1. Introduction to Fiddler
Fiddler is an http protocol debugging proxy tool that can record and check all http communications between your computer and the Internet, set breakpoints, and view all "in and out" Fiddler data (referring to cookies, html, js , css and other files). Fiddler is simpler than other network debuggers because it not only exposes http communication but also provides a user-friendly format. Fiddler supports breakpoint debugging technology. When you select before request in the software menu—rules—automatic breakpoints option, or when these request or response attributes match the target’s standards, Fiddler can suspend Http communication and allow modification of the request and response. This capability is very useful for security testing, but also for general functional testing, since all code paths can be used for exercise. For the installation of Fiddler, see the installation and use of Fiddler in the blog post capture tool.
Two, Fiddler built-in command example
1, start packet capture monitoring
2. Stop capturing packets and monitoring
3. Filter the lines containing the specified string
4. Filter packets larger than 500 bytes
5. Filter the data flow whose http return status is 200
6. Filter the specified domain name data flow
7. Clear all sessions
8. Save all session requests
9. Filter the request of the specified response type
php to extract the processing code of the binary image from the database
pdf
0 stars
More than 10% of resources
28KB
download
3. Example of Fiddler breakpoint command
1. Start and stop breakpoint under the window
Click the arrow in the command window to start the request breakpoint (shortcut key F11), start the response breakpoint (alt+shortcut key F11), close the breakpoint (shift+shortcut key F11). Of course, you can also start and stop the menu bar –> Rules –> Automatic Breakpoints. However, these shortcut key operations are to set breakpoints on all request or response traffic. If you need to enable breakpoints for interesting traffic, you need to use command operations.
2. Put a breakpoint on the Baidu request traffic of the interested flow.
After entering the bpu baidu.com command, the request to visit Baidu is marked with a breakpoint, and the access is interrupted, and other websites are accessed normally. Cancel the request breakpoint after entering the bpu command.
3. Put a breakpoint on the baidu response traffic of the interested flow.
After entering the bpafter dist command, the request containing dist in the access link is marked with a breakpoint, the access is interrupted, and other websites are accessed normally. Cancel response breakpoint after entering bpafter command.
4. Modify the content of the request
data-channel: Convert data channel to stream
zip
0 stars
More than 10% of resources
3KB
Download
5. Release interrupt request
6. Put a breakpoint on the post request
4. Description of built-in and breakpoint commands
1. Description of built-in commands Command
Corresponding request item Command description Command example
? All A question mark followed by a string, which can match the request containing this string ?google
> Body A greater than sign followed by a number, It can match the request size, requests greater than this number > 1000
< Body less than sign is opposite to greater than sign, match the request size, requests less than this number <100
= Result equal sign followed by a number, can match HTTP return code =200
@ Host @ followed by Host, can match the domain name @www.baidu.com
select Content-Type select followed by the response type, can match the relevant type select image
cls All clear all current requests cls
dump All pack all session requests into saz compressed packages , save it to the "C:\Users\username\Documents\Fiddler2\Captures" directory, and the file name is dump.saz dump start
All start listening request start
stop All stop listening request stop
2. The breakpoint command description
command corresponds to the request item Command Description Command Example
bpu All bpafter is followed by a string, which means to interrupt all requests containing the string Breakpoint)
bps Result followed by status, which means to interrupt all requests with this status code bps 200 (input bps to release the breakpoint)
bpv / bpm HTTP method only interrupts the command of HTTP method, HTTP method such as POST, GET bpv get (input bpv release breakpoint)
g / go All release all interrupted requests g