advantages and disadvantages of Wireshark and fiddler:①wireshark is a packet-grabbing tool that works on the network layer, not only with a large number of protocol analyzers, but also by writing Wireshark plugins to identify custom protocols. Although Wireshark is powerful, it is not able to solve all the problem of packet capture, the reason is: Wireshark work in the network layer; If the computer is configured with IPSec Transport layer encryption, traffic at the network layer is encrypted and nothing is seen. Today a large number of network interfaces use HTTPS encryption, Wireshark cannot crawl to the plaintext content of HTTPS traffic. ②Fiddler works on the application tier as an HTTP proxy server for other programs. It can crawl and analyze HTTP traffic directly, or it can crawl and analyze HTTPS traffic as an "intermediary." Fiddler crawl HTTPS packet process principle:->fiddler receives HTTPS requests from the client, fiddler forwards the request to the serverThe server generates the public key certificate, returns to the Fiddler;fiddler to intercept the real public key certificate, and generates a forged public key certificate to the client;the client uses a forged public key certificate to encrypt the shared key sent to Fiddler,fiddler using a forged private key to decrypt the shared key->fiddler The decrypted shared key, which is sent to the server using the true public key encryption, and the server uses the shared key to communicate with the Fiddler->fiddler communicating with the client using a shared key HTTPS does not decrypt the returned data content, not plaintext: Step One: Set the crawl https,pc machine Install root certificate : tools->fiddler options->https->capture HTTPS connects->decrypt HTTPS Traffic->ignore server Certificate errors (unsafe)->actions->trust root certificate-> ok->ok Note: If the computer is turned on fiddler and the configuration check the above decrypt HTTPS traffic to install the certificate, Firefox browser opens Baidu and other pages, will prompt the error, unable to open the page normally. To close fiddler or cancel the above configuration for normal access. after installing the root certificate, you can click actions->open Windows Certificate Manager to view the root certificate installed to the system Step Two: Mobile phone installation fiddler root certificate trust : on your phone, use your browser to open the Proxy page (enter the IP address and listening port number), and the page title is Fiddler Echo Service. At the bottom of the page is a link to the root certificate, click Install Certificate Trust, and the certificate name is customized. after the root certificate has been successfully installed, access the app with the mobile phone, and fetch the HTTPS packet to decrypt successfully .Source: Fiddler Mobile HTTPS Grab bag:http://blog.csdn.net/wangjun5159/article/details/52202059Fiddler PC HTTPS Grab pack:http://blog.csdn.net/wangjun5159/article/details/52198842Fiddler parsing SSL:http://blog.csdn.net/jinshiyill/article/details/50769786Using Fiddler to encrypt packets:http://www.codes51.com/article/detail_344156.htmlDecrypt SSL encrypted traffic with fiddler and Wireshark:http://www.cnblogs.com/AloneSword/p/4567380.html
Fiddler crawling HTTPS Packets
