fiddler手机抓包脚本代码

最新推荐文章于 2022-08-29 17:55:56 发布

zjq_zfq

最新推荐文章于 2022-08-29 17:55:56 发布

阅读量1.2k

点赞数 1

分类专栏： fiddler手机抓包脚本-c#语音文章标签： fiddler

本文链接：https://blog.csdn.net/zjq_zfq/article/details/110798024

版权

fiddler手机抓包脚本-c#语音专栏收录该内容

1 篇文章 0 订阅

订阅专栏

using System;
using Fiddler;
using System.Text;
using System.Windows.Forms;
using System.Collections;
using System.Collections.Generic;

// INTRODUCTION
// This is the FiddlerScript Rules file, which creates some of the menu commands and
// other features of Fiddler. You can edit this file to modify or add new commands.
//
// NOTE: This is the C# version of the script, which can be used on Windows and Mono,
// unlike the JScript.NET script, which can be used only on Windows. In order to use
// a JScript.NET script on Mono, you must rewrite it in C#.
//
// The original version of this file is named SampleRules.cs and it is in the
// \Fiddler\ app folder. When Fiddler first starts, it creates a copy named
// CustomRules.cs inside your \Documents\Fiddler2\Scripts folder. If you make a
// mistake in editing this file, simply delete the CustomRules.cs file and restart
// Fiddler. A fresh copy of the default rules will be created from the original
// sample rules file.

namespace Fiddler
{
public static class Handlers
{

    // The following snippet demonstrates a custom-bound column for the Web Sessions list.
    // See http://fiddler2.com/r/?fiddlercolumns for more info
    /*
    [BindUIColumn("Method", 60)]
    public static string FillMethodColumn(Session oS)
    {
     return oS.RequestMethod;
    }
    */

    // The following snippet demonstrates how to create a custom tab that shows simple text
    /*
    [BindUITab("Flags")]
    public static string FlagsReport(Session[] arrSess)
    {
        StringBuilder oSB = new StringBuilder();
        for (int i = 0; i < arrSess.Length; i++)
        {
            oSB.AppendLine("SESSION FLAGS");
            oSB.AppendFormat("{0}: {1}\n", arrSess[i].id, arrSess[i].fullUrl);
            foreach(DictionaryEntry sFlag in arrSess[i].oFlags)
            {
                oSB.AppendFormat("\t{0}:\t\t{1}\n", sFlag.Key, sFlag.Value);
            }
        }

        return oSB.ToString();
    }
    */

    // You can create a custom menu like so:
    /*
    [QuickLinkMenu("&Links")]
    [QuickLinkItem("IE GeoLoc TestDrive", "http://ie.microsoft.com/testdrive/HTML5/Geolocation/Default.html")]
    [QuickLinkItem("FiddlerCore", "http://fiddler2.com/fiddlercore")]
    public static void DoLinksMenu(string sText, string sAction)
    {
        Utilities.LaunchHyperlink(sAction);
    }
    */

[RulesOption(“Hide 304s”)]
[BindPref(“fiddlerscript.rules.Hide304s”)]
public static bool m_Hide304s = false;

    // Cause Fiddler to override the Accept-Language header with one of the defined values

[RulesOption(“Request &Japanese Content”)]
public static bool m_Japanese = false;

    // Automatic Authentication

[RulesOption("&Automatically Authenticate")]
[BindPref(“fiddlerscript.rules.AutoAuth”)]
public static bool m_AutoAuth = false;

    // Cause Fiddler to override the User-Agent header with one of the defined values

