[Reptile study notes day08] 1.6. HTTP / HTTPS packet capture tool -Fiddler + HTTP proxy artifact Fiddler + works + Fiddler crawling HTTPS setting Chrome + how to capture the session + Fiddler

1.6. HTTP / HTTPS packet capture tool -Fiddler

Fiddler HTTP proxy artifact

Fiddler Web Debugging is a powerful tool that can record HTTP requests for all clients and servers. Fiddler startup, set to the default IE proxy 127.0.0.1:8888, while other browsers need to be set manually.

working principle

Fiddler is a proxy server in the form of web work, it uses the proxy address: 127.0.0.1, port: 8888

Fiddler crawling HTTPS setting

1. Start Fiddler, open the Tools menu bar> Telerik Fiddler Options, open the "Fiddler Options" dialog box.

   

2. Fiddler on the set:

   • Open the toolbar -> Tools-> Fiddler Options-> HTTPS,

   • Select Capture HTTPS CONNECTs (capture HTTPS connection),

   • Select Decrypt HTTPS traffic (decrypt HTTPS traffic)

   • In addition, we use the HTTPS request Fiddler get this machine all processes, so the middle of the drop-down menu, select ... from all processes (from all processes)

   • Select below Ignore server certificate errors (ignore server certificate error)

     

3. Configure Windows to trust this certificate should Fiddler security warning: Trust Root Certificate (trusted root certificate).

   [Picture dump outside the chain fails, the source station may have a security chain mechanism, it is recommended to save the pictures uploaded directly down (img-af8QFfIQ-1580305912010) (... / images / 01-fidder_03.png)]

4. Fiddler 主菜单 Tools -> Fiddler Options…-> Connections

• 选中Allow remote computers to connect（允许远程连接）

• Act as system proxy on startup（作为系统启动代理）

  

5. 重启Fiddler，使配置生效（这一步很重要，必须做）。

Fiddler 如何捕获Chrome的会话

1. 安装SwitchyOmega 代理管理 Chrome 浏览器插件
   

2. 如图所示，设置代理服务器为127.0.0.1:8888

3. 通过浏览器插件切换为设置好的代理。

Fiddler界面

设置好后，本机HTTP通信都会经过127.0.0.1:8888代理，也就会被Fiddler拦截到。

请求 (Request) 部分详解

1. Headers —— 显示客户端发送到服务器的 HTTP 请求的 header，显示为一个分级视图，包含了 Web 客户端信息、Cookie、传输状态等。
2. Textview —— 显示 POST 请求的 body 部分为文本。
3. WebForms —— 显示请求的 GET 参数 和 POST body 内容。
4. HexView —— 用十六进制数据显示请求。
5. Auth —— 显示响应 header 中的 Proxy-Authorization(代理身份验证) 和 Authorization(授权) 信息.
6. Raw —— 将整个请求显示为纯文本。
7. JSON - 显示JSON格式文件。
8. XML —— 如果请求的 body 是 XML 格式，就是用分级的 XML 树来显示它。

响应 (Response) 部分详解

1. Transformer —— 显示响应的编码信息。
2. Headers —— 用分级视图显示响应的 header。
3. TextView —— 使用文本显示相应的 body。
4. ImageVies —— 如果请求是图片资源，显示响应的图片。
5. HexView —— 用十六进制数据显示响应。
6. WebView —— 响应在 Web 浏览器中的预览效果。
7. Auth - Show Response Proxy-Authorization (proxy authentication) and in the Authorization header (authorization) information.
8. Caching - display buffer requests for this information.
9. Privacy - private displays this request (the P3P) information.
10. Raw - The entire response is displayed as plain text.
11. JSON - JSON format display.
12. XML - body if the response is in XML format, XML is a hierarchical tree to display it.