Overclock.net › Forums › Software, Programming and Coding › Other Software › How To: Using Fiddler to monitor web traffic
New Posts  All Forums:Forum Nav:

How To: Using Fiddler to monitor web traffic

post #1 of 8
Thread Starter 
So I’m sure you’re probably wondering, “What is this fiddler program this man speaks of?” Here’s a synopsis.

Fiddler was written by Microsoft (I promise its cool though!) to monitor local internet traffic. It allows you to view all types of server requests and responses between your computer and the servers you’re accessing.

Now that that’s out of the way, I’ll bet some of you are like “well doubleyoo tee eff mate, what does that do for me?” Well, how beneficial it can be for you depends on what you do with your internet. Basically for any kind of web development, server management, or .NET web coding, Fiddler could probably come in handy. It also is usefull in many other, more generic applications, as you'll see as we continue. It allows you to monitor, debug, and “fiddle” (hence the name) with requests to shape your server calls how you see fit. Another fantastic aspect of fiddler is the ability to extend the functionality of it. Fiddler actually comes with its own editor, capable of handling .NET code to modify its files.

Now that we’ve got the basics out of the way, here’s where you can find fiddler:

http://www.fiddlertool.com/fiddler/

http://www.fiddler2.com/fiddler2/

Note the two versions. Fiddler1 is built on .NET 1.1, but was superseded (recently) by Fiddler 2, which runs on .NET 2.0. If you have 2.0, install fiddler2. Fiddler2 is fairly superior to the original, including the ability to monitor HTTPS traffic, but if you want to just use fiddler its still quite powerful.

The fiddler website also holds lots of good documentation, but compared to most MS products, its lacking in many areas. The instructional video is probably the most helpful way to get started with fiddler. If you’re like me and don’t like watching 10 minute movies before you get to play with anything, I’ll give you a brief “getting started” synopsis.

Fiddler can capture Firefox traffic, but I believe it defaults to only monitoring IE. So to start, we’ll open up fiddler after its installed. Pretty huh? Immediately select the “Session Inspector” tab, and then select “Headers” about halfway down the fiddler view. Now you’ll now have fiddler broken up into three main window areas. The left shows our traffic, the top right shows the request headers, and the bottom right shows our response headers.



Now Fire up IE and load your homepage. You’ll see traffic popping up in the Web Sessions area (probably a lot!). Select something interesting and you’ll see the request and response headers pop up on the right.

In the session inspector, you’ll see many headers with different parameters in the request and response. There will probably be a cookie and some other stuff. If you happen to see an XML request, you can select the “Raw” or “XML” tab on both the request and response to see your computer and the server chatting with each other. This type of thing can be very helpful when doing any sort of server development, or advanced webpage features. It will also return any errors caused by a buggy function or invalid server call. You can actually see things like logins and passwords being sent to the server for verification, and the response the server kicks back. (I know some of you will read that and a little light bulb will go off in your head, “What, I can see passwords?! COOL!”).

To see what we can do here, try signing in to your favorite email. Every one is different so I can’t specifically say what traffic will show up, but there will be a request that contains your login and password. After doing a bit of searching through, you can look at the raw request, and see something like this:




You can see my login and (blacked out) password embedded in this request.

Another snazzy function of fiddler is the ability to adjust and resend previous requests. This is simpler then you think, as this is where fiddler shines. Select the “Request builder” tab at the upper right of the window. Now, just grab a request from earlier and drag it over to the request builder view. It should light up green signifying it is a valid request. You can now adjust this request (maybe to change a URL or authentication) and resend the request. There is quite a bit of functionality allowed with this tool, if you play around with it you’ll see all it can do.


My favorite part of fiddler is probably also the most complicated. This involves the Rules that are implemented in Fiddler. Check out the Rules menu to see many different options available to you. Some of these are very helpful (like blocking image requests, when you’re debugging they can really get in the way) when capturing activity. Here’s the best part: All of these rules, and the entire rules document is available for editing.

Warning: If you don’t like to program, the next section may be Greek to you.
To do this, I suggest you pick up fiddlers own editor, called the fiddlerScript Editor. Get this little bundle of joy here.

After installing the editor, select Rules->Customize rules. This file should open in the editor, and will look completely foreign to you if you haven’t coded before



Within this file you will see all of the Rules implemented. You can add to this functionality however you choose, and a helpful Cookbook shows you some examples of how people have extended Fiddler.

I found this cookbook to be only semi-helpful, as everything I wanted to do was not described in it. There is also no documentation for all the methods and functions implemented in FiddlerScript, so getting things to work can be a bit tricky. To enter a new rule, simply write:

Code:
public static RulesOption("enter rule name here")
You will see many other examples of how rules are implemented in the file, which should get you going on how to move forward. The nice thing about the editor is that it gives you all of the objects and methods already implemented in fiddler, along the right side of the view. The problem is the descriptions are terribly lacking, so you just have to fudge you’re way through it. If you have any specific questions about editing fiddler, pleeeease ask me, I can probably help.

As an example, I wrote a rule for my company to allow us to capture all of the XML server requests to a particular server in a specified directory, sequentially. This meant I could log in to our web application, do some work, log out, and all of my activity will be recorded in a directory. This is extremely helpful for later running a script that simulates everything I did in the web application, as far as the server is concerned. I would post up the code but my boss would have my neck as its probably worth more than I am


Well that’s the basic idea behind fiddler. I haven’t been using it for terribly long so I have not explored the entire functionality of it yet. It is very useful in a wide range of applications, and is remarkably easy to use. If you have any additions or questions about Fiddler please don’t hesitate to let me know. Thanks for checking it out! Good luck and happy Fiddling
It's about time!
(13 items)
 
  
CPUMotherboardGraphicsRAM
Q6600 G0 @3.3Ghz Gigabyte EP45-UD3P Sapphire 2900Pro Flashed to XT 4Gb Gskill 1066Mhz PK's 
Hard DriveOptical DriveOSMonitor
Seagate Barracuda 320Gb & WD Black 640Gb Lite On Vista Business and VMWare Ubuntu Acer AL2223W 22" 
KeyboardPowerCaseMouse
Ergonomic 4000 Corsair HX 620W CM 690 G5 
  hide details  
Reply
It's about time!
(13 items)
 
  
CPUMotherboardGraphicsRAM
Q6600 G0 @3.3Ghz Gigabyte EP45-UD3P Sapphire 2900Pro Flashed to XT 4Gb Gskill 1066Mhz PK's 
Hard DriveOptical DriveOSMonitor
Seagate Barracuda 320Gb & WD Black 640Gb Lite On Vista Business and VMWare Ubuntu Acer AL2223W 22" 
KeyboardPowerCaseMouse
Ergonomic 4000 Corsair HX 620W CM 690 G5 
  hide details  
Reply
post #2 of 8
Nice
Mira
(17 items)
 
R a z a N e u n
(15 items)
 
 
CPUMotherboardGraphicsRAM
Intel Core i5 2400S ASRock Z77 Extreme 4 AMD Radeon R9 390 Crucial Ballistix Tracer 
Hard DriveHard DriveOptical DriveCooling
Samsung SSD 850 Pro 256GB Western Digital WD50000LPLX LG BR/DVD/CD Burner Air Nation 
OSMonitorMonitorMonitor
Windows 10 Home RCA 32" 1080p RCA 32" 1080p LG 32" 1080p 
KeyboardPowerCaseMouse
Cooler Master Devastator II Ultra 1000w PC Voodoo Rage Cooler Master Devastator II 
Mouse Pad
Custom 
CPUMotherboardGraphicsRAM
Intel Core 2 Quad Q8400 EP45-UD3L ATI Radeon HD 6950 Crucial Ballistix Tracer 
Hard DriveOptical DriveCoolingOS
1TB Western Digital LiteON DVD+-RW ArcticCooling CPU | 4x 80mm Case Fans Windows 7 Ultimate (64bit) 
MonitorKeyboardPowerCase
Sony 46" + LG 32" Logitech G15 Silverstone ST60F 600W VoodooPC Rage D:100 
MouseMouse PadAudio
Logitech VX Revolution Vera Wang AltecLansing 5.1 300W Surround 
  hide details  
Reply
Mira
(17 items)
 
R a z a N e u n
(15 items)
 
 
CPUMotherboardGraphicsRAM
Intel Core i5 2400S ASRock Z77 Extreme 4 AMD Radeon R9 390 Crucial Ballistix Tracer 
Hard DriveHard DriveOptical DriveCooling
Samsung SSD 850 Pro 256GB Western Digital WD50000LPLX LG BR/DVD/CD Burner Air Nation 
OSMonitorMonitorMonitor
Windows 10 Home RCA 32" 1080p RCA 32" 1080p LG 32" 1080p 
KeyboardPowerCaseMouse
Cooler Master Devastator II Ultra 1000w PC Voodoo Rage Cooler Master Devastator II 
Mouse Pad
Custom 
CPUMotherboardGraphicsRAM
Intel Core 2 Quad Q8400 EP45-UD3L ATI Radeon HD 6950 Crucial Ballistix Tracer 
Hard DriveOptical DriveCoolingOS
1TB Western Digital LiteON DVD+-RW ArcticCooling CPU | 4x 80mm Case Fans Windows 7 Ultimate (64bit) 
MonitorKeyboardPowerCase
Sony 46" + LG 32" Logitech G15 Silverstone ST60F 600W VoodooPC Rage D:100 
MouseMouse PadAudio
Logitech VX Revolution Vera Wang AltecLansing 5.1 300W Surround 
  hide details  
Reply
post #3 of 8
I have Fiddler for NET 1.1. I should get the second one. Its a great program
    
CPUMotherboardGraphicsRAM
E6400 @ 3.6 GHz (450X8) GA P965 S3 7600GT 2GB OCZ Gold @ DDR 2 900 5-5-5-15 
Hard DriveOptical DriveMonitorPower
320GB Maxtor SATA2, 160 for XP, 160 for Slackware DVD+-RW EIDE 21" CRT by Sun Microsystems 680W Echostar 22A on 12V rail 
CaseMouse
Rosewill Black small Mid-T G5 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
E6400 @ 3.6 GHz (450X8) GA P965 S3 7600GT 2GB OCZ Gold @ DDR 2 900 5-5-5-15 
Hard DriveOptical DriveMonitorPower
320GB Maxtor SATA2, 160 for XP, 160 for Slackware DVD+-RW EIDE 21" CRT by Sun Microsystems 680W Echostar 22A on 12V rail 
CaseMouse
Rosewill Black small Mid-T G5 
  hide details  
Reply
post #4 of 8
Thread Starter 
Quote:
Originally Posted by Modki View Post
Nice
Thanks, hope it was at all helpful. I wrote it in word and now that I look at it in the forums it looks long

Quote:
Originally Posted by Sreenath View Post
I have Fiddler for NET 1.1. I should get the second one. Its a great program
Yeah 2 has all sorts of new functionality, less buggy, and they've actually already released 2.1. It definitely is a good program
It's about time!
(13 items)
 
  
CPUMotherboardGraphicsRAM
Q6600 G0 @3.3Ghz Gigabyte EP45-UD3P Sapphire 2900Pro Flashed to XT 4Gb Gskill 1066Mhz PK's 
Hard DriveOptical DriveOSMonitor
Seagate Barracuda 320Gb & WD Black 640Gb Lite On Vista Business and VMWare Ubuntu Acer AL2223W 22" 
KeyboardPowerCaseMouse
Ergonomic 4000 Corsair HX 620W CM 690 G5 
  hide details  
Reply
It's about time!
(13 items)
 
  
CPUMotherboardGraphicsRAM
Q6600 G0 @3.3Ghz Gigabyte EP45-UD3P Sapphire 2900Pro Flashed to XT 4Gb Gskill 1066Mhz PK's 
Hard DriveOptical DriveOSMonitor
Seagate Barracuda 320Gb & WD Black 640Gb Lite On Vista Business and VMWare Ubuntu Acer AL2223W 22" 
KeyboardPowerCaseMouse
Ergonomic 4000 Corsair HX 620W CM 690 G5 
  hide details  
Reply
post #5 of 8
Can it monitor anything other than HTTP/HTTPS?
Lynnfield Build
(13 items)
 
  
CPUMotherboardGraphicsHard Drive
Intel Core i5 750 ASUS P7P55D EVO GTX280 RAID0 250GB Seagate Perp. 16MB 
Optical DriveOSMonitorKeyboard
Sony DVD+/-RW/RAM Windows 7 Ultimate x64 20.1" Sceptre 1680x1050 Logitech Slim 
PowerCaseMouseMouse Pad
Corsair TX650W Antec P180B Logitech G500 Allsop High-tracking Metal pad 
  hide details  
Reply
Lynnfield Build
(13 items)
 
  
CPUMotherboardGraphicsHard Drive
Intel Core i5 750 ASUS P7P55D EVO GTX280 RAID0 250GB Seagate Perp. 16MB 
Optical DriveOSMonitorKeyboard
Sony DVD+/-RW/RAM Windows 7 Ultimate x64 20.1" Sceptre 1680x1050 Logitech Slim 
PowerCaseMouseMouse Pad
Corsair TX650W Antec P180B Logitech G500 Allsop High-tracking Metal pad 
  hide details  
Reply
post #6 of 8
Thread Starter 
Quote:
Originally Posted by money11465 View Post
Can it monitor anything other than HTTP/HTTPS?
I believe it is currently only implemented for HTTP(S) traffic, however it is possible that it could be extended to monitor other traffic. Did you have a particular example?
It's about time!
(13 items)
 
  
CPUMotherboardGraphicsRAM
Q6600 G0 @3.3Ghz Gigabyte EP45-UD3P Sapphire 2900Pro Flashed to XT 4Gb Gskill 1066Mhz PK's 
Hard DriveOptical DriveOSMonitor
Seagate Barracuda 320Gb & WD Black 640Gb Lite On Vista Business and VMWare Ubuntu Acer AL2223W 22" 
KeyboardPowerCaseMouse
Ergonomic 4000 Corsair HX 620W CM 690 G5 
  hide details  
Reply
It's about time!
(13 items)
 
  
CPUMotherboardGraphicsRAM
Q6600 G0 @3.3Ghz Gigabyte EP45-UD3P Sapphire 2900Pro Flashed to XT 4Gb Gskill 1066Mhz PK's 
Hard DriveOptical DriveOSMonitor
Seagate Barracuda 320Gb & WD Black 640Gb Lite On Vista Business and VMWare Ubuntu Acer AL2223W 22" 
KeyboardPowerCaseMouse
Ergonomic 4000 Corsair HX 620W CM 690 G5 
  hide details  
Reply
post #7 of 8
Quote:
Originally Posted by kdbolt70 View Post
I believe it is currently only implemented for HTTP(S) traffic, however it is possible that it could be extended to monitor other traffic. Did you have a particular example?
For example, to monitor traffic on a certain port to obtain the IPs of those playing on my servers.
Lynnfield Build
(13 items)
 
  
CPUMotherboardGraphicsHard Drive
Intel Core i5 750 ASUS P7P55D EVO GTX280 RAID0 250GB Seagate Perp. 16MB 
Optical DriveOSMonitorKeyboard
Sony DVD+/-RW/RAM Windows 7 Ultimate x64 20.1" Sceptre 1680x1050 Logitech Slim 
PowerCaseMouseMouse Pad
Corsair TX650W Antec P180B Logitech G500 Allsop High-tracking Metal pad 
  hide details  
Reply
Lynnfield Build
(13 items)
 
  
CPUMotherboardGraphicsHard Drive
Intel Core i5 750 ASUS P7P55D EVO GTX280 RAID0 250GB Seagate Perp. 16MB 
Optical DriveOSMonitorKeyboard
Sony DVD+/-RW/RAM Windows 7 Ultimate x64 20.1" Sceptre 1680x1050 Logitech Slim 
PowerCaseMouseMouse Pad
Corsair TX650W Antec P180B Logitech G500 Allsop High-tracking Metal pad 
  hide details  
Reply
post #8 of 8
does this work with fire fox
    
CPUMotherboardGraphicsRAM
6700k z 170 pro gameing GTX980 16 
Hard DriveOptical DriveCoolingOS
samsung ssd  SUPER WRITE MASTER. Cooler Master Hyper 212 Evo win10 
MonitorKeyboardPowerCase
ASUS VW 199D g510 G7.. BitFenix Merc Beta Mid ATX Case 
MouseAudio
logitech m185 onbord. 
  hide details  
Reply
    
CPUMotherboardGraphicsRAM
6700k z 170 pro gameing GTX980 16 
Hard DriveOptical DriveCoolingOS
samsung ssd  SUPER WRITE MASTER. Cooler Master Hyper 212 Evo win10 
MonitorKeyboardPowerCase
ASUS VW 199D g510 G7.. BitFenix Merc Beta Mid ATX Case 
MouseAudio
logitech m185 onbord. 
  hide details  
Reply
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Other Software
Overclock.net › Forums › Software, Programming and Coding › Other Software › How To: Using Fiddler to monitor web traffic