[RulesString("&User-Agents", true)]
[BindPref(“fiddlerscript.ephemeral.UserAgentString”)]
[RulesStringValue(0, “Netscape &3”, “Mozilla/3.0 (Win95; I)”)]
[RulesStringValue(1, “WinPhone8.1”, “Mozilla/5.0 (Mobile; Windows Phone 8.1; Android 4.0; ARM; Trident/7.0; Touch; rv:11.0; IEMobile/11.0; NOKIA; Lumia 520) like iPhone OS 7_0_3 Mac OS X AppleWebKit/537 (KHTML, like Gecko) Mobile Safari/537”)]
[RulesStringValue(2, “&Safari5 (Win7)”, “Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/533.21.1 (KHTML, like Gecko) Version/5.0.5 Safari/533.21.1”)]
[RulesStringValue(3, “Safari9 (Mac)”, “Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11) AppleWebKit/601.1.56 (KHTML, like Gecko) Version/9.0 Safari/601.1.56”)]
[RulesStringValue(4, “iPad”, “Mozilla/5.0 (iPad; CPU OS 8_3 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12F5027d Safari/600.1.4”)]
[RulesStringValue(5, “iPhone6”, “Mozilla/5.0 (iPhone; CPU iPhone OS 8_3 like Mac OS X) AppleWebKit/600.1.4 (KHTML, like Gecko) Version/8.0 Mobile/12F70 Safari/600.1.4”)]
[RulesStringValue(6, “IE &6 (XPSP2)”, “Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)”)]
[RulesStringValue(7, “IE &7 (Vista)”, “Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1)”)]
[RulesStringValue(8, “IE 8 (Win2k3 x64)”, “Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.2; WOW64; Trident/4.0)”)]
[RulesStringValue(9, “IE &8 (Win7)”, “Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0)”)]
[RulesStringValue(10, “IE 9 (Win7)”, “Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)”)]
[RulesStringValue(11, “IE 10 (Win8)”, “Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0)”)]
[RulesStringValue(12, “IE 11 (Surface2)”, “Mozilla/5.0 (Windows NT 6.3; ARM; Trident/7.0; Touch; rv:11.0) like Gecko”)]
[RulesStringValue(13, “IE 11 (Win8.1)”, “Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko”)]
[RulesStringValue(14, “Edge (Win10)”, “Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.11082”)]
[RulesStringValue(15, “&Opera”, “Opera/9.80 (Windows NT 6.2; WOW64) Presto/2.12.388 Version/12.17”)]
[RulesStringValue(16, “&Firefox 3.6”, “Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.7) Gecko/20100625 Firefox/3.6.7”)]
[RulesStringValue(17, “&Firefox 43”, “Mozilla/5.0 (Windows NT 6.3; WOW64; rv:43.0) Gecko/20100101 Firefox/43.0”)]
[RulesStringValue(18, “&Firefox Phone”, “Mozilla/5.0 (Mobile; rv:18.0) Gecko/18.0 Firefox/18.0”)]
[RulesStringValue(19, “&Firefox (Mac)”, “Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:24.0) Gecko/20100101 Firefox/24.0”)]
[RulesStringValue(20, “Chrome (Win)”, “Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.48 Safari/537.36”)]
[RulesStringValue(21, “Chrome (Android)”, “Mozilla/5.0 (Linux; Android 5.1.1; Nexus 5 Build/LMY48B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.78 Mobile Safari/537.36”)]
[RulesStringValue(22, “ChromeBook”, “Mozilla/5.0 (X11; CrOS x86_64 6680.52.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.74 Safari/537.36”)]
[RulesStringValue(23, “GoogleBot Crawler”, “Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)”)]
[RulesStringValue(24, “Kindle Fire (Silk)”, “Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_3; en-us; Silk/1.0.22.79_10013310) AppleWebKit/533.16 (KHTML, like Gecko) Version/5.0 Safari/533.16 Silk-Accelerated=true”)]
[RulesStringValue(25, “&Custom…”, “%CUSTOM%”)]
public static string sUA = null;

    // Cause Fiddler to delay HTTP traffic to simulate typical 56k modem conditions

[RulesOption(“Simulate &Modem Speeds”, “Per&formance”)]
public static bool m_SimulateModem = false;

    // Removes HTTP-caching related headers and specifies "no-cache" on requests and responses

[RulesOption("&Disable Caching", “Per&formance”)]
public static bool m_DisableCaching = false;

[RulesOption(“Cache Always &Fresh”, “Per&formance”)]
public static bool m_AlwaysFresh = false;

    // Force a manual reload of the script file.  Resets all
    // RulesOption variables to their defaults.

