Fiddler无法抓取某些APP的HTTPS请求,无解!!!

最新推荐文章于 2024-06-22 15:30:00 发布
最新推荐文章于 2024-06-22 15:30:00 发布
阅读量4.2k 收藏 1
点赞数 1
文章标签: git
原文链接:http://www.cnblogs.com/wgscd/p/9910073.html
版权

遇到有些APP的HTTPS请求无法抓取!错误提示: !SecureClientPipeDirect failed: System.Security.Authentication.AuthenticationException A call to SSPI failed, see inner exception. < An unknown error occurred while processing the certificate for pipe (CN=*.umeng.com, O=DO_NOT_TRUST, OU=Created by http://www.fiddler2.com).

google了下,貌似有些APP的证书不能随便构造,

这个回答提到了一种叫Certificate Pinning(证书锁定)的机制     https://stackoverflow.com/questions/33382870/how-to-capture-httpstls-1-0-communications-from-android-app-with-fiddler4

官方说:

From the Fiddler book:

Certificate Pinning

A very small number of HTTPS client applications support a feature known as “Certificate Pinning” whereby the client application is hardcoded to accept only one specific certificate. Even if the connection uses a certificate that chains to a root that is otherwise fully-trusted by the operating system, such applications will refuse to accept an unexpected certificate.

To date, some Twitter and Dropbox apps include this feature, and Windows 8 Metro apps may opt-in to requiring specific certificates rather than relying upon the system’s Trusted Root store. Firefox’s automatic browser update feature will silently fail when Fiddler is decrypting its traffic. The Microsoft Security toolkit named EMET can enable pinning in any application for certain “high-value” sites (including Windows Live). The Chrome browser supports pinning, but it exempts locally-trusted roots like Fiddler’s.

When a Certificate-Pinned application performs a HTTPS handshake through a CONNECT tunnel to Fiddler, it will examine the response’s certificate and refuse to send any further requests when it discovers the Fiddler-generated certificate. Unfortunately, there is no general-purpose workaround to resolve this; the best you can do is to exempt that application’s traffic from decryption using the HTTPS tab or by setting the x-no-decrypt Session flag on the CONNECT tunnel. The flag will prevent Fiddler from decrypting the traffic in the tunnel and it will flow through Fiddler uninterrupted.

A very small number of HTTPS client applications support a feature known as “Certificate Pinning” whereby the client application is hardcoded to accept only one specific certificate. Even if the connection uses a certificate that chains to a root that is otherwise fully-trusted by the operating system, such applications will refuse to accept an unexpected certificate. To date, some Twitter and Dropbox apps include this feature, and Windows 8 Metro apps may opt-in to requiring specific certificates rather than relying upon the system’s Trusted Root store. Firefox’s automatic browser update feature will silently fail when Fiddler is decrypting its traffic. The Microsoft Security toolkit named EMET can enable pinning in any application for certain “high-value” sites (including Windows Live). The Chrome browser supports pinning, but it exempts locally-trusted roots like Fiddler’s. When a Certificate-Pinned application performs a HTTPS handshake through a CONNECT tunnel to Fiddler, it will examine the response’s certificate and refuse to send any further requests when it discovers the Fiddler-generated certificate.

Unfortunately, there is no general-purpose workaround to resolve this; the best you can do is to exempt that application’s traffic from decryption using the HTTPS tab or by setting the x-no-decrypt Session flag on the CONNECT tunnel. The flag will prevent Fiddler from decrypting the traffic in the tunnel and it will flow through Fiddler uninterrupted.
If you're very serious about circumventing pinning, you can jailbreak the device and use any of a number of 3rd party toolkits to disable the pinning code.

 

大概意思就是Fiddler对这种APP的证书认证机制无能为力,只能望洋兴叹!呜呼哀哉!

 

有能解决这个问题的朋友麻烦留言下!!谢谢!

 

转载于:https://www.cnblogs.com/wgscd/p/9910073.html

weixin_30737433
关注
  • 1
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 0
    评论
Fiddle使用||解决突然抓包失败问题
qq_43543920的博客
03-07 1万+
背景 fiddle突然抓不了包了,无论是尝试抓浏览器还是移动端,都失败。错误提示如下 20:17:41:8842 !SecureClientPipeDirect failed: System.IO.IOException 无法从传输连接中读取数据: 远程主机强迫关闭了一个现有的连接。。 < 远程主机强迫关闭了一个现有的连接。 for pipe (CN=.tianyancha.com, O=DO_NOT_TRUST, OU=Created by http://www.fiddler2.com) 20:1
Fidder常见问题
Harris-H的博客
03-21 4404
Fidder常见问题 a.Fidder出现灰色锁 connect是为了建立http tunnel,connect是http众多方法中的其中一种,它跟post、get、put、options方法是并列的。但是它的使用场景很特殊。只有在受限制的网络环境中(防火墙、NAT、代理器)并且是https通信时,客户端使用http connect请求代理服务器,代理服务器使用connect方法与目标服务器建立http tunnel,通道建立后,客户端与服务器进行通信,代理服务器就像透明一样,只是接收、转发tcp s
Fiddler无法抓包怎么解决?这些配置项你需要检查。尤其是最后一项。
最新发布
百晓生说测试的博客
06-22 1817
有时候,我们的启动是正常的,但是就是抓不到包,原因有很多。但多数情况都是因为配置不正确,接下来我们就看下有哪些导致fiddler抓不到的设置。一般情况下此设置会,但是如果抓不到包首先要检查下这个选项。有时候抓不到包也可能是设置了过滤条件,把多数包都过滤掉了,导致后续我们再的时候就看不到,这个时候我们也可以检查下这个选项。检查步骤:查看右侧的Filters选项的复选框是否勾上,如果勾上,点击UserFilters去掉复选框,点击Actions即可生效。
fiddler pc https 抓包
wangjun5159的专栏
08-13 5万+
原理fiddler抓包原理fiddler 调试器注册到操作系统因特网服务中,系统所有的网络请求都会走fiddler的代理,所以fiddler才能抓包。 Debug traffic from any client and browser Fiddler helps you debug traffic from any browser: Internet Explorer, Chrome, F
fiddler使用教程以及工作原理
weixin_47329041的博客
08-12 2407
一、Fiddler抓包工具简介 Fiddler是位于客户端和服务器端的HTTP代理。 Fiddler是目前最常用的http抓包工具之一。 Fiddler是功能非常强大,是web调试的利器。 二、Fiddler工作原理 Fiddler原理图如下: Fiddler是一个代理服务器。代理地址:127.0.0.1,端口:8888。浏览器可以通过设置查看代理服务器:设置->高级->打开您计算机的代理设置->连接->局域网设置->代理服务器->在高级中就.
fiddler https 抓包
男儿当自强
07-26 1万+
原理 fiddler抓包原理 fiddler 调试器注册到操作系统因特网服务中,系统所有的网络请求都会走fiddler的代理,所以fiddler才能抓包。 Debug traffic from any client and browser  Fiddler helps you debug traffic from any browser: Internet Explorer
Fiddler手机抓包网络报错解决办法
weixin_70268951的博客
03-06 8426
你的Fiddler为何总是抓不到手机的包?为何手机设置后总是网络链接错误?进来瞧一眼,包教包会
Fiddler如何抓取手机APP数据包
09-21
标题中的“Fiddler如何抓取手机APP数据包”指的是使用Fiddler工具来捕获移动设备(如Android、iPhone或Windows Phone)上的应用程序产生的网络通信数据包。Fiddler是一款强大的HTTP协议调试代理服务器,它能够记录并...
fiddler抓取https请求 数据乱码问题解决方案
04-27
NULL 博文链接:https://st4024589553.iteye.com/blog/2378674
fiddler抓取https请求设置
09-17
fiddler抓取https请求设置过程,解决了fiddler不能抓取https请求的问题
Fiddler Https抓取工具
03-19
配合旧版iTunes获取ios历史版本软件
使用Fiddler抓取手机app的数据包-https-附件资源
03-02
使用Fiddler抓取手机app的数据包-https-附件资源
mysql spi_c# – .NET和MySQL错误 – 对SSPI的调用失败……“收到的消息是意外的或格式错误的”和“提供给函数的缓冲区太小”...
weixin_39699163的博客
01-19 1177
我希望这个问题不是太模糊,但我看得很远但却找不到任何有用的错误.我有一个.NET 4.5.2 Web服务层(使用ServiceStack和Dapper),自从我们部署服务以来,它几乎没有收到这两个错误.第一个错误:2017-09-29 18:13:26.637 +00:00 [Error] Class: "TokenRepository" | Method: "GetToken"System.Se...
Dynamics crm A call to SSPI failed, The target principal name is incorrect
weixin_33724659的博客
04-21 520
环境: AD :1 台 ADFS:1台 后端(沙盒、异步服务):4台 前端:10台 数据库:1 台 最近在压测环境增加了7台前端服务器,安装完后可以通过浏览器访问,以为一切正常了, 后来发现插件有时候成功,有时候失败,遂在插件里面记录Trace信息,看关键信息大概是这样的: System.Security.Authentication.AuthenticationExcepti...
IOS 苹果手机fiddler抓包时出现了tunnel to 443 解决方案,亲测有效
weixin_30871293的博客
10-30 3704
先上一张捉取成功图【版本需4.0以上,并非所有https数据可抓取,具体原因未知】 1.先对Fiddler进行设置【打开Fiddler ——> Options .然后打开的对话框中,选择HTTPS页】: 勾选“CaptureHTTPS CONNECTs”,接着勾选“Decrypt HTTPS traffic”。 同时,由于我们是通过WiFi远程连过来,所以在下面...
Fiddler 如何抓取手机app包以及抓取https 响应
热门推荐
在路上
11-19 10万+
Fiddler安装 此处略。我们需要安装Fiddler软件,版本需要在4.0以上,尽量越高越好。 普通https抓包设置 打开Fiddler ——&amp;amp;amp;amp;amp;amp;amp;amp;amp;gt; Options .然后打开的对话框中,选择HTTPS tab页,如图: 接下来,选择 Connections tab页,如图: 在进行这两步的过程中,会弹出一个 提示框,提示是否安装证书,选择安装即可。 手机端安装Fiddle...
fiddler抓包时出现了tunnel to ......443 解密HTTPS数据
蓝色的雨
04-27 4万+
转:1、在抓取https的数据包时,fiddler会话栏目会显示“Tunnel to….443”的信息,这个是什么原因呢? connect表示https的握手(也就是认证信息,只要是https就要进行认证),只要不是满篇的Tunnel to….443,就没有任何问题。我们可以选择将这类信息进行隐藏。 隐藏方法:菜单栏=》Rules=》选择Hide Connects。就可以隐藏了。2、要解密HTTP...
mp-mtgsig 美团iOS 签名逆向工程分析
Sp4rkW的博客
06-27 4751
原文链接:https://chenqi.app/Meituan-iOS-Reverse-Engineering/ 转存mark,如有侵权,联系删除 静态分析 美团App iOS 安装包 版本号 11.6.201 发布时间 2021.01.18 Fiddler 常规操作,首先使用Fiddler进行HTTP(S)网络代理抓包,没有获得任何明显的线索。猜测美团App使用了Native层实现网络通讯功能,负责加解密,压缩解压缩等常见处理,属于常见技术方案,携程CRN亦是如此。后续分析印证了该猜测。 Cydia .
fiddler抓取手机apphttps
03-16
要在手机上抓取httpsapp请求,需要在手机上安装Fiddler的安卓版本并在设置中打开代理。然后在电脑上运行Fiddler,并在手机上的Wi-Fi设置中配置代理服务器为电脑的IP地址,端口为8888。这样Fiddler就可以抓取手机上apphttps请求了。
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值