Introduction to Fiddler
①Fiddler is a powerful packet capture tool. Its principle is to work in the form of a web proxy server. The proxy used is The physical address is: 127.0.0.1, and the default port is 8888. We can also modify it through settings.
②Proxy {filtering} is to set up a barrier between the client and the server. After the client sends the request data first, the proxy server will send the data packet To intercept, the proxy server then pretends to be a client and sends data to the server; similarly, the server will return the response data, and the proxy server will also intercept the data and return it to the client. .
③Fiddler can capture the data packets of any program that supports http proxy processing. If you want to capture https sessions, you must first install the certificate.
Tip 1: Newly install Fiddler
By default, Fiddler will not capture HTTPS sessions. You need to set it up and open Fiddler Tool->Fiddler
Options-> HTTPS tab
Select the checkbox, the following dialog box will pop up, click "YES"
##After clicking "Yes", it is set up Tip 2: Fiddler connects to the mobile phone proxy configuration: 1) Open Fiddler->Tools->Fiddler Options in sequence In the [Connection] panel, check Allow remote computers to connect and set the port number [default is 8888, other port numbers can be modified]; click the [OK] button, close Fiddler and reopen Fiddler. 2) Get the local IP for mobile phone configuration, windows->run->cmd->ipconfig; get the local IP to easily obtain the local IP There are two methods for IP: ①Place the mouse on Online in the upper right corner of fiddler, and some information such as the IP and Host of the machine will be displayed, as shown below ②Click windows->Run->cmd->ipconfig; get the local IP##3) Mobile phone configuration: Change the proxy setting to [Manual] , enter [proxy server host name] (corresponding to the IP address of the PC), enter [proxy server port number] (port number configured by Fiddler)
4) All configurations are completed , now use your mobile phone to open the assistant, and you can monitor the requests sent by the mobile phone in Fiddler
Tip 3: Fiddler’s basic interface
Under the Inspectors tab, there are a number of options available for viewing request or response messages. The Raw Tab can view the complete message, and the Headers tab only views the header in the message. As shown below
Tip 4: After starting Fiddler, the Response is garbled, what should I do?
Sometimes we see that the HTML in the Response is garbled. This is because the HTML is compressed. We can decompress it in two ways.
1. Click "Response is encoded any may need to be decoded before inspection. click here to transform"
2. Select "Decode" in the toolbar. This will automatically decompress, just restart after decompression
Tip 5: Using the QuickExec command line
There is a command line tool in the lower left corner of Fiddler It's called QuickExec and allows you to enter commands directly.
Common commands are:
help: Open the official usage page introduction, all commands will be listed
cls: Clear screen
Select: Command to select session
?.png: Used to select pictures with png suffix
bpu: Intercept request
Tip 6: Create AutoResponder rules in Fiddler
Fiddler's AutoResponder tab allows you to return files locally without sending the http request to the
server
See an example.
1. Enter the assistant homepage and enter Save the serverconfig.html connection to the local desktop, select the request, right-click ->copyàJust Url
2. Select the request, click on the right side to select AutoResponder, click Add Rule, and add the request. Or drag this session to the AutoResponer tab
3. Select Enable automatic reaponses and Unmatched requests passthrough
4. Change the locally saved configuration file and select Find a file under the Rule Editor below... Select the locally saved image. Finally click Save Save
5. Re-enter the assistant for the first time and check the serverconfig. The data returned is the data you modified
Tip 7: How to filter sessions in Fiddler
Every time I use Fiddler and open a website, I can see dozens of sessions in Fiddler, which is dazzling. The best way is to filter out some conversations, such as those that filter out pictures. There is a filtering function in Fiddler. In the Filters tab on the right, as shown below, only requests with zhushou.sogou.com are displayed
Tip 8: Provided in Fiddler Encoding gadget
Click TextWizard on the Fiddler toolbar. This tool can Encode and Decode string.
##Tip 9: Query session in FiddlerOpen the Find Sessions dialog box, use the shortcut key Ctrl F, and enter keywords to find the required session. The queried session will be displayed in yellow Tip 10: Save the session in FiddlerSometimes we need to save the session so that it can be sent to others or I will analyze it later. The steps to save a session are as follows: After selecting the session you want to save, click "File" -> "Save" -> "Selected Session" in the menu bar CustomRules.js Main method in CustomRules.js: Static function OnBeforeRequest(oSession: Session)//Modify the content of Response in this method, After rewriting: OnBeforeResponse It is a static function with the parameter Session//Contains the Fiddler command in this method. The QuickExec Box is located in the lower-left corner of the Fiddler interface.function OnExecAction(sParams: String[])Example: Modify sogouid① In the menu Click Rules—》CustomRules in the column, open the CustomRules.js script② Add the following script, write the interface name in (), and fill in the request data in the url③ Change what you want to change Sogouid canPut this script under the oSession.uriContains() method, and click "Save script", so that the sogouid under this interface will become the id you changedif(oSession.uriContains("install.html?")){oSession.url="mobile.zhushou.sogou.com/m/install.html?uid=d15449c17bbded35c98973670c1e1e0c&vn=3.11.2&channel=sogouinputgx&sogouid=e9ed8a54201e5481e20f6760804772c3&stoken==IhTefovaz0ppdInTQxRlnQ&cellid=&sc=0&iv=311";Tip 11: Modify session in Fiddler Display stylePut this script in OnBeforeRequest(oSession: Session) method, and click "Save script", so that all cnblogs sessions will appear green. if (oSession.uriContains("mobiletoolhit.gif?")) {oSession["ui-color"] = "green";} Tip 12: How to modify the body in Request in Fiddler ScriptMethod 1:Static function OnBeforeRequest(oSession: Session) {if(oSession.uriContains( "http://www.cnblogs.com/TankXiao/")) {//Get the body string in RequestVar strBody=oSession.GetRequestBodyAsString();
//Use regular expressions or replace methods to modify stringstrBody=strBody.replace("1111","2222");//Pop up a dialog box to check Modified bodyFiddlerObject.alert(strBody);//Rewrite the modified body back to RequestoSession.utilSetRequestBody(strBody);} }Method 2: Provide a simple method to directly replace the data in the bodyoSession.utilReplaceInRequest("1111","2222");Post request simulationIf the client data is wrong during testing, you may need to request a certain URL separately to see if the returned data is correct. Requesting through the client sometimes requires complex environmental requirements. The whole process is quite laborious. You can save some time by making a separate request to see if the data is correct. Of course, you can directly use the browser to see the returned data for the get request. Since the post data contains body data, you need to use tools, such as fiddler's composer. The function is born for this, as shown below, fill in the url at the top, select the request method, add the post data in the body below, click execute to make the request, and you can see the return of this simulated request through the inspectors Worth it.
The above is the detailed content of How to install and use Fiddler. For more information, please follow other related articles on the PHP Chinese website!