[ToolsAction(“Reset Script”)]
public static void DoManualReload()
{
FiddlerObject.ReloadScript();
}

[ContextAction(“Decode Selected Sessions”)]
public static void DoRemoveEncoding(Session[] arrSessions)
{
for (int x = 0; x < arrSessions.Length; x++)
{
arrSessions[x].utilDecodeRequest();
arrSessions[x].utilDecodeResponse();
}

FiddlerApplication.UI.actUpdateInspector(true,true);
}

[ContextAction(“解密响应数据”)]
public static void Encodereq(Session[] oSession)
{

for (int x = 0; x < oSession.Length; x++)
{
oSession[x].utilDecodeResponse();
var oBody = System.Text.Encoding.UTF8.GetString(oSession[x].responseBodyBytes);

if(IsBase64(oBody))
{

if(oBody.Length>1  )
{   
    //String key = "CIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQWvANhvD8hd/Hy8bH+t2XAg05i4lvwqVv8tn8Xk1eVGDZyK0kZhSVLoGZyMPSanFjvcqrl2xirkn3lsqzy6deBXxoop9S7cuROi2uOoSeMiOJO3aWTAQTrG4VsWbbY5jX8Oh0mn1dy5YaWsxl+UPQPvnzN50d17WVKIX81hho6wIDAQAB";
    //String key = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZFrvPSVUfAo9aDrrmWptff/AlyXaLMrlL4DYcg7eaG4WOWGle7Kum+5RJqM4Z+j3AYE18QNc46cR6dw51mH5+0n+NwezLQduml29hPasIVY3lPgugo3t4PZSZ3EiC+lezHSPmfc52ZTesaAU9qJOJ2kDav8hNNAlyvTV13zfDKQIDAQAB";
    String key = "BIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDcjzUTtEI1suJeVp34Q/RXY6aoUIxvvrxm7VUO2TH20/sl3K8ZviGYULHiA3s9d62jkdn6w8q5LjhnaUrfqfLS87bUJcRQw9L/D1xWPDTPFBBUHzE94nXw/BaNUhMIeXX+xfFDX9PmbOsIEPJ7sPrPQSAuBxlXNwDWPK52O4mN2QIDAQAB";
    //String key = "AIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCg3zWXu+XkV+vuBqvEkyjkuLOLED0NdEq9NKVPfdfOR8VAegsvFfqrq3pd2/2xd/wwpM0ctO+urwN35Bw+3AOi9KVLrFsi9a6xGmiyPZjNxVkz7d9BK6QtWV6fJaaJVu6OAN6dQrJCGFVYTVWe1dKUCfJUBN0gd4MnIdX+mkBJXwIDAQAB";
    String decrypt_datatwo = XXTEA.DecryptBase64StringToString(oBody, key);
    //FiddlerObject.alert(decrypt_datatwo);
    oSession[x].utilSetResponseBody(decrypt_datatwo);
                                                                       
}

}
}

}

[ContextAction("加密修改后的响应数据")]

public static void Encodereq3(Session[] oSession)
{

for (int x = 0; x < oSession.Length; x++)
{
oSession[x].utilDecodeResponse();
var oBody = System.Text.Encoding.UTF8.GetString(oSession[x].responseBodyBytes);

if(oBody.Length>1 )
{
//String key = “CIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQWvANhvD8hd/Hy8bH+t2XAg05i4lvwqVv8tn8Xk1eVGDZyK0kZhSVLoGZyMPSanFjvcqrl2xirkn3lsqzy6deBXxoop9S7cuROi2uOoSeMiOJO3aWTAQTrG4VsWbbY5jX8Oh0mn1dy5YaWsxl+UPQPvnzN50d17WVKIX81hho6wIDAQAB”;
//String key = “MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZFrvPSVUfAo9aDrrmWptff/AlyXaLMrlL4DYcg7eaG4WOWGle7Kum+5RJqM4Z+j3AYE18QNc46cR6dw51mH5+0n+NwezLQduml29hPasIVY3lPgugo3t4PZSZ3EiC+lezHSPmfc52ZTesaAU9qJOJ2kDav8hNNAlyvTV13zfDKQIDAQAB”;
String key = “BIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDcjzUTtEI1suJeVp34Q/RXY6aoUIxvvrxm7VUO2TH20/sl3K8ZviGYULHiA3s9d62jkdn6w8q5LjhnaUrfqfLS87bUJcRQw9L/D1xWPDTPFBBUHzE94nXw/BaNUhMIeXX+xfFDX9PmbOsIEPJ7sPrPQSAuBxlXNwDWPK52O4mN2QIDAQAB”;
//String key = “AIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCg3zWXu+XkV+vuBqvEkyjkuLOLED0NdEq9NKVPfdfOR8VAegsvFfqrq3pd2/2xd/wwpM0ctO+urwN35Bw+3AOi9KVLrFsi9a6xGmiyPZjNxVkz7d9BK6QtWV6fJaaJVu6OAN6dQrJCGFVYTVWe1dKUCfJUBN0gd4MnIdX+mkBJXwIDAQAB”;
String decrypt_datatwo = XXTEA.EncryptToBase64String(oBody, key);
//FiddlerObject.alert(decrypt_datatwo);
oSession[x].utilSetResponseBody(decrypt_datatwo);

}

}
}

[ContextAction("解密ZIP响应数据响应数据")]

public static void Encodereq2(Session[] oSession)
{

for (int x = 0; x < oSession.Length; x++)
{
oSession[x].utilDecodeResponse();
var oBody = System.Text.Encoding.UTF8.GetString(oSession[x].responseBodyBytes);

if(IsBase64(oBody))
{

if(oBody.Length>1  )
{   
    //String key = "CIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQWvANhvD8hd/Hy8bH+t2XAg05i4lvwqVv8tn8Xk1eVGDZyK0kZhSVLoGZyMPSanFjvcqrl2xirkn3lsqzy6deBXxoop9S7cuROi2uOoSeMiOJO3aWTAQTrG4VsWbbY5jX8Oh0mn1dy5YaWsxl+UPQPvnzN50d17WVKIX81hho6wIDAQAB";
    //String key = "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZFrvPSVUfAo9aDrrmWptff/AlyXaLMrlL4DYcg7eaG4WOWGle7Kum+5RJqM4Z+j3AYE18QNc46cR6dw51mH5+0n+NwezLQduml29hPasIVY3lPgugo3t4PZSZ3EiC+lezHSPmfc52ZTesaAU9qJOJ2kDav8hNNAlyvTV13zfDKQIDAQAB";
    String key = "BIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDcjzUTtEI1suJeVp34Q/RXY6aoUIxvvrxm7VUO2TH20/sl3K8ZviGYULHiA3s9d62jkdn6w8q5LjhnaUrfqfLS87bUJcRQw9L/D1xWPDTPFBBUHzE94nXw/BaNUhMIeXX+xfFDX9PmbOsIEPJ7sPrPQSAuBxlXNwDWPK52O4mN2QIDAQAB";
    //String key = "AIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCg3zWXu+XkV+vuBqvEkyjkuLOLED0NdEq9NKVPfdfOR8VAegsvFfqrq3pd2/2xd/wwpM0ctO+urwN35Bw+3AOi9KVLrFsi9a6xGmiyPZjNxVkz7d9BK6QtWV6fJaaJVu6OAN6dQrJCGFVYTVWe1dKUCfJUBN0gd4MnIdX+mkBJXwIDAQAB";
    //String decrypt_datatwo = XXTEA.DecryptBase64String(oBody, key);
    //FiddlerObject.alert(decrypt_datatwo);
    oSession[x].utilSetResponseBody(System.Text.Encoding.UTF8.GetString(Utilities.GzipExpand(XXTEA.DecryptBase64String(oBody, key))));
                                                                       
