1

I want to capture traffic from a host using HTTP, but I do not see a response coming back. If I close fiddler, my application runs as normal.

I see '-' in the Result section, where it should have been an HTTP response code. If I manually execute the request using Composer, I get a 200 response. Fiddler is able to capture traffic from all other web applications without issue.

I have installed Fiddler certificate. Troubleshooting Mode returns 200. The host does not use HTTPS, but I have enabled Capture HTTPS Connects anyways.

I am using Fiddler v5.0.20182

david
  • 95
  • 1
  • 17

2 Answers2

2

Some applications performs certificate pinning. Also web applications can perform certificate pinning e.g. via HTTP Public Key Pinning (HPKP). If you have ever used the web application in your browser without Fiddler, the web app public key has been downloaded and cached in the web-browser.

Afterwards the Fiddler root certificate is no longer accepted for that site/app even it it has been installed correctly. You should be able to identify such problematic connections in Fiddler if you only see a CONNECT request but no subsequent requests to the same domain.

To delete the HPKP in your web browser you should use a fresh profile or clear the complete browser cache. Afterwards only use it with activated Fiddler proxy and SSL decryption. As far as I know Fiddler will remove HPKP data from responses so that the web application should also work with Fiddler in between.

Robert
  • 39,162
  • 17
  • 99
  • 152
  • I am using a third party application to connect to the host. I cleared browser cache and also added Fiddler Cert using Trust Root Certificate but I do not see a response getting back. It is a POST request that's "stuck". Can you please let me add to how I can "only use it with activated Fiddler proxy and SSL decryption" – david Apr 08 '19 at 21:55
  • @david Is the third party application a browser based webapp or not. Your question does not answer this. If it is a stand-alone app delete all app data (and therefor all caches). Start Fiddler an set it as system-wide default proxy. Then start the app. Do not close Fiddler as long as the app is running. – Robert Apr 09 '19 at 07:29
  • the app is stand-alone and not browser based. I checked "Act as system proxy on startup" is set in Fiddler. I started fiddler first and then the app, but still no luck. Any suggestions? – david Apr 10 '19 at 19:17
  • @david: Sometimes you have to manually configure the proxy inside the app. If the app is a Java based app you can specify the proxy at start-up: https://stackoverflow.com/a/45060126/150978 – Robert Apr 11 '19 at 07:39
  • It is not a Java based app. I am still not able to capture traffic. Perhaps it could be related to any proxy settings for the host I am trying to connect to? Any other suggestion? – david Apr 19 '19 at 18:46
0

I think you should be able to uncheck the options for https, uncheck the boxes which appear checked here? Or you might be able to skip decryption by adding the host in the box below where it says Skip decryption for the following hosts

enter image description here

lacostenycoder
  • 10,623
  • 4
  • 31
  • 48