Fiddler - tunnelled http requests to port 443

74
votes

I've got Fiddler to decrypt https traffic. which works just fine.

http://fiddler2.com/documentation/Configure-Fiddler/Tasks/DecryptHTTPS

But there are some requests that are shown as "Tunnel to" port 443. Also the protocol of these requests are shown as HTTP instead of HTTPS. I do not see the decrypted content of these requests.

enter image description here

on the response details pane, it's shown as below:

enter image description here

Can someone let me know how I can get fiddler to decrypt these tunnelled requests too. Also appreciate if you could provide me some details about what's going on in this case.

Cheers.

4
fiddler

4 Answers

34
votes

You should start by reading this thread, which explains what a HTTP CONNECT Tunnel is: https://groups.google.com/forum/#!topic/httpfiddler/RCkzE3HhhxY

Since you have enabled decryption, if you're not seeing any HTTPS traffic in Fiddler, you either have a Filter enabled (click Help > Troubleshoot Filters) or you have not configured Windows to trust the Fiddler root certificate and hence your clients are aborting the connection as soon as they see the (untrusted) Fiddler certificate.

8
votes

As of IOS 10, there is one additional step. You need to trust the certificate. Settings -> General -> About -> Certificate Trust Settings

https://textslashplain.com/2016/07/27/using-fiddler-with-ios-10-and-android-7

1
votes

Some versions of Fiddler handler this better than others. At my workplace, we needed to route external devices through Fiddler. Following exactly the same setup and Fiddler options, we have four PCs and two devices. Two of PC Fiddler instances get stuck unable to successfully tunnel every time, for either device. Two of the PC Fiddler instances work flawlessly, for either device. The common denominator between PCs was Fiddler version: Fiddler 4.4.9.2: Tunneling works, on both PCs, for both external devices Fiddler 4.4.9.7: Tunneling fails, on both PCs, for both external devices

Also note that there is further setup for Win8 applications to avoid getting stuck tunneling. You may need to follow the "Win8 Config" button, ensure your app is checked as a loopback exemption, restart Fiddler... Unfortunately, and this is something I've only seen once so far, you may still get stuck on tunneling until you turn OFF HTTPS decryption settings and turn them back on. Even after you've trusted the certificate and then restarted Fiddler. I can't explain that one, but I got back to exactly the same settings I started with and it just started working.

Finally, if you are developing your own Win8 applications with an appxmanifest, it couldn't hurt to turn on capabilities like privateNetworkClientServer to help enable certain Fiddler test scenarios.

0
votes

I suppose it is pretty late to answer this question as well my answer might not directly resolve the question but I assume it will resolve the main motive.

So if it is web app you are monitoring, basically Google Chrome lets you look into Websockets in Network->Websockets as shown below. enter image description here