}

}

}

[ContextAction("解密请求数据")]

public static void Decodereq(Session[] oSession)
{

for (int x = 0; x < oSession.Length; x++)
{
//String key = “CIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQWvANhvD8hd/Hy8bH+t2XAg05i4lvwqVv8tn8Xk1eVGDZyK0kZhSVLoGZyMPSanFjvcqrl2xirkn3lsqzy6deBXxoop9S7cuROi2uOoSeMiOJO3aWTAQTrG4VsWbbY5jX8Oh0mn1dy5YaWsxl+UPQPvnzN50d17WVKIX81hho6wIDAQAB”;
//String key = “MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZFrvPSVUfAo9aDrrmWptff/AlyXaLMrlL4DYcg7eaG4WOWGle7Kum+5RJqM4Z+j3AYE18QNc46cR6dw51mH5+0n+NwezLQduml29hPasIVY3lPgugo3t4PZSZ3EiC+lezHSPmfc52ZTesaAU9qJOJ2kDav8hNNAlyvTV13zfDKQIDAQAB”;
String key = “BIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDcjzUTtEI1suJeVp34Q/RXY6aoUIxvvrxm7VUO2TH20/sl3K8ZviGYULHiA3s9d62jkdn6w8q5LjhnaUrfqfLS87bUJcRQw9L/D1xWPDTPFBBUHzE94nXw/BaNUhMIeXX+xfFDX9PmbOsIEPJ7sPrPQSAuBxlXNwDWPK52O4mN2QIDAQAB”;
//String key = “AIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCg3zWXu+XkV+vuBqvEkyjkuLOLED0NdEq9NKVPfdfOR8VAegsvFfqrq3pd2/2xd/wwpM0ctO+urwN35Bw+3AOi9KVLrFsi9a6xGmiyPZjNxVkz7d9BK6QtWV6fJaaJVu6OAN6dQrJCGFVYTVWe1dKUCfJUBN0gd4MnIdX+mkBJXwIDAQAB”;
String decrypt_data = XXTEA.DecryptBase64StringToString(oSession[x].GetRequestBodyAsString(), key);
// 解密请求
oSession[x].utilSetRequestBody(decrypt_data);

}

}

[ContextAction("解密ZIP请求数据")]

public static void Decodereq2(Session[] oSession)
{

for (int x = 0; x < oSession.Length; x++)
{
var oBody = System.Text.Encoding.UTF8.GetString(oSession[x].requestBodyBytes);
//String key = “CIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDQWvANhvD8hd/Hy8bH+t2XAg05i4lvwqVv8tn8Xk1eVGDZyK0kZhSVLoGZyMPSanFjvcqrl2xirkn3lsqzy6deBXxoop9S7cuROi2uOoSeMiOJO3aWTAQTrG4VsWbbY5jX8Oh0mn1dy5YaWsxl+UPQPvnzN50d17WVKIX81hho6wIDAQAB”;
//String key = “MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZFrvPSVUfAo9aDrrmWptff/AlyXaLMrlL4DYcg7eaG4WOWGle7Kum+5RJqM4Z+j3AYE18QNc46cR6dw51mH5+0n+NwezLQduml29hPasIVY3lPgugo3t4PZSZ3EiC+lezHSPmfc52ZTesaAU9qJOJ2kDav8hNNAlyvTV13zfDKQIDAQAB”;
String key = “BIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDcjzUTtEI1suJeVp34Q/RXY6aoUIxvvrxm7VUO2TH20/sl3K8ZviGYULHiA3s9d62jkdn6w8q5LjhnaUrfqfLS87bUJcRQw9L/D1xWPDTPFBBUHzE94nXw/BaNUhMIeXX+xfFDX9PmbOsIEPJ7sPrPQSAuBxlXNwDWPK52O4mN2QIDAQAB”;
//String key = “AIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCg3zWXu+XkV+vuBqvEkyjkuLOLED0NdEq9NKVPfdfOR8VAegsvFfqrq3pd2/2xd/wwpM0ctO+urwN35Bw+3AOi9KVLrFsi9a6xGmiyPZjNxVkz7d9BK6QtWV6fJaaJVu6OAN6dQrJCGFVYTVWe1dKUCfJUBN0gd4MnIdX+mkBJXwIDAQAB”;
Byte[] decrypt_data = XXTEA.DecryptBase64String(oBody, key);
// 解密请求
oSession[x].utilSetRequestBody(System.Text.Encoding.UTF8.GetString(Utilities.GzipExpand(decrypt_data)));

