0
我有這樣的測試工具來嘗試提琴手核心我的工具每次啓動證書:我不得不刪除小提琴手產生對HTTPS流量
static void Main(string[] args)
{
#region AttachEventListeners
//
// It is important to understand that FiddlerCore calls event handlers on the
// session-handling thread. If you need to properly synchronize to the UI-thread
// (say, because you're adding the sessions to a list view) you must call .Invoke
// on a delegate on the window handle.
//
// Simply echo notifications to the console. Because Fiddler.CONFIG.QuietMode=true
// by default, we must handle notifying the user ourselves.
Fiddler.FiddlerApplication.OnNotification += delegate(object sender, NotificationEventArgs oNEA)
{
Console.WriteLine("** NotifyUser: " + oNEA.NotifyString);
};
Fiddler.FiddlerApplication.Log.OnLogString += delegate(object sender, LogEventArgs oLEA)
{
Console.WriteLine("** LogString: " + oLEA.LogString);
};
Fiddler.FiddlerApplication.BeforeRequest += delegate(Fiddler.Session oS)
{
Console.WriteLine("Before request for:\t" + oS.fullUrl);
// In order to enable response tampering, buffering mode must
// be enabled; this allows FiddlerCore to permit modification of
// the response in the BeforeResponse handler rather than streaming
// the response to the client as the response comes in.
oS.bBufferResponse = false;
};
Fiddler.FiddlerApplication.BeforeResponse += delegate(Fiddler.Session oS)
{
Console.WriteLine("{0}:HTTP {1} for {2}", oS.id, oS.responseCode, oS.fullUrl);
// Uncomment the following two statements to decompress/unchunk the
// HTTP response and subsequently modify any HTTP responses to replace
// instances of the word "Microsoft" with "Bayden"
//oS.utilDecodeResponse(); oS.utilReplaceInResponse("Microsoft", "Bayden");
};
Fiddler.FiddlerApplication.AfterSessionComplete += delegate(Fiddler.Session oS)
{
Console.WriteLine("Finished session:\t" + oS.fullUrl);
};
// Tell the system console to handle CTRL+C by calling our method that
// gracefully shuts down the FiddlerCore.
Console.CancelKeyPress += new ConsoleCancelEventHandler(Console_CancelKeyPress);
#endregion AttachEventListeners
Console.WriteLine("Starting FiddlerCore...");
// For the purposes of this demo, we'll forbid connections to HTTPS
// sites that use invalid certificates
Fiddler.CONFIG.IgnoreServerCertErrors = true;
Fiddler.CONFIG.bMITM_HTTPS = true;
Fiddler.CertMaker.removeFiddlerGeneratedCerts();
if (!Fiddler.CertMaker.rootCertExists())
{
if (!Fiddler.CertMaker.createRootCert())
{
throw new Exception("Unable to create cert for FiddlerCore.");
}
}
if (!Fiddler.CertMaker.rootCertIsTrusted())
{
if (!Fiddler.CertMaker.trustRootCert())
{
throw new Exception("Unable to install FiddlerCore's cert.");
}
}
// Because we've chosen to decrypt HTTPS traffic, makecert.exe must
// be present in the Application folder.
Fiddler.FiddlerApplication.Startup(8877, true, true);
Console.WriteLine("Hit CTRL+C to end session.");
// Wait Forever for the user to hit CTRL+C.
// BUG BUG: Doesn't properly handle shutdown of Windows, etc.
Object forever = new Object();
lock (forever)
{
System.Threading.Monitor.Wait(forever);
}
}
/// <summary>
/// When the user hits CTRL+C, this event fires. We use this to shut down and unregister our FiddlerCore.
/// </summary>
/// <param name="sender"></param>
/// <param name="e"></param>
static void Console_CancelKeyPress(object sender, ConsoleCancelEventArgs e)
{
Console.WriteLine("Shutting down...");
Fiddler.FiddlerApplication.Shutdown();
System.Threading.Thread.Sleep(750);
}
這個測試工具的工作,我可以捕獲HTTPS流量,這是我需要我的實際工具。 但是,每次工具啓動時,用戶都必須重新安裝並重新信任該證書。如果我不叫
Fiddler.CertMaker.removeFiddlerGeneratedCerts();
,則該工具將無法捕獲HTTPS流量,而我的工作監控停止應用程序,因爲很顯然,請求似乎得到由小提琴手攔截而不是路由到應用程序。
我該如何設置這個,所以我不必每次都刪除小提琴手證書?
您是否在使用Fiddler'CertMaker.dll'加載項?如果是的話,你會在控制檯中看到一個參考。 – EricLaw
是的,我有。就像我寫的,原則上一切正常,當我第一次啓動該工具時,我可以看到HTTPS流量很好。這只是我必須在每次啓動工具時刪除提琴手證書,否則它將停止工作。 http://i.imgur.com/qv3sif3.png – Hackworth
FWIW,我遇到了同樣的問題,解決辦法是從項目中刪除certmaker.dll,並將makecert.exe放入應用程序的輸出文件夾中。這讓FiddlerCore可以創建一個可在應用程序啓動時使用的粘性證書,並允許您僅註冊一次證書(因此可以輕鬆添加安裝/卸載SSL選項)。 –