Test Tools Fiddler (a) ---- basics

Others 2020-01-01 15:48:41 views: null

Fiddler Basics

First, what Fiddler Shi ?

Fiddler is a proxy http protocol debugging tool that can record all HTTP requests between clients and servers, can target specific HTTP requests, request data analysis, set breakpoints, debugging web applications, modify data requests and even modify data returned by the server, very powerful, is a web debugging tool.

Two, Fiddler's main function

  1. Intercepted from the browser or client software to the server sends the request http / https
  2. Modifying the client or the server in response to the request
  3. Creating automatic response rules
  4. Weak network simulation scenarios
  5. Provide third-party extensions, site performance test

Three, Fiddler works

 

Fiddler is a proxy form work WEB server, the browser / client and the server by establishing a TCP connection to communicate with the HTTP protocol, which uses proxy address: 127.0.0.1, port: 8888

First fiddler to intercept the client browser sends to the server https requests, has not been established at this time to shake hands.

The first step, Fiddler sends a request to the server for the handshake to get to the CA certificate server, be decrypted with the public key of the root certificate to verify the signature server data, access to the server CA certificate public key.

The second step, fiddler forge their own CA certificate, transfer certificate impersonating a server to the client browser, the client browser to do things like fiddler.

A third step, the client browser generates a symmetric key https communication, and transmitted to the server certificate with the public key encryption forged fiddler, fiddler be intercepted.

A fourth step, Fiddler intercepted ciphertext with his private key to unlock the fake certificates, symmetric key to obtain the https communication.

A fifth step, Fiddler symmetric key to the server certificate with public key encryption server, the server private key to unlock establish trust After the handshake is complete, symmetric key encryption message, starts communication.

A sixth step, Fiddler received ciphertext sent by the server, using a symmetric key to unlock, the server sends the plaintext. Encrypted again and sent to the client browser.

A seventh step, the client sends a message to the server, the key is encrypted with a symmetric, is the intercepted fidller, decrypting the plaintext.

Since fiddler has been communicating with a symmetric key, so that the entire communication process https of the transparent information.

Guess you like

Origin www.cnblogs.com/poloyy/p/12128882.html
Recommended
Ranking
#2019110700005
What materials and procedures are required for patent transfer
What is the blockchain Ethereum triplet state root transaction root receipt root
Front-end study notes 04 --- About the insertion of html pictures and videos
Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries
2017 Qingdao-site tournament I The Squared Mosquito Coil
[BZOJ3165][HEOI2013]Segment (line segment tree without marking)
Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju
The latest tutorial on making framework for iOS
DAX Section 6: Statistical Functions
Daily
More
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)

Code World

© 2018 codetd.com