}

public static void OnBeforeRequest(Session oSession)
{
// Sample Rule: Color ASPX requests in RED
// if (oSession.uriContains(".aspx")) { oSession[“ui-color”] = “red”; }

        // Sample Rule: Flag POSTs to fiddler2.com in italics
        // if (oSession.HostnameIs("www.fiddler2.com") && oSession.HTTPMethodIs("POST")) {  oSession["ui-italic"] = "yup";  }

        // Sample Rule: Break requests for URLs containing "/sandbox/"
        // if (oSession.uriContains("/sandbox/")) {
        //     oSession.oFlags["x-breakrequest"] = "yup";   // Existence of the x-breakrequest flag creates a breakpoint; the "yup" value is unimportant.
        // }

        //oSession.oRequest.headers.Add("X-Protection", "block");

if ((null != gs_ReplaceToken) && (oSession.url.IndexOf(gs_ReplaceToken)>-1)) // Case sensitive
{
oSession.url = oSession.url.Replace(gs_ReplaceToken, gs_ReplaceTokenWith);
}

if ((null != gs_OverridenHost) && (oSession.host.ToLower() == gs_OverridenHost))
{
oSession[“x-overridehost”] = gs_OverrideHostWith;
}

if ((null!=bpRequestURI) && oSession.uriContains(bpRequestURI))
{
oSession[“x-breakrequest”]=“uri”;
}

if ((null!=bpMethod) && (oSession.HTTPMethodIs(bpMethod)))
{
oSession[“x-breakrequest”]=“method”;
}

if ((null!=uiBoldURI) && oSession.uriContains(uiBoldURI))
{
oSession[“ui-bold”]=“QuickExec”;
}

if (m_SimulateModem)
{
// Delay sends by 300ms per KB uploaded.
oSession[“request-trickle-delay”] = “3000”;
// Delay receives by 150ms per KB downloaded.
oSession[“response-trickle-delay”] = “1500”;
}

if (m_DisableCaching)
{
oSession.oRequest.headers.Remove(“If-None-Match”);
oSession.oRequest.headers.Remove(“If-Modified-Since”);
oSession.oRequest[“Pragma”] = “no-cache”;
}

        // User-Agent Overrides

if (null != sUA)
{
oSession.oRequest[“User-Agent”] = sUA;
}

if (m_Japanese)
{
oSession.oRequest[“Accept-Language”] = “ja”;
}

if (m_AutoAuth)
{
// Automatically respond to any authentication challenges using the
// current Fiddler user’s credentials. You can change (default)
// to a domain\username:password string if preferred.
//
// WARNING: This setting poses a security risk if remote
// connections are permitted!
oSession[“X-AutoAuth”] = “(default)”;
}

if (m_AlwaysFresh && (oSession.oRequest.headers.Exists(“If-Modified-Since”) || oSession.oRequest.headers.Exists(“If-None-Match”)))
{
oSession.utilCreateResponseAndBypassServer();
oSession.responseCode = 304;
oSession[“ui-backcolor”] = “Lavender”;
}

