How To: Using Fiddler to monitor web traffic - Overclock.net

kdbolt70 · 07-13-07

So I’m sure you’re probably wondering, “What is this fiddler program this man speaks of?” Here’s a synopsis.

Fiddler was written by Microsoft (I promise its cool though!) to monitor local internet traffic. It allows you to view all types of server requests and responses between your computer and the servers you’re accessing.

Now that that’s out of the way, I’ll bet some of you are like “well doubleyoo tee eff mate, what does that do for me?” Well, how beneficial it can be for you depends on what you do with your internet. Basically for any kind of web development, server management, or .NET web coding, Fiddler could probably come in handy. It also is usefull in many other, more generic applications, as you'll see as we continue. It allows you to monitor, debug, and “fiddle” (hence the name) with requests to shape your server calls how you see fit. Another fantastic aspect of fiddler is the ability to extend the functionality of it. Fiddler actually comes with its own editor, capable of handling .NET code to modify its files.

Now that we’ve got the basics out of the way, here’s where you can find fiddler:

http://www.fiddlertool.com/fiddler/

http://www.fiddler2.com/fiddler2/

Note the two versions. Fiddler1 is built on .NET 1.1, but was superseded (recently) by Fiddler 2, which runs on .NET 2.0. If you have 2.0, install fiddler2. Fiddler2 is fairly superior to the original, including the ability to monitor HTTPS traffic, but if you want to just use fiddler its still quite powerful.

The fiddler website also holds lots of good documentation, but compared to most MS products, its lacking in many areas. The instructional video is probably the most helpful way to get started with fiddler. If you’re like me and don’t like watching 10 minute movies before you get to play with anything, I’ll give you a brief “getting started” synopsis.

Fiddler can capture Firefox traffic, but I believe it defaults to only monitoring IE. So to start, we’ll open up fiddler after its installed. Pretty huh? Immediately select the “Session Inspector” tab, and then select “Headers” about halfway down the fiddler view. Now you’ll now have fiddler broken up into three main window areas. The left shows our traffic, the top right shows the request headers, and the bottom right shows our response headers.

Now Fire up IE and load your homepage. You’ll see traffic popping up in the Web Sessions area (probably a lot!). Select something interesting and you’ll see the request and response headers pop up on the right.

In the session inspector, you’ll see many headers with different parameters in the request and response. There will probably be a cookie and some other stuff. If you happen to see an XML request, you can select the “Raw” or “XML” tab on both the request and response to see your computer and the server chatting with each other. This type of thing can be very helpful when doing any sort of server development, or advanced webpage features. It will also return any errors caused by a buggy function or invalid server call. You can actually see things like logins and passwords being sent to the server for verification, and the response the server kicks back. (I know some of you will read that and a little light bulb will go off in your head, “What, I can see passwords?! COOL!”).

To see what we can do here, try signing in to your favorite email. Every one is different so I can’t specifically say what traffic will show up, but there will be a request that contains your login and password. After doing a bit of searching through, you can look at the raw request, and see something like this:

You can see my login and (blacked out) password embedded in this request.

Another snazzy function of fiddler is the ability to adjust and resend previous requests. This is simpler then you think, as this is where fiddler shines. Select the “Request builder” tab at the upper right of the window. Now, just grab a request from earlier and drag it over to the request builder view. It should light up green signifying it is a valid request. You can now adjust this request (maybe to change a URL or authentication) and resend the request. There is quite a bit of functionality allowed with this tool, if you play around with it you’ll see all it can do.

My favorite part of fiddler is probably also the most complicated. This involves the Rules that are implemented in Fiddler. Check out the Rules menu to see many different options available to you. Some of these are very helpful (like blocking image requests, when you’re debugging they can really get in the way) when capturing activity. Here’s the best part: All of these rules, and the entire rules document is available for editing.

Warning: If you don’t like to program, the next section may be Greek to you.
To do this, I suggest you pick up fiddlers own editor, called the fiddlerScript Editor. Get this little bundle of joy here.

After installing the editor, select Rules->Customize rules. This file should open in the editor, and will look completely foreign to you if you haven’t coded before

Within this file you will see all of the Rules implemented. You can add to this functionality however you choose, and a helpful Cookbook shows you some examples of how people have extended Fiddler.

I found this cookbook to be only semi-helpful, as everything I wanted to do was not described in it. There is also no documentation for all the methods and functions implemented in FiddlerScript, so getting things to work can be a bit tricky. To enter a new rule, simply write:

Code:

	public static RulesOption("enter rule name here")

You will see many other examples of how rules are implemented in the file, which should get you going on how to move forward. The nice thing about the editor is that it gives you all of the objects and methods already implemented in fiddler, along the right side of the view. The problem is the descriptions are terribly lacking, so you just have to fudge you’re way through it. If you have any specific questions about editing fiddler, pleeeease ask me, I can probably help.

As an example, I wrote a rule for my company to allow us to capture all of the XML server requests to a particular server in a specified directory, sequentially. This meant I could log in to our web application, do some work, log out, and all of my activity will be recorded in a directory. This is extremely helpful for later running a script that simulates everything I did in the web application, as far as the server is concerned. I would post up the code but my boss would have my neck as its probably worth more than I am

Well that’s the basic idea behind fiddler. I haven’t been using it for terribly long so I have not explored the entire functionality of it yet. It is very useful in a wide range of applications, and is remarkably easy to use. If you have any additions or questions about Fiddler please don’t hesitate to let me know. Thanks for checking it out! Good luck and happy Fiddling

Modki · 07-13-07

Nice

Sreenath · 07-13-07

I have Fiddler for NET 1.1. I should get the second one. Its a great program

kdbolt70 · 07-13-07

Quote:

Originally Posted by Modki

Nice

Thanks, hope it was at all helpful. I wrote it in word and now that I look at it in the forums it looks long

Quote:

Originally Posted by Sreenath

I have Fiddler for NET 1.1. I should get the second one. Its a great program

Yeah 2 has all sorts of new functionality, less buggy, and they've actually already released 2.1. It definitely is a good program

money11465 · 07-13-07

Can it monitor anything other than HTTP/HTTPS?

kdbolt70 · 07-13-07

Quote:

Originally Posted by money11465

Can it monitor anything other than HTTP/HTTPS?

I believe it is currently only implemented for HTTP(S) traffic, however it is possible that it could be extended to monitor other traffic. Did you have a particular example?

money11465 · 07-14-07

Quote:

Originally Posted by kdbolt70

I believe it is currently only implemented for HTTP(S) traffic, however it is possible that it could be extended to monitor other traffic. Did you have a particular example?

For example, to monitor traffic on a certain port to obtain the IPs of those playing on my servers.

nigel · 07-14-07

does this work with fire fox

		Overclock.net - Overclocking.net > Software, Programming and Coding > Other Software
How To: Using Fiddler to monitor web traffic

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)