Fiddler and Wireshark Tools introduction and Comparison

Transferred from: http://www.blogbus.com/wanping-logs/238827556.html

Fiddler and Wireshark Tools Introduction and comparison-[test technical knowledge]

Copyright notice: When reproduced, please indicate the original source and author information of the article and this statement in the form of a hyperlink http://www.blogbus.com/wanping-logs/238827556.html

In the test, it is often necessary to verify that the message sent is correct, or in the event of a problem, to see the mobile client sent to the server side of the package content is correct, you need to use the capture tool, and our mobile phone client and server-side communication is more commonly used in HTTP mode, so for its communication characteristics, Commonly used grasping contractor has fiddler, Wireshark these two, the following respectively describes the next two of the use of the clutch tool. Fiddler

Official website: http://fiddler2.com/

When the fiddler is started, the program will take itself as a proxy, so the HTTP request will go through fiddler before reaching the target server, and all HTTP responses will flow through fiddler before returning to the client. The legend is as follows:

To test the phone application, first understand the interaction of his message

A The mobile client sends a request to the server

B The server side returns results to the mobile client. This is an interactive

C The mobile client sends a confirmation message to the server side, when the server receives a confirmation message from the client and does not need to do any more processing. How to use fiddler 1. Download and install the Fiddler and install

Download Address: Http://fiddler2.com/get-fiddler 2. Configure Fiddler

Tools->fiddler Options

Select Connections

Capturing an HTTPS session using fiddler

By default, fiddler does not capture HTTPS sessions, so it needs to be set by itself. Start the software, click Tools->fiddler Options, in the pop-up box select "https", the following page, will capture HTTPS connection this one front full hook, click OK to operate successfully.

Capture HTTPS connects: capturing HTTPS connections

Decrypt HTTPS traffic: decrypting HTTPS communication

Ignore servercertificate Errors: Ignore server certificate error 3. Phone Settings Agent

Set up the phone agent, IP for the computer's IP, port: 8888

Setting method: Slightly 4. Collect Messages

Mobile phone operation is measured App,fiddler will receive the message sent by the app, we can analyze the message sent by the app and return the results, to find some problems.

When collecting the message, to know the Fiddler function, the following Fiddler tool each function module.

1) basic interface of Fiddler

The basic interface of Fiddler is introduced first.

There are a lot of messages to see request or response under Inspectors tab. Where raw tab can view the complete message, Headers tab only looks at the header in the message. Figure below

2) filter's HTTP statistics

All of the captured HTTP traffic is shown in the Fiddler session list, displayed as a list, click on one or more of the sessions you want to view, then click on the "Statistics" menu on the right, and you can easily see the number of requests, the number of bytes sent, and so on. If you choose the first request and the last request, you can also get the overall time consumed by the page load, and you can identify the most time-consuming requests from the chart to optimize the page access speed

3) Set breakpoints in Fiddler to modify request (this feature is not currently used)

The most powerful feature of Fiddler is to set breakpoints, and after you set breakpoints, you can fix any messages HttpRequest include Host,cookie or the data in the form. There are two ways to set breakpoints.

The first type: Open fiddler click Rules->automatic Breakpoint->before requests (this method interrupts all sessions)

Elimination Method: Click Rules->automatic breakpoint->disabled

The second type: Enter the command at the command line: Bpu www.taobao.com (This method only interrupts www.baidu.com)

Workaround: Enter BPU 5 on the command line , set breakpoint modification response (Use this function to test the small handle)

Of course fiddler can also modify the response

The first type: Open fiddler click Rules->automatic Breakpoint->after respinse (This method interrupts all sessions)

Elimination Method: Click Rules->automatic Breakpoint->disabled

The second type: Enter the command at the command line: Bpafter www.taobao.com (This method interrupts www.taobao.com)

Elimination Method: command line Input command Bpafter

To modify the response method:

Select Rules-> Automatic breakpoint->after respinse, click on mobile phone, send query.

Select query in the left area, click on the right side of raw, modify the return results in raw, run "Run to completion"

This method is a relatively simple way to modify the response

Advantages:

1) Easy to operate, select to modify response results

2) What you see is what you get, and you can see the effect immediately after modification

Disadvantages:

1) applies to one request only, the next request needs to be reset

2) Manual modification takes time, if the program waits for timeout, the response result of this setting is invalid

There is also a way to automatically return response results, that is, select query, click Autoresponder in the right button, and set the query rules, the rule can be a file or regular expression, as long as the rule is met, The response result is automatically returned, response can be a file, or it can be a regular expression. Specifically, we can study it by ourselves.

6. Set Filter

You can set filter criteria, filter selected domain names, and use semicolons to separate multiple domain names.

Resources:

http://i.wanz.im/2013/04/30/debugging_http_request_with_fiddler/

Http://help.locoy.com/Document/Url/Fiddler.htm

Wireshark

Wireshark is another tool for grasping packages that are more powerful than fiddler and have more messages. You may ask: Why do you use Wireshark when you have a fiddler? Here, in the test, found with fiddler grab bag, some packages are not caught, such as in the verification of anti-cheating information, anti-cheating Pingback message with fiddler did not catch, with Wireshark caught. There is another situation, that is, in verifying the CNA, if the first to use fiddler grab bag, if there is no plant under the CNA, the future will never be CNA, the situation is very strange. The solution is to uninstall the package and reinstall it, and for the first time grab the bag with Wireshark. How to use Wireshark

Wireshark configuration than fiddler trouble some, if not worthy of agent, need to install a connectify to establish hot spots, and then install Wireshark to grab the package, if the agent is configured, directly install Wireshark can.

1. Download and install Wireshark

Download Address: http://www.pc6.com/softview/SoftView_63986.html

Install Wireshark, fool-mounted.

2. Use Wireshark to grab the bag

Open Wireshark, interface selection of the interface to grab the packet, as shown below (according to my computer operation to show, it may be everyone on the computer interface list is not the same):

Click on the interface, enter the capture interface, as shown below:

Wireshark grasping the packet information is very large, need to do some filtering operations, in order to get the useful information, red part of the input filter rules, you can filter out some of the information we need.

Wireshark filter rules, using regular expressions to write. For specific reference: Http://wenku.baidu.com/link?url=lpU_NJguXVsiZ1YMTz13b_ Ngl2xne--cfh8xchvc5qjistfv4vhx65id4tvx5wuahlx7hrwmfegtkylnuadtaof3rkvf_jfxoedxjltgq7i

For example, if you want to filter the domain name as "mclick.simba.taobao.com", you can set the filter expression as below

Filter Host:http &&http.host== "mclick.simba.taobao.com" How to use Connectify

If you need to not use a proxy, you need to establish a hotspot to use Wireshark to grab the packet.

Connectify is needed to build hotspots.

1. Download and install Connectify

Download Address:

Http://softdownload.hao123.com/hao123-soft-online-bcs/soft/C/2013-08-27_ConnectifyInstaller.exe

Fool-Type Installation

2. Configure Connectify

Follow the prompts: Set the network name, network password, etc.

Configure Wireshark, select NIC

3. Mobile phone Configuration

Phone connected to the configured connectify configured network, enter the password, you can use the computer as a hotspot, the phone connected to the specified connectify