Fiddler mobile phone packet capture steps

Use fiddler to achieve mobile phone packet capture

https://www.cnblogs.com/wenbodeboke/p/9770771.html

Error when installing https certificate on Fiddler mobile phone: The certificate cannot be installed because the certificate file cannot be read

https://blog.csdn.net/qq_32963841/article/details/86611017

Fiddler mobile terminal cannot access the certificate file during download and installation

https://blog.csdn.net/fm345689/article/details/84195264

 

The above is the information found during the implementation process

Fiddler mobile packet capture steps: follow the link on the link

https://www.cnblogs.com/wenbodeboke/p/9770771.html

I just recorded the steps here for later interviews

Interview questions:

1. How does fiddler catch HTTPS packets?

For HTTPS on the web, just check in the Fiddler-> Tool-> Options> HTTPS panel: capture HTTPS connections and decrypt HTTPS requests

2. How to grab the phone's bag?

1. For the mobile phone, in addition to the above operations, fiddler also needs to allow the mobile phone to connect remotely (connect the Connections panel  next to HTTPS above to allow remote connections)

2. Then connect the mobile phone with the same wifi as the computer, and then set up a network proxy (select this wifi in the mobile phone wifi management to modify the network, change the proxy to manual, the server host name to the computer ip, and the port to 8888)

3. Access the computer's ip plus port 8888 address in the mobile browser  , download the fiddler certificate

(The pit I stepped on: the computer ip cannot be accessed after setting the proxy on the mobile phone. It turned out that the computer ip was wrong. The computer ipconfig came out several ips. Some of them were the history of the wired network that I connected before. I just looked at an ip. Fill, in fact, to choose the IP assigned to the network you are currently connected to)

4. Install the certificate you just downloaded on your phone,

Note: It could have been found in the browser download management-click to install directly, but the Xiaomi phone I used clicked on the prompt that the certificate could not be read,

How to do? -> Go to the phone settings to find security and privacy> Credentials> Install from SD card> Find the fiddler certificate, click it to pop up to set a name, set it up> Pop up again to set a password> There is a problem here to set the password failure

what happened? How to do? -> It turns out that the phone must first set a lock screen password, so first go back to set the lock screen password, and it is a digital lock screen password. I used to use a pattern lock screen.

After setting the lock screen password, return to the previous step to install the certificate successfully

 

 

1. Install the HTTPS certificate 

Open the Fiddler-> Tool-> Fiddler Options-> HTTPS tab, check and capture Capture HTTPS CONNECTs (capture HTTPS connections) and Decrypt HTTPS traffic (HTTPS request decryption)

 

2. Allow the phone to connect remotely

If you want to capture the communication data on the mobile phone, you need to connect the mobile phone to the Fiddler proxy, and Fiddler does not allow other devices to connect by default. Solution: Click Fiddler-> Tools-> Options, select Allow remote computers to in the Connections panel connect allows other devices to connect (this operation needs to restart Fiddler to take effect).