ericlaw1979
/ CertSH.js
Last active
January 31, 2018 14:12
Integrate a CRT.SH tab into Fiddler to show diagnostic information about the server's (or executable's) certificate
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Click Rules > Customize Rules. Inside the HANDLERS class, add the following block: | |
| public BindUITab("CertInfo", "<html>") | |
| static function CRTSHReport(arrSess: Session[]):String { | |
| if ((arrSess.Length != 1) || | |
| ( !arrSess[0].isTunnel && | |
| !(arrSess[0].bHasResponse && | |
| (arrSess[0].responseBodyBytes.Length > 2) && | |
| (arrSess[0].responseBodyBytes[0] == 0x4d) && |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public static ContextAction("Show Hashes") | |
| function doHash(arrSess: Session[]) | |
| { | |
| for (var i: int=0; i<arrSess.Length; i++) | |
| { | |
| FiddlerObject.alert( | |
| "_MD5_\n"+arrSess[i].GetResponseBodyHash("md5") + "\n\n" + | |
| "_SHA1_\n"+arrSess[i].GetResponseBodyHash("sha1") + "\n\n" + | |
| "_SHA256_\n"+arrSess[i].GetResponseBodyHash("sha256") + "\n" | |
| ); |
ericlaw1979
/ NoCertPrompt.cs
Created
March 9, 2016 17:02
Prevent Fiddler's annoying "<x> asks for a client certificate" prompt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Click Rules, Customize Rules. | |
| // Inside static function Main() {, add the following line: | |
| FiddlerApplication.Prefs.SetBoolPref("fiddler.network.https.clientcertificate.ephemeral.prompt-for-missing", false); | |
| // Then save the script |
ericlaw1979
/ Request URLs from Clipboard.js
Created
March 31, 2016 20:21
Given a simple list of URLs on the clipboard, make a request for each one
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public static ToolsAction("Request URLs from Clipboard") | |
| function doClipboard() | |
| { | |
| var s: String = Clipboard.GetText(); | |
| var arr: String[] = s.Split(['\n']); | |
| for (var i: int=0; i<arr.Length; i++) | |
| { | |
| var sUri = arr[i].Trim(); |
ericlaw1979
/ OverwriteBOM.js
Created
May 18, 2017 20:58
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public static void OnBeforeResponse(Session oSession) { | |
| // If the response body starts with a Utf-8 signature, overwrite it with spaces | |
| if (oSession.ResponseBody.Length > 3 && | |
| oSession.ResponseBody[0] == 0xEF && | |
| oSession.ResponseBody[1] == 0xBB && | |
| oSession.ResponseBody[2] == 0xBF) | |
| { | |
| oSession.ResponseBody[0] = 0x20; | |
| oSession.ResponseBody[1] = 0x20; |
ericlaw1979
/ FilterByProcessName.js
Last active
February 13, 2019 17:16
Hide Traffic based on Process Name
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //Hide Traffic based on Process Name | |
| //The following script creates a ShowOnly submenu on the Rules menu that allows you to easily display captured | |
| //traffic from only a single executable: | |
| RulesString("ShowOnly", true) | |
| BindPref("fiddlerscript.rules.ProcessFilter") | |
| RulesStringValue(0,"Chrome", "chrome") | |
| RulesStringValue(1,"FireFox", "firefox") | |
| RulesStringValue(2,"IE", "iexplore") | |
| RulesStringValue(3,"Edge", "msedge") | |
| RulesStringValue(4,"&Custom...", "%CUSTOM%") |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [BindUITab("Resource Integrity Hashes", "<nowrap><nolink>")] | |
| public static string ShowSRIHashr(Session[] arrSess) { | |
| var oSB = new System.Text.StringBuilder(); | |
| for (int i = 0; i<arrSess.Length; i++) | |
| { | |
| if (arrSess[i].HTTPMethodIs("CONNECT")) continue; | |
| if (!arrSess[i].bHasResponse) | |
| { | |
| oSB.AppendFormat("\r\n// Skipping incomplete response '{0}'\r\n", arrSess[i].fullUrl); |
ericlaw1979
/ HackyFiddlerScriptUITweaks.cs
Created
May 4, 2018 19:01
Many components in Fiddler's UI are not "public", but because of how WinForms works, you can crawl around the window until you find them. This C# FiddlerScript makes the box at the bottom of the AutoResponder tab taller.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ToolsAction("FixPanelHeight")] | |
| public static void DoFix() | |
| { | |
| foreach (Control c in FiddlerApplication.UI.tabsViews.Controls) { | |
| if (c.Name == "pageResponder") foreach (Control d in (c.Controls[0] as UserControl).Controls) | |
| if (d.Name == "pnlAutoResponders") foreach (Control e in (d as Panel).Controls) { | |
| // FiddlerApplication.Log.LogString(e.Name); | |
| if (e.Name == "gbResponderEditor") { | |
| e.Height=e.Height+120; | |
| e.Top=e.Top-120; |
ericlaw1979
/ Toolbar and OnLoad.cs
Created
May 9, 2018 20:55
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public static void OnBoot() | |
| { | |
| var btn = new ToolStripButton("Boo"); | |
| btn.ToolTipText = "Haha"; | |
| FiddlerToolbar.AddToolStripItem(btn); | |
| FiddlerApplication.OnLoadSAZ += myHandler; | |
| } | |
| public static void myHandler( System.Object o, Fiddler.FiddlerApplication.ReadSAZEventArgs RSEA) { | |
| FiddlerApplication.UI.Text = "Latest: " + RSEA.sFilename; |
ericlaw1979
/ RedirectTest.ms
Created
July 31, 2018 15:24
https://blogs.msdn.microsoft.com/ieinternals/2011/08/19/http-methods-and-redirect-status-codes/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import Meddler; | |
| import System; | |
| import System.Net.Sockets; | |
| import System.Windows.Forms; | |
| class Handlers | |
| { | |
| static function OnConnection(oSession: Session) | |
| { | |
| if (oSession.ReadRequest()){ |