so I got a bit of a weird question. Fiddler captures traffic perfectly with apps like chrome or discord, but when I open a game such as roblox or geometry dash, fiddler does not capture any traffic from these apps. Any way around this or another app that can sniff traffic from apps properly?
Fiddler is a proxy server which, when started, should work without additional configuration with apps that respect the Windows networking configuration.
Some applications are not respecting them though, so if you need to debug their traffic, you should explicitly configure them (if possible at all) to use the Fiddler proxy, which is by default on 127.0.0.1:8888.
Related
I am a front end web developer.
I would like a web server on my local wifi network for testing my websites on my phone. I am aware that there are several options out there but witch one would be best for quick testing of multiple websites (also a GUI would be preferable)
Thanks
What you want to do is pretty complex. You have to create and configure a DNS server then you have to configure your phone to get this DNS, etc.
If your phone is an android the best solution is to use your USB Cable and put your phone in dev mode, then you can debug your site with chrome directly on your phone.
how to: https://developers.google.com/web/tools/chrome-devtools/remote-debugging/
For iPhone i don't know if is possible. But the common solution is to use the simulator.
I've got quite a bit of experience using Charles to sniff out traffic being sent out on my iPhones. Almost every app that I choose to reverse engineer has been possible in large part to cURL and Charles. But, for some reason, this one app called Link seems to have a different way of communication with their server. I looked through my entire Chalres session and didn't see any relevant traffic from this app to an API endpoint. I don't have much experience actually making mobile apps, so perhaps there are other ways to process all of the requests that have to be generated upon using the app. But, how could all of the user's data be stored if no requests are being sent from the app to an external server somewhere?
Charles is an HTTP proxy, it is possible another protocol is being used. Possibly directly using TCP/IP connections.
Wireshark will show all packets in gory detail but you will probably not be able to see encrypted data decrypted without the key.
And the Wireshark UI is something to behold. ;-)
If the app runs on SSL you wouldn't be able to sniff any traffic either way. I design my apps that way at least. Could this be the case? Does it use port 443 instead of port 80?
Okay. Have a look at this post:
http://www.doubleencore.com/2013/03/ssl-pinning-for-increased-app-security/
SSL pinning might be the answer.
How does something like itether work? Is there an HTML5 api that gives you this level of access to the device? I would assume giving a web based app this much access is a huge security risk.
Tethering's HTML5 app works by by using the iPhone as a proxy server,
so one sets up an ad-hoc Wi-Fi network and runs special desktop software
to direct HTTP traffic to the iPhone.
The HTML5 page loaded onto the iPhone pushes the traffic on and
returns the result, creating tethering without having to get approval
from Apple, or the network operator. ( Original Source )
I think they are using HTML WebSockets detects the presence of a proxy server and automatically sets up a tunnel to pass through the proxy.
I'm behind a corporate firewall and all network traffic goes thru the main proxy. In my iOS simulator, I get proxy popups a few times each time I run my app. The thing is, my app doesn't make any network calls (yet), and doesn't import any network frameworks. In fact, I can reproduce this by making a new project in XCode using one of the standard templates and run it straight away; it'll still prompt for the proxy credentials every time.
In my OSX network settings, I've obviously set my proxy credentials in all the different protocols (HTTP, HTTPS, FTP, Socks, RTSP, Gopher). I found that I needed to put the domain and backslash before my username to allow web access in any OSX browsers etc...so given that I did that and then the OSX proxy prompts went away and I was allowed access, I would have thought that the iOS simulator would just inherit those settings...?
Any ideas?
One more bit which may be unrelated: we haven't yet figured out how to get access to the App Store on this Mac; despite supposedly getting past the proxy, any use of the App Store just results in timeouts and we can't even see the "home page". I'm wondering if somehow the iOS simulator is making similar network calls using some other protocol that is like the App Store...? (I would have thought App Store would have been HTTPS but I don't know).
Any thoughts appreciated.
If you put *.apple.com in your proxy passthrough list, the simulator will stop whining about it.
Like you, I can't get the Apple Store to work through our corporate proxy either. I've worked around it by using a wireless network that doesn't use a proxy when I have to use the App Store.
I've found plenty of other things in the OS that don't work through our proxy.
I had the same issue and found another way without touching the proxy settings!
I'm working on a Mac with OSX-El Capitan so maybe in other versions these steps might be slightly different:
Go to System Preferences
Go to Network
Choose your connection (Wireless/Ethernet/Thunderbolt-Ethernet)
Click on Advanced Options
Go to the tab Proxies
The two boxes Automatically detect proxy (for the internet connection on your mac) and Web-Proxy (HTTP)
Insert your login credentials at Web-Proxy (HTTP).
This reduced the occurence of the Proxy-PopUp greatly on all the 3 macs I work with. (At least it doesn't appear periodically anymore when I start my app from xcode)
I'm having trouble with an old pre-mobile website which uses PHP, MySQL, cookies and HTML forms to log users in, and then track their session (it's a calendar app and messageboard). When my iPhone is attached to my wifi network at home, all is well, but when I switch to 3G the cookies no longer function and the session is dropped.
I read another thread:
Web site exhibits JavaScript error on iPad / iPhone under 3G but not under WiFi
in which the poster was experiencing a javascript issue on 3G but not on WiFi, and the suggestion was that the cellular carrier (O2 in his case, Orange UK in my case) itself was messing with the HTTP data going across 3G, but not WiFi. The fix was to use more javascript to prevent inlining of includes.
Does anyone think that my cookie and session problems are possibly caused by a similar issue, and if not can anyone think of an alternative explanation and ideally a fix?
Aha - I found out what the problem was. The cookie control on the site in question was actually being run by an installation of phpBB, which uses IP binding as a security measure. This checks off the IP addresses of successive requests within a session and drops it if they don't match. Must be the case that over wifi I have an unchanging IP, while Orange UK must bounce around several IP addresses when I run over 3G. Solved the problem by turning down the IP binding in phpBB (you can ask it to compare the whole address or just the first 2 or 3 bytes instead).
I'm guessing your 3G provider is proxying your HTTP somehow. It's common for some (in my opinion, crappier) ISPs to do this. That would be an explanation of why it is behaving differently to the same browser on another connection.
Lots of people will access your site over a proxy such as Squid. You need to fix this so it works or you might inadvertently block access to some people.
My guess is that your code may just be setting cookies in a particular way which is forgiven by browsers but not supported by that particular proxy. I'd start troubleshooting by specifying the domain, expiry in different ways (with dot at start of domain and without, with quotes around domain/path and without) and turning on or off Cookie2 features or HTTP-only features.
Is there an HTTP header viewer for the iPhone browser? If not try tethering it and use something like LiveHTTPheaders in Firefox (keep in mind that if your network can detect tethering it could in theory turn on/off its proxy based on whether you tether).
You'd probably have to post your code or an HTTP transcript (just the headers) for people to diagnose further.