Installation of fiddler
1. Open the official website. The download address of the official website is https://www.telerik.com/download/fiddler.
After opening, select your relevant information as shown below:
Then click the Download button to start downloading the
Fiddler installation.
After the download is completed, double-click the installation package, as shown below. :
Click the I Agree button, and then select the installation directory you want to store. If no modification is required, just use the default one.
Click the Install button and wait for a while before the installation is successful.
Click the Close button.
At this point we have successfully completed the initial installation.
1.2 Fiddler configuration monitoring
1.2.1 Using computer side monitoring
We double-click to open the software, enter the following interface, and then click on a request. You will find that the content of the request is a bunch of obviously wrong text, and then to the left of the request is a Regarding the lock style, if you think of https encryption, you will find that the reason may be that Fiddler is not configured. Then explain the default return content on the right. The first sentence is "This is a CONNECT tunnel, and encrypted HTTPS traffic flows through this tunnel." This confirms our guess. It is indeed due to https encryption.
So how to configure FIddler to parse these encrypted requests? The first method is to check the installation documentation on the official website, and the second is to read the prompts. The software company is very user-friendly and prompts where settings need to be made in the returned content, which is the sentence in the second line: “enable the Tools > Options > HTTPS > Decrypt
HTTPS traffic option."
We follow the prompts to set up. First, find Tools in the toolbar in the upper left corner, then select Options, HTTPS, then check the Decrypt HTTPS traffic option, and install the certificate after checking.
There are two ways to install the certificate:
After checking, click the Actions button on the right to select the **"Trust Root Certificate"** option, and then select all yes.
After checking, click the Actions button on the right to select the second option to export the certificate to the desktop, and then add it in the corresponding browser.
Then we open a new web page (such as Baidu) and view the request.
At this point, we can already monitor the request of the PC browser.
1.2.2 Mobile phone monitoring
But what if you want to capture packets from the app on your mobile phone? Then you also need to perform the following operations:
First of all, your computer and mobile phone where Fiddler is located must be in the same LAN (that is, connected to the same router).
Check your local IP address. There is an Online button in the upper right corner of Fiddler. Clicking it will display your IP information.
Configure connection information: Tools > Options >Connections
- The default port is 8888, you can modify it.
- Check the Allow remote computers to connect option, and then restart Fiddler. A message will pop up when you open it again. Just select OK.
Turn on your phone, find the WIFI you are connected to, press and hold to select modify network, enter the password and drag down, then check Show advanced options, then select Manual in the proxy column, and then add the IP address you previously viewed and Enter the port number and save it.
Finally, install the mobile phone certificate. Enter the computer's IP address and port number in the mobile browser column.
Here I am 192.168.1.157:8888
to enter a web page. Click on the FiddlerRoot certificate at the bottom to download the certificate. After the download is successful, install it in the settings. Installation steps :
Open advanced settings,
open security
, find the certificate to install from SD card,
find the certificate file,
click to name the certificate, and click OK to install successfully
(my phone is Huawei, please find the specific process according to the actual model, the keyword is install from SD card Certificate)
Test it, for example, open the Douyin app on your phone and find the request for comments.
You can see that we have successfully found the request corresponding to the comment
1.2.3 Fiddler4 main interface
Note: Open the target browser through the button on the upper right side of the main interface, so that all HTTP requests of the browser can be monitored, but If you don't do this, then you must modify the browser's proxy, because if your browser does not set the corresponding proxy after opening fiddler, fiddler will not be able to capture the HTTP request. The following is the proxy setting of IE browser after starting Fiddler:
Take Firefox as an example. By default, firefox does not enable proxy (if you install proxy tools or plug-ins such as proxy, it is another situation). In firefox The steps to configure http proxy are as follows:
Tools->Options->Advanced->Network->Settings. And configure the corresponding proxy as follows:
1.2.4 Let’s start analyzing the functional area of the main interface:
1. Fiddler menu bar, the black part in the above picture, including capturing http requests, stopping capturing requests, saving http requests, loading local session, and setting capture Rules and other functions.
2. Fiddler's toolbar, the yellow part in the picture above, includes Fiddler's operations for the current view (pause, clear session, decode mode, clear cache, etc.).
3. The Web Session panel, the red part in the picture above, mainly contains each http request captured by Fiddler (each one is called a session). It mainly contains the requested URL, protocol, status code, body and other information, as well as detailed fields. The meaning is as shown in the figure below:
#Bar icon description
Also, pay attention to the host field of the request. You can see responses from multiple subdomains of www.csdn.net, indicating that in the architecture of large websites, multiple subdomains are often required. These subdomains may be used solely to cache static resources, or they may be specifically responsible for caching static resources. Media resources, or those responsible for data statistics (such as pingback)
** 2. APP configuration
(taking Android as an example, Apple's process is the same, you only need to manually turn on the trust certificate after installing the certificate).
1. First, make sure that both the mobile phone and the computer are on the same network:
The method is: open a hotspot on your phone and connect your computer to the hotspot on your phone; or open a hotspot on your computer and connect your phone to the hotspot on your computer;
2. You need to know the IP address of the computer (of course this computer is the computer where fiddler is installed):
The first method is to open fiddler, click the lower triangle pointed by the arrow, hover the mouse over Online, and you can see the IP address. My IP is 10.54.58.26
The second method is to enter ipconfig query through the dos command window. The IPv4 address corresponds to ip:10.54.58.26
3. Check the port number of fiddler, Tools->Options->Connections, the value in port is the port number, generally the default is 8888, no need to change:
4. Next, start operating the mobile phone;
1) Download the certificate: Open the mobile browser, enter http://ip:port number, click Go, see the picture below: (You must re-download and install the certificate every time you change wifi), for example, My mobile phone: Enter: http://10.54.58.26:8888 in the browser window. After accessing the website, you will jump to the certificate download page. Click FiddlerRoot certificate to download the certificate.
2) After downloading the certificate, install the certificate: Search for the certificate in the phone settings and enter the installation certificate interface:
3) Change the proxy of mobile wireless network:
3-1) Modify the network:
3-2) Check Show advanced options and change the proxy to manual:
3-3) Enter the computer IP address and default port number and click Save
5. Now you can capture the packet
