FIDDLER

  • INTRODUCTION
    • Fiddler is web debugging proxy tool that captures all Hypertext Transfer Protocol (http)/ Hypertext Transfer Protocol Secured (http(s)) web traffic.
    • It was originally created by Eric Lawrence.
    • On 2012, Telerik and Eric collaborated to work on fiddler.
    • It allows us to inspect the web traffic, set breakpoints and fiddle with incoming and outgoing data.
    • Event based scripting subsystem is included in fiddler which can be extended using any .NET Language.
  • PROXY SERVER
    • Proxy Server works as a middle man for request from client who is expecting response in the form of file or web application from server.

-

  • Proxy Server are used to protect the privacy of the client who requested resource from server or any other computer.
  • From the above diagram, Alice's computer requests time resource from proxy and proxy which is acting like a third computer requests time resource from Bob and receives the response. There is proxy server in the middle of the communication Bob will not know to whom the response is sent.
  • There are many types of Proxy Server
    • A proxy server which passes unmodified requests and responses is called Gateway Proxy
    • A forward proxy server used to retrieve data from wide range of sources.
    • A reverse proxy server which is internal-facing proxy used as front-end control and protect access to a server on a private network.
  • Hypertext Transfer Protocol(http) and Hypertext Transfer Protocol (Secured)(https)
    • Hypertext Transfer Protocol (http)
      • http is the application layer protocol which is used for data communication between web servers and web browsers.

  • Installation and User Interface of Fiddler

  • WORKING OF FIDDLER

-

  • Web Browser sends the HTTP Request to Fiddler which will forward the request to original Server.
  • FEATURES OF FIDDLER
    • HTTPS Decryption
      • HTTPS is a combination of HTTP and a secured network protocol such as Secure Socket Layer. HTTPS is used to protect the sensitive content of website such as Login credentials, Credit Card details.
      • Using Fiddler, we can decrypt the traffic and view all the information which were passed.
    • Remote Connections
      • Remote Connections means to track the web traffic from other devices such as computer, mobile.
      • By adding fiddler as a proxy in wireless fidelity (wi-fi) settings, fiddler can log the web traffic generated by remote devices
    • Web Session Manipulation
      • Web Session Manipulation contains the actions like tempering with request and response messages generated by client machine and original server.
      • Using Quick execution, we can specify the command such as for setting breakpoint command is ├▒ BPU URL. BPU will create a breakpoint and fiddler will capture the request message before sending it to original server.
      • Fiddler's Auto responder is an advanced feature which enables you to have the web debugging proxy respond on behalf of the web server ├▒very useful functionality if you are trying to determine whether or not a client can handle correctly the server response. The Auto responder permits you to create rules that will automatically trigger a response to requests, by returning a previously-captured response without hitting the server.
      • Fiddler web debugger allows us to manually build new web request and alternatively make a duplicate copy of a particular web sessions.

-

  • Performance Testing
    • Fiddler can also be used to test the performance of the website. Statistics tab of fiddler shows detailed information of website content which is requested by client.
    • Statistics contains Response Bytes which includes size of content type such as Images, text/plain, JSON, XML and so on
    • There is pie chart shown in the fiddler which can be included in performance report of a website. Pie chart shows the distribution of the Content type in the website.

-

  • Security Testing
    • In Security Testing, Secure Socket Layer (SSL) decryption can be controlled by user i.e. if decryption feature in enabled then its on user to decide which process can automatically decrypt the content
  • Tutorial to manipulate Response
    • In this tutorial we are going to see the performance of Ray-Ban website (https://www.ray-ban.com/canada/en) which is using https channel to communicate through web Server, Following are the actions we are perform on this website:
      • Profiling the performance

Step 1: Open the web browser, copy and paste the link given above in the search bar.

Step 2: Open fiddler and you can see the web sessions that are captured in the image given below and now look for www.ray-ban.com link in the list of web sessions:

Step 3: Go to the Statistics tab in the fiddler and view the stats

Step 4: Under Statistics tab, there is a link of show cart which will display a pie chart:

View the request and response message streamed through the channel

Step 1: Go to Login Page on ray-ban website and enter the credentials

Step 2: Set Breakpoint in fiddler from Rules-\> Automatic Breakpoints -\> Before Request or by typing BPU URL in the quick Execution tab on left bottom window

Step 3: Click on Login button and open fiddler select the below shown link in web sessions

Step 4: Inspectors tab on the right window will show request message. Now, select the webForm view in the inspectors tab and look for Password row. We will get password of the user.

Tamper the response message

Step 1: Open Fiddler and set breakpoint from Rules-\> Automatic Breakpoints -\> After Responses

Step 2: On right window click on BREAK ON RESPONSE button and decrypt the response if it is in encoded format

Step 3: Change the response and click run to Completion from the following tab

Before tampering the response amount is $ 208