}

public static bool IsBase64(this string base64String)
{
// Credit: oybek https://stackoverflow.com/users/794764/oybek
if (base64String== null || base64String.Length == 0 || base64String.Length % 4 != 0
|| base64String.Contains(" “) || base64String.Contains(”\t") || base64String.Contains("\r") || base64String.Contains("\n"))
return false;

try{
Convert.FromBase64String(base64String);
return true;
}
catch(Exception exception){
// Handle the exception
}
return false;
}

    // This function is called immediately after a set of request headers has
    // been read from the client. This is typically too early to do much useful
    // work, since the body hasn't yet been read, but sometimes it may be useful.
    //
    // For instance, see 
    // http://blogs.msdn.com/b/fiddler/archive/2011/11/05/http-expect-continue-delays-transmitting-post-bodies-by-up-to-350-milliseconds.aspx
    // for one useful thing you can do with this handler.
    //
    // Note: oSession.requestBodyBytes is not available within this function!
    /*
    public static void OnPeekAtRequestHeaders(Session oSession) 
    {
        string sProc = oSession["x-ProcessInfo"].ToLower();
        if (!sProc.StartsWith("mylowercaseappname")) oSession["ui-hide"] = "NotMyApp";
    }
    */

    //
    // If a given session has response streaming enabled, then the OnBeforeResponse function 
    // is actually called AFTER the response was returned to the client.
    //
    // In contrast, this OnPeekAtResponseHeaders function is called before the response headers are 
    // sent to the client (and before the body is read from the server).  Hence this is an opportune time 
    // to disable streaming (oSession.bBufferResponse = true) if there is something in the response headers 
    // which suggests that tampering with the response body is necessary.
    // 
    // Note: oSession.responseBodyBytes is not available within this function!
    //

public static void OnPeekAtResponseHeaders(Session oSession)
{
//FiddlerApplication.Log.LogFormat(“Session {0}: Response header peek shows status is {1}”, oSession.id, oSession.responseCode);
if (m_DisableCaching)
{
oSession.oResponse.headers.Remove(“Expires”);
oSession.oResponse[“Cache-Control”] = “no-cache”;
}

if ((bpStatus>0) && (oSession.responseCode == bpStatus))
{
oSession[“x-breakresponse”]=“status”;
oSession.bBufferResponse = true;
}

if ((null!=bpResponseURI) && oSession.uriContains(bpResponseURI))
{
oSession[“x-breakresponse”]=“uri”;
oSession.bBufferResponse = true;
}
}

public static void OnBeforeResponse(Session oSession)
{

if (m_Hide304s && oSession.responseCode == 304)
{
oSession[“ui-hide”] = “true”;
}

}

    // This function executes just before Fiddler returns an error that it has 
    // itself generated (e.g. "DNS Lookup failure") to the client application.
    // These responses will not run through the OnBeforeResponse function above.
    /*
    static void OnReturningError(Session oSession)
    {
    }
    */

    // This function executes after Fiddler finishes processing a Session, regardless
    // of whether it succeeded or failed. Note that this typically runs AFTER the last
    // update of the Web Sessions UI listitem, so you must manually refresh the Session's
    // UI if you intend to change it.
    /*
    static void OnDone(Session oSession)
    {
    }
    */

    /*
    public static void OnBoot()
    {
    }
    */

    /*
    public static bool OnBeforeShutdown()
    {
        // Return false to cancel shutdown.
        return ((0 == FiddlerApplication.UI.lvSessions.TotalItemCount()) ||
                (DialogResult.Yes == MessageBox.Show("Allow Fiddler to exit?", "Go Bye-bye?",
                MessageBoxButtons.YesNo, MessageBoxIcon.Question, MessageBoxDefaultButton.Button2)));
    }
    */

    /*
    public static void OnShutdown()
    {
        MessageBox.Show("Fiddler has shutdown");
    }
    */

    /*
    public static void OnAttach() 
    {
        MessageBox.Show("Fiddler is now the system proxy");
    }
    */

    /*
    public static void OnDetach() 
    {
        MessageBox.Show("Fiddler is no longer the system proxy");
    }
    */

    // The Main() function runs everytime your FiddlerScript compiles

public static void Main()
{
string today = DateTime.Now.ToShortTimeString();
FiddlerApplication.UI.SetStatusText(" CustomRules.cs was loaded at: " + today);
FiddlerObject.UI.lvSessions.AddBoundColumn(“ServerIP”, 120, “X-HostIP”);
// Uncomment to add a “Server” column containing the response “Server” header, if present
// FiddlerApplication.UI.lvSessions.AddBoundColumn(“Server”, 50, “@response.server”);

        // Uncomment to add a global hotkey (Win+G) that invokes the ExecAction method below...
        // FiddlerApplication.UI.RegisterCustomHotkey(HotkeyModifiers.Windows, Keys.G, "screenshot"); 
    }

    // These static variables are used for simple breakpointing & other QuickExec rules

[BindPref(“fiddlerscript.ephemeral.bpRequestURI”)]
public static string bpRequestURI = null;

[BindPref(“fiddlerscript.ephemeral.bpResponseURI”)]
public static string bpResponseURI = null;

[BindPref(“fiddlerscript.ephemeral.bpMethod”)]
public static string bpMethod = null;

static int bpStatus = -1;
static string uiBoldURI = null;
static string gs_ReplaceToken = null;
static string gs_ReplaceTokenWith = null;
static string gs_OverridenHost = null;
static string gs_OverrideHostWith = null;

    // The OnExecAction function is called by either the QuickExec box in the Fiddler window,
    // or by the ExecAction.exe command line utility.

public static bool OnExecAction(string[] sParams)
{
FiddlerApplication.UI.SetStatusText("ExecAction: " + sParams[0]);
string sAction = sParams[0].ToLower();
switch (sAction)
{
case “bold”:
if (sParams.Length<2) {uiBoldURI=null; FiddlerApplication.UI.SetStatusText(“Bolding cleared”); return false;}
uiBoldURI = sParams[1]; FiddlerApplication.UI.SetStatusText("Bolding requests for " + uiBoldURI);
return true;
case “bp”:
MessageBox.Show(“bpu = breakpoint request for uri\nbpm = breakpoint request method\nbps=breakpoint response status\nbpafter = breakpoint response for URI”);
return true;
case “bps”:
if (sParams.Length<2) {bpStatus=-1; FiddlerApplication.UI.SetStatusText(“Response Status breakpoint cleared”); return false;}
bpStatus = Int32.Parse(sParams[1]); FiddlerApplication.UI.SetStatusText("Response status breakpoint for " + sParams[1]);
return true;
case “bpv”:
case “bpm”:
if (sParams.Length<2) {bpMethod=null; FiddlerApplication.UI.SetStatusText(“Request Method breakpoint cleared”); return false;}
bpMethod = sParams[1].ToUpper(); FiddlerApplication.UI.SetStatusText("Request Method breakpoint for " + bpMethod);
return true;
case “bpu”:
if (sParams.Length<2) {bpRequestURI=null; FiddlerApplication.UI.SetStatusText(“RequestURI breakpoint cleared”); return false;}
bpRequestURI = sParams[1];
FiddlerApplication.UI.SetStatusText("RequestURI breakpoint for "+sParams[1]);
return true;
case “bpa”:
case “bpafter”:
if (sParams.Length<2) {bpResponseURI=null; FiddlerApplication.UI.SetStatusText(“ResponseURI breakpoint cleared”); return false;}
bpResponseURI = sParams[1];
FiddlerApplication.UI.SetStatusText("ResponseURI breakpoint for “+sParams[1]);
return true;
case “overridehost”:
if (sParams.Length<3) {gs_OverridenHost=null; FiddlerApplication.UI.SetStatusText(“Host Override cleared”); return false;}
gs_OverridenHost = sParams[1].ToLower();
gs_OverrideHostWith = sParams[2];
FiddlerApplication.UