current position:Home>Fiddler grabs app interface - Android / IOS configuration method

Fiddler grabs app interface - Android / IOS configuration method

2022-01-27 03:06:28 Preference is also an exception

Andriod Configuration method :
1) Make sure the phone and Fiddler The host is in the same LAN
2) obtain Fiddler Of the host ip Address , adopt cmd The command enters the command editor , Input ipconfig -all, find IPv4 Address , Write down the address
 Insert picture description here 3) Set up the wireless network connected by the mobile phone , Click on WLAN, Long press and Fiddler The host is in the same LAN wifi, Long press and click 【 Modify the network 】, Choose 【 Show advanced options 】, The agent is set to manual , Enter the host name and port of the proxy server and save . The host name of the proxy server is 2) Medium IPv4 Address , Port is Fiddler Port configured on ( The default is 8888), You can go to Fiddler In the menu bar 【Tool】-【Fiddler Option】 Of 【Connections】 View in .
 Insert picture description here
 Insert picture description here
4) Enter... On your mobile browser :http://IPv4 Address : port ( for example :, Click on 【FiddlerRoot certificate】 Download and install Fiddler certificate .
 Insert picture description here
5) If the address cannot be opened in the browser , Two tests are needed : One 、 Make sure that in the browser 、wifi The agent configured in is associated with Fiddler Host address and Fiddler Port configured in , The three are consistent ; Two 、 Make sure that the Fiddler-【Tools】-【Fiddler Option]-[Connection] in 【Allow remote computers to connect】 It has been checked , If not checked , You need to check, save and restart Fiddler.
 Insert picture description here
6) Now we open the browser or APP, Can be in Fiddler I saw the packet on my phone on the Internet .
 Insert picture description here
IOS Configuration method :
1) Basic and andriod The configuration method is the same , In addition to installing the certificate in the same way as andriod It's a little different , in addition ios After downloading the certificate , Need to trust certificate manually . Setup method : open 【 Set up 】-【 Universal 】-【 About the machine 】-【 Certificate trust certificate 】, Find the corresponding certificate , Enable .
 Insert picture description here
HTTPS Grab the bag
It's all about HTTP Protocol for packet capture settings , that HTTPS What configuration is needed ?

1) open Fiddler-【Tools】-【Fiddler Option】, Switch to HTTPS tab , Check 【Capture HTTPS CONNECTs】 and 【Decrypt HTTPS traffic】, And then click 【Actions】-【Trust Root Certificate】, Then follow the prompts all the way yes, Until the pop-up box indicates “Trust Cert success” Click OK , restart Fiddler You can grab HTTPS The data package of the protocol .
 Insert picture description here
 Insert picture description here
 Insert picture description here
 Insert picture description here
Fiddler Filter conversation

We are using Fiddler When you grab a bag , Found that as long as it is used Fiddler All of the proxy servers HTTP/HTTPS All packets will be in Fiddler It's shown in the data list , But sometimes we just focus on requests from one or more servers , Don't want to see packets from other servers , How to set it up ? We all know Fiddler It's a powerful bag grabbing tool , We can filter through the settings and only filter out the packets we want .

1) In the menu on the right , find Fittlers Options , share 9 There are two parts to set up
 Insert picture description here
2)Use Filters: If checked, filtering is used , If not checked, it means no filtering

3)Actions: There are four options ,Run Filterset now: Run filter settings now ;Load Filterset: Load saved filter settings ;Save Filterset: Save filter settings ;help: help

4)Hosts: There are two options for this setting

  • The first drop-down box shows only intranet or extranet options
     Insert picture description here
  • The second drop-down box shows or hides or marks the specified request according to the host name information
     Insert picture description here
    5)Client Process: There are three options ,Show only traffic from: Filtering based on process information , After selection , Only requests made by the process will be displayed ;Show only Internet Explorer traffic: Only care about IE Requests from browsers ;Hide traffic from Service Host: Hiding comes from service host( by svchost.exe The process sends out ) Request

6)Request Headers: There are five options ,Show only if URL contains: Regular expressions can be used to filter the content contained or not contained in the request address , for example REGEX:.(js|css|js?.|css?.)$( Hide all js and css request );Hide if URL contains: And Show only if URL contains contrary , One is to show , One is hiding ;Flags requests with headers: Support to specify a http Request header name , If in web session The request header exists in the list , It will be bold session;Delete requests headers: And Flags requests with headers similar , Here is if the request header is included , Delete the request header ;Set request header: take HTTP The request header is updated to the value entered .

7)Breakpoints: Breakpoint settings , There are four options .Break request on POST: Yes POST Request to set a breakpoint ;Break request on GET with query string: Will be for all methods for GET And URL Contains the request setting breakpoint for the given query condition ;Break on XMLHttpRequest: For all that can be determined by XMLHTTPRequest Object to set breakpoints for requests sent by ;Break response on Content-Type: For all response headers Content-Type Contains the response of the specified text, setting the response breakpoint .

8)Response Status Code: Set the breakpoint according to the response status code .

9)Response Type and Size: There are several types , One is to show or hide according to the type of response data ; One is to show or hide according to the size of the response data ; One is to set the background color according to the response time ; One is restricted according to the file type .

  • type There are several types :
     Insert picture description here
  • Time HeatMap The check box is set for each... Based on the time it takes the server to return a given response session Set the background color .

10)Response Headers: And Request Headers The difference is , This area is used to filter the header of the response data .
So many settings , More commonly used is 1.2.3 part . By filtering settings , It can quickly help us find the data package we need to analyze , To improve efficiency , To avoid too much packet information interference, we find the right packet .

copyright notice
author[Preference is also an exception],Please bring the original link to reprint, thank you.

Random recommended