Introduction to Fiddler
①Fiddler is a powerful packet capture tool. Its principle is to work in the form of a web proxy server. The proxy used is The physical address is: 127.0.0.1, and the default port is 8888. We can also modify it through settings.
②Proxy {filtering} is to set up a barrier between the client and the server. After the client sends the request data first, the proxy server will send the data packet To intercept, the proxy server then pretends to be a client and sends data to the server; similarly, the server will return the response data, and the proxy server will also intercept the data and return it to the client. .
③Fiddler can capture the data packets of any program that supports http proxy processing. If you want to capture https sessions, you must first install the certificate.
Tip 1: Newly install Fiddler
By default, Fiddler will not capture HTTPS sessions. You need to set it up and open Fiddler Tool->Fiddler
Options-> HTTPS tab
Select the checkbox, the following dialog box will pop up, click "YES"
##3) Mobile phone configuration: Change the proxy setting to [Manual] , enter [proxy server host name] (corresponding to the IP address of the PC), enter [proxy server port number] (port number configured by Fiddler)
4) All configurations are completed , now use your mobile phone to open the assistant, and you can monitor the requests sent by the mobile phone in Fiddler
Tip 3: Fiddler’s basic interface
Under the Inspectors tab, there are a number of options available for viewing request or response messages. The Raw Tab can view the complete message, and the Headers tab only views the header in the message. As shown below
Tip 4: After starting Fiddler, the Response is garbled, what should I do?
Sometimes we see that the HTML in the Response is garbled. This is because the HTML is compressed. We can decompress it in two ways.
1. Click "Response is encoded any may need to be decoded before inspection. click here to transform"
2. Select "Decode" in the toolbar. This will automatically decompress, just restart after decompression
Tip 5: Using the QuickExec command line
There is a command line tool in the lower left corner of Fiddler It's called QuickExec and allows you to enter commands directly.
Common commands are:
help: Open the official usage page introduction, all commands will be listed
cls: Clear screen
Select: Command to select session
?.png: Used to select pictures with png suffix
bpu: Intercept request
Tip 6: Create AutoResponder rules in Fiddler
Fiddler's AutoResponder tab allows you to return files locally without sending the http request to the
server
See an example.
1. Enter the assistant homepage and enter Save the serverconfig.html connection to the local desktop, select the request, right-click ->copyàJust Url
2. Select the request, click on the right side to select AutoResponder, click Add Rule, and add the request. Or drag this session to the AutoResponer tab
3. Select Enable automatic reaponses and Unmatched requests passthrough
4. Change the locally saved configuration file and select Find a file under the Rule Editor below... Select the locally saved image. Finally click Save Save
5. Re-enter the assistant for the first time and check the serverconfig. The data returned is the data you modified
Tip 7: How to filter sessions in Fiddler
Every time I use Fiddler and open a website, I can see dozens of sessions in Fiddler, which is dazzling. The best way is to filter out some conversations, such as those that filter out pictures. There is a filtering function in Fiddler. In the Filters tab on the right, as shown below, only requests with zhushou.sogou.com are displayed
Tip 8: Provided in Fiddler Encoding gadget
Click TextWizard on the Fiddler toolbar. This tool can Encode and Decode string.
Open the Find Sessions dialog box, use the shortcut key Ctrl F, and enter keywords to find the required session. The queried session will be displayed in yellow
//Use regular expressions or replace methods to modify stringstrBody=strBody.replace("1111","2222");//Pop up a dialog box to check Modified bodyFiddlerObject.alert(strBody);//Rewrite the modified body back to RequestoSession.utilSetRequestBody(strBody);} }Method 2: Provide a simple method to directly replace the data in the bodyoSession.utilReplaceInRequest("1111","2222");Post request simulationIf the client data is wrong during testing, you may need to request a certain URL separately to see if the returned data is correct. Requesting through the client sometimes requires complex environmental requirements. The whole process is quite laborious. You can save some time by making a separate request to see if the data is correct. Of course, you can directly use the browser to see the returned data for the get request. Since the post data contains body data, you need to use tools, such as fiddler's composer. The function is born for this, as shown below, fill in the url at the top, select the request method, add the post data in the body below, click execute to make the request, and you can see the return of this simulated request through the inspectors Worth it.
The above is the detailed content of How to install and use Fiddler. For more information, please follow other related articles on the PHP Chinese website!