stackoom
  简体   繁体   中英

How to start fiddler as a https proxy from command line?

 原文  2017-06-17 00:45:15       ssl/ https/ fiddler

Question

I need to start fiddler automatically to parse https requests.

How to force fiddler to generate and use a ssl certificate without GUI? Does anyone know where fiddler stores its certificate? Can I generate my own server certificate and set it to fiddler without GUI?

I can start fiddler in quit mode. I can enable https via registry keys, but fiddler starts without ssl certificate. I can create certificate useing makecert.exe, but I don't know how to set it as active certificate for fiddler without UI.

I'd be very apprciate if anybody helps me to solve it.

1 answers

solution1
 3 ACCPTED  2017-07-03 15:20:04

Nobody helps me, but I've found solution.

The Solution:

To Enable capturing the https trafic update register's values: 

reg.exe add "HKEY_LOCAL_MACHINE\Software\Microsoft\Fiddler2" /v CaptureCONNECT /t REG_SZ /d True /f
reg.exe add "HKEY_LOCAL_MACHINE\Software\Microsoft\Fiddler2" /v CaptureHTTPS /t REG_SZ /d True /f
reg.exe add "HKEY_LOCAL_MACHINE\Software\Microsoft\Fiddler2" /v IgnoreServerCertErrors /t REG_SZ /d True /f

reg.exe add "HKEY_CURRENT_USER\Software\Microsoft\Fiddler2" /v CaptureCONNECT /t REG_SZ /d True /f
reg.exe add "HKEY_CURRENT_USER\Software\Microsoft\Fiddler2" /v CaptureHTTPS /t REG_SZ /d True /f
reg.exe add "HKEY_CURRENT_USER\Software\Microsoft\Fiddler2" /v IgnoreServerCertErrors /t REG_SZ /d True /f

You need to use custom fiddler's script. It force fiddler to generate ssl certificate (Please see section main in the script CustomRules.js below). If you don't add it fiddler will start without ssl certificate. 

copy /Y /V "<path to file>\CustomRules.js" "%userprofile%\Documents\Fiddler2\Scripts\CustomRules.js"

Note: don't change the destination file name.

When fiddler starts in automaticaly attaches to the socket 127.0.0.1:8888 

start "" "%programfiles(x86)%\fiddler2\fiddler.exe" -quiet

The fiddler automatically creates a new ssl certificate. It can be downloaded: 

curl.exe -s -k -o <dst file path> "http://127.0.0.1:8888/FiddlerRoot.cer"

Then you need to add it to Trusted Root Certificates 

certutil -addstore -f "Root" <path to certificate>

Now the fiddelr is started and can capture https trafic useing CustomRules.js.

Fiddler.bat: 

@ECHO OFF

set currentDir=%~dp0
cd "%currentDir%"

set log="%currentDir%\fiddler.log"
set fiddler_custom_script_dir="%userprofile%\Documents\Fiddler2\Scripts\"
set fiddler_result_dir="C:\fiddler\"

echo "Start Fiddler Script" > "%log%"
echo "Current Dir: %currentDir%" >> "%log%"
echo "Update values in the register" >> "%log%"
reg.exe add "HKEY_LOCAL_MACHINE\Software\Microsoft\Fiddler2" /v CaptureCONNECT /t REG_SZ /d True /f >> "%log%"
reg.exe add "HKEY_LOCAL_MACHINE\Software\Microsoft\Fiddler2" /v CaptureHTTPS /t REG_SZ /d True /f >> "%log%"
reg.exe add "HKEY_LOCAL_MACHINE\Software\Microsoft\Fiddler2" /v IgnoreServerCertErrors /t REG_SZ /d True /f >> "%log%"

reg.exe add "HKEY_CURRENT_USER\Software\Microsoft\Fiddler2" /v CaptureCONNECT /t REG_SZ /d True /f >> "%log%"
reg.exe add "HKEY_CURRENT_USER\Software\Microsoft\Fiddler2" /v CaptureHTTPS /t REG_SZ /d True /f >> "%log%"
reg.exe add "HKEY_CURRENT_USER\Software\Microsoft\Fiddler2" /v IgnoreServerCertErrors /t REG_SZ /d True /f >> "%log%"

echo "Create folder for results: %fiddler_result_dir%" >> "%log%"
mkdir "%fiddler_result_dir%" >> "%log%"

echo "Create folder for the custom fiddler's script: %fiddler_custom_script_dir%" >> "%log%"
mkdir "%fiddler_custom_script_dir%" >> "%log%"

echo "Copy fiddler script to  %fiddler_custom_script_dir%" >> "%log%"
copy /Y /V "%currentDir%\CustomRules.js" "%fiddler_custom_script_dir%\CustomRules.js" >> "%log%"

echo "Start fiddler" >> "%log%"
start "" "%programfiles(x86)%\fiddler2\fiddler.exe" -quiet

set cert_path="%currentDir%\FiddlerRoot.cer"
set /a attempt=0

timeout 10 > nul

:get_cert
    set /a attempt+=1
    timeout 1 > nul
    echo "Attempt #%attempt% to download fiddeler's certificate" >> "%log%"
    curl.exe -s -k -o "%cert_path%" "http://127.0.0.1:8888/FiddlerRoot.cer" >> "%log%"
if not exist "%cert_path%" if %attempt% LSS 300 goto get_cert

if not exist "%cert_path%" (
    echo "FAIL. Certificate "%cert_path%" doesn't exist. Cannot set trusted certificate"  >> "%log%"
    exit /b -100
)

set /a attempt=0
echo "Try to add certificate to trusted" >> "%log%"
echo certutil -addstore -f "Root" %cert_path% >> "%log%"
:import_cert
    set /a attempt+=1
    timeout 1 > nul
    echo "Attempt #%attempt% to download fiddeler's certificate" >> "%log%"
    certutil -addstore -f "Root" %cert_path% >> "%log%"
if "%errorlevel%" LSS 0 if %attempt% LSS 3 goto import_cert

echo "End..." >> "%log%"
exit /b 0

CustomRules.js 

import System;
import System.Windows.Forms;
import Fiddler;

/**
 This script must be in the folder C:\Users\<USER>\Documents\Fiddler2\Scripts\CustomRules.js
 */
class Handlers
{
    // The Main() function runs everytime your FiddlerScript compiles
    static function Main() {
        var today: Date = new Date();
        FiddlerObject.StatusText = " CustomRules.js was loaded at: " + today;
        CertMaker.createRootCert();
        //CertMaker.GetRootCertificate().GetPublicKeyString()
    }
}

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Running Fiddler as a Reverse Proxy for HTTPS server Running Fiddler as HTTP to HTTPS reverse proxy Fiddler how to remove HTTPS extensions? How does Fiddler work with HTTPS How to send a HTTPS 0.9 request from the command line? https connection using CURL from command line Fiddler - Capture HTTPS Traffic from Web Application How to capture HTTPS(TLS 1.0) communications from Android App with Fiddler4? Configuring Fiddler to monitor HTTPS requests from Android Emulator Connect to Visual Studio server from remote machine using Fiddler and HTTPS
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM