23T08:40:19.357
Maybe, but it'd get the job done nicely. It's perfectly straightforward to only capture HTTP traffic so it's not a case of information overload. Plus you would need something that can do SPI in order to extract the actual URL from the requests. – PhonicUK – 2012-08-23T08:42:29.540
0
I've used Wireshark, Fiddler 2, Charles, and HTTP Analyzer.
Charles and Fiddler 2 have more debugging features then HTTP analyzer, such as ability to prevent requests from coming through, or allowing them to be edited, they can also view HTTPS via the browser. It's my understanding that they both work as a proxy and intercept that way, where as all HTTP/HTTPS is submitted through them, and then to the destination. Fiddler2 uses the default windows proxy system so it requires a firefox add-on to be installed.
Wireshark is the most technical but displays every bit of information you can obtain from the networking such as TCP and UDP protocols. It's not the recommended solution if all you are after is HTTP(S).
Sometimes when Charles or Fiddler 2 don't work as expected, such as when the application uses a non-compliant HTTP request. My typical go to application is Http Analyzer Standalone.
I think it works by actually injecting itself into the application and reading the WinINet and/or other APIs calls so there is no need to redirect the network to a debugging proxy. HTTP Analyzer can also read HTTPS if it goes through WinINet. The main issue with this solution is that it only has a 30 day trial and then you can't get access to raw data anymore - Where as I think fiddler2 and wireshark are freeware and Charles functions as normal but just with an annoying splash screen and automatically closing after a time interval.
Sometimes, when I have an application that I want to read what's being send via HTTPS I will use http://www.proxifier.com/ to run the connection through a debugging proxy - either HTTP or SOCKS mode depending on what you need, I've always had more success with Charles vs Fiddler2 using this.
ParoX
Posted 2012-08-23T08:25:12.670
Reputation: 139
any other service without the word proxy in it? That word is banned by my service provider. – 168335 – 2012-08-23T08:30:06.517
1Fiddler 2 should work too. – Joey – 2012-08-23T08:39:57.873
Thanks @Joey, Fiddler2 seemedto have done the trick. And it's free! Will you write that as an answer? – Propeller – 2012-08-23T08:45:48.940