Shulou(Shulou.com)06/02 Report--

Editor to share with you how to use Fiddler to solve SSL encryption data packets, I believe that most people do not know much about it, so share this article for your reference, I hope you can learn a lot after reading this article, let's go to know it!

In the process of developing Internet applications, network interfaces are often set up or used. In order to debug the use of a network interface, it is often necessary to view the network traffic or packets flowing into and out of the network interface. "packet grabbing tool" is a kind of tool used to record data through a network interface.

As we know, the network protocol is designed in layers, and the OSI model divides the network protocol into seven levels. Different packet grabbing tools can work at different levels of network protocols. The commonly used Wireshark is a packet grabbing tool that works on the network layer, which not only comes with a large number of protocol analyzers, but also can identify custom protocols by writing Wireshark plug-ins. Although Wireshark is powerful, it can not solve all the packet capture problems. The reasons are:

Wireshark works at the network layer; if the computer is configured with IPSec transport layer encryption, traffic at the network layer is encrypted and nothing can be seen.

Today, a large number of network interfaces use HTTPS encryption, Wireshark can not grab the plaintext content of HTTPS traffic.

So, how do you grab the plaintext content of the HTTPS request? You can do it with Fiddler.

Fiddler is a HTTP package grab software written by Eric Lawrence. Fiddler works on the application layer and acts as a HTTP proxy server for other programs. It can directly grab and analyze HTTP traffic, or it can act as a "middleman" to grab and analyze HTTPS traffic.

Fiddler grabs HTTPS traffic

The packet capture function of http and https of fiddler is very powerful, but it is very convenient to track and play back the breakpoint of the package, but the ordinary configuration for APP such as China Merchants Bank, Alipay and Momo cannot catch the package, and some special configurations are needed. This article lists the detailed configuration of https grab package under fiddler Android for your reference.

Two hosts need to be prepared, one to open fiddler and proxy traffic, and the other to act as the proxy (which can be a computer or mobile phone)

The first thing to do is to configure

Select Fiddler options to start configuration

Check capture HTTPS connection, decode HTTPS traffic, ignore server certificate error

Transport remote host connection

After enabling the remote connection function, you can use the command to check whether the IP address that Fiddler listens to is 0.0.0.0. If not, you can restart Fiddler.

Let's take the grab bag of Android mobile phone as an example.

Systems after Android version 4 support two proxy modes "none" and "manual" in the advanced options for wifi connections.

Android 5.x later also supports another option "automatic configuration", you can write pac configuration files, automatic proxy requires the domain name of the agent, not to mention.

The mobile phone opens the wifi connection interface, and long press the wifi hotspot to open "modify Network".

Fill in the ip port on the computer side of the agent host and fill in the port 8888 that Fiddler listens by default.

Save the connection.

Fiddler root certificate trust is installed on the mobile phone

Open the proxy page with a browser on the mobile phone

Click to install certificate trust for a connection with a root certificate at the bottom of the page

Assign a name to the user certificate and make sure it is done.

Look at the effect.

Open and log in to Weibo on your mobile phone, and then watch the capture page of Fiddler.

The URI can already be seen in the https connection, and the HTTP header can be seen on the right.

OK, you can grab the Android package, but not all app https traffic can be caught. For example, Google service is based on https channel traffic, so it cannot be parsed.

There are also applications that do not use Android's HTTP connector, so they cannot be applied to the proxy configuration in the wifi settings.

Of course, we will not discuss some of the problems on Android here, but mainly discuss how to use Fiddler to solve HTTPS traffic.

The above is all the contents of the article "how to use Fiddler to solve SSL encrypted data packets". Thank you for reading! I believe we all have a certain understanding, hope to share the content to help you, if you want to learn more knowledge, welcome to follow the industry information channel!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.