Tag Archives: tunnel to ……443

[tran] tunnel to… 443 appears when Fiddler grabs packets

After chopping hands, the fraud call came before the express delivery was received. How to improve the privacy and security of e-commerce>>>

Transfer:

1. When crawling the packet of HTTPS, the fiddler session column will display the message “tunnel to… 443”. What is the reason
connect refers to the handshake of HTTPS (that is, authentication information, as long as it is HTTPS), as long as it is not full of tunnel to… 443, there is no problem. We can choose to hide this kind of information
Hide method: select Hide connections from menu bar => rules =. You can hide it

2. To decrypt the HTTPS traffic, you need to install a certificate on the mobile device
Android、IOS:

1. Open Fiddler on PC

2. Set the agent on the mobile terminal, and enter http:// [fiddlerserver]: [port]/fiddleroot.cer( http://192.168.1.121 :8888/FiddlerRoot.cer)

3. Automatically download fiddlerroot.cer certificate

4. Enter settings – advanced settings – security – install certificate from SD card – select fiddleroot.cer – install to prompt successful installation

5. OK

3. PC terminal

1. Delete the previous certificate: open the system certificate manager (run => certmgr. MSc => Enter), and then the manager appears to delete the certificate you generated before

2. A new certificate was typed with a tool called “fiddlercertmaker. Exe”. You can download it here( After the download is successful, double-click to run it directly.)

3. Re open fiddler and use Chrome/IE to input https://www.baidu.com/ This time, you can capture the message of HTTPS and decrypt it successfully

4. Use IOS to remotely connect Fiddler’s proxy address. After the certificate is successfully installed online, use native browser to access it“ https://www.baidu.com/ ”, Fiddler successfully grabs the data of HTTPS

5. When Fiddler grabs the web page of chrome, it may prompt that the connection is unsafe and cannot be used. Install the plug-in switchysharp on chrome, and select general settings – check quick switch – use system proxy settings – OK in the plug-in. Because Fiddler will automatically set a proxy 127.0.0.1 port 8888 to the browser and remember the proxy settings of the browser, all requests go through Fiddler proxy first and then browser proxy. If the plug-in is used, the fiddler agent may be directly blocked, so the request cannot be monitored

4. Others

1. Chrome and IE use a system proxy, while Firefox uses an independent proxy system, so no matter whether the “capturing” switch of fiddler is turned on or not, it can’t capture the request of the browser. We need to set the proxy settings of foxbrowser as system proxy or configure it as manual proxy“

2. The certificate management system used by Firefox is also an independent system, while chrome and IE use the certificate agent of the system. So if we want to use Fiddler to capture the data packet of HTTPS in the browser, we need to export the root certificate of fiddler to the desktop, and then import it into the certificate of firebox. When we use chrome and ie, we don’t need to import or export the certificate, because Fiddler’s certificate is installed in the system’s certificate management

3. If there is a problem with the certificate when using fiddler, you can try to use “fiddlercertmaker. Exe” to type the certificate again

4. If you can’t get the data by using Android or IOS, and if you can’t install “fiddlercertmaker. Exe” on your computer, try another plug-in of fiddler, “certmaker
for IOS and Android”, which can be downloaded from the official website