Transcript Fiddler
Fiddler Introducing Fiddler • HTTP/HTTPS Debugger • Runs as a proxy server on the local machine or on a remote server • Written in C# (.NET Framework v2.0) • Freely available from http://www.fiddler2.com How does Fiddler work? Firewall Firefox CryptoAPI WinHTTP Internet Explorer WinINET Office Fiddler CorpNET Proxy example.com Mac PC Debugging non-Windows clients PocketPC Linux Fiddler Internet Who uses Fiddler? • Microsoft engineers • Support teams • Lots of external web developers (10K+ downloads per week) • Security researchers • Some bad guys What can Fiddler do? • HTTP/HTTPS traffic monitoring and analysis • Request and response modification • Timing and network manipulation HTTPS Traffic Decryption Fiddler UI: Session List • Icons show status of request/response • Lists all traffic • URLs, size, and key headers • Icons show status of request/response Fiddler UI: Inspectors Inspectors allow you to visualize requests and responses in meaningful ways. FiddlerScript Rules • Rules are where Fiddler gets really fun! • Use JavaScript to manipulate request or response headers or entity body. Extending Fiddler UI FiddlerScript and extensions can add new menu items or tabs. Using Simple Filters Flag, modify or remove headers from all requests and responses. AutoResponder Replay previously captured or generated traffic. Request Builder Create hand-built HTTP requests, or modify and reissue a request previously captured. Traffic Comparison Use WinDiff to compare HTTP requests and responses. QuickExec QuickExec allows you to issue textual commands directly… Search Traffic Search for strings in all captured traffic. Text Encoding / Decoding Convert text between popular web encodings. SAZ Files • “Session Archive ZIP” files store raw traffic. • SAZ files are compressed and may be password protected. • SAZ files can be reopened by Fiddler or standard ZIP utilities. • FiddlerCap allows capture of SAZ files by non-technical, often remote, users. FiddlerCap Use FiddlerCap for remote collection of evidence. www.fiddlercap.com Fiddler application with extensions Fiddler 2 Your application hosting FiddlerCore YourApp.exe ExecAction.exe Inspector2 Inspector2 IFiddlerExtension IFiddlerExtension Fiddler ScriptEngine Your FiddlerScript FiddlerCore Xceed*.dll Makecert.exe FiddlerCore Xceed*.dll Makecert.exe Questions? https://www.fiddler2.com © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.