Created
March 29, 2022 16:24
-
-
Save antoniovs1029/74b0d2a30da624d9cd9460216461a6dd to your computer and use it in GitHub Desktop.
Fiddler script to search within websocket messages
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Adds QuickExec command `searchws <string>` to search the string inside websocket messages on all current Fiddler websocket sessions | |
// It also adds a column to the sessions `WS Search` reporting on how many hits for <string> were found on each session, | |
// and logs to the standard log tab in what messages of which session was the <string> found. | |
// This script may be copied as-is to replace all the contents in Fiddler > Rules > Customize Rules editor, | |
// or its contents can be added to the script already found there. | |
import System; | |
import System.Windows.Forms; | |
import Fiddler; | |
class Handlers | |
{ | |
public static BindUIColumn("WS Search") | |
function WsSearchCol(oS: Session){ | |
if (null != oS["custom-ws-search"]) return oS["custom-ws-search"]; else return String.Empty; | |
} | |
static function OnExecAction(sParams: String[]): Boolean { | |
FiddlerObject.StatusText = "ExecAction: " + sParams[0]; | |
var sAction = sParams[0].toLowerCase(); | |
switch (sAction) { | |
case "searchws": | |
if (sParams.Length<2) { FiddlerObject.StatusText="Please specify a string to search for"; return false;} | |
const searchString = sParams[1] | |
var webSocketCounter = 0; | |
var foundTotalCounter = 0; | |
const oSessions : Session[] = UI.GetAllSessions(); | |
for (var sessionIdx:int = 0; sessionIdx < oSessions.Length; sessionIdx++){ | |
var currSession = oSessions[sessionIdx]; | |
if(currSession.bHasWebSocketMessages){ | |
webSocketCounter += 1; | |
currSession["custom-ws-search"] = String.Empty; | |
const currWebSocketTunnel : WebSocket = (WebSocket) (currSession.__oTunnel); // couldnt find a cleaner way to get the websocket tunnel from the session... | |
var foundInSessionCounter = 0; | |
for(var wsMessageIdx : int = 0; wsMessageIdx < currWebSocketTunnel.MessageCount; wsMessageIdx++) | |
{ | |
const wsMessage = currWebSocketTunnel.listMessages[wsMessageIdx]; | |
const wsType = wsMessage.FrameType; | |
if(wsType != WebSocketFrameTypes.Ping && wsType != WebSocketFrameTypes.Pong) // don't search in ping-pong messages | |
{ | |
const wsPayload = wsMessage.PayloadAsString(); | |
//FiddlerObject.log(wsPayload); | |
if(wsPayload.search(searchString) != -1) | |
{ | |
FiddlerObject.log("Found " + searchString + " in Session #" + currSession.id + " WSMessage #" + wsMessage.ID); | |
foundTotalCounter += 1 | |
foundInSessionCounter += 1; | |
} | |
} | |
} | |
if(foundInSessionCounter > 0) | |
{ | |
currSession["custom-ws-search"] = "FOUND " + foundInSessionCounter + " messages containing \"" + searchString + "\""; | |
} | |
currSession.RefreshUI(); | |
} | |
} | |
FiddlerObject.StatusText = "Found " + foundTotalCounter + " total hits on " + webSocketCounter + " Websocket tunnels"; | |
return true; | |
default: | |
FiddlerObject.StatusText = "Requested ExecAction: '" + sAction + "' not found. Type HELP to learn more."; | |
return false; | |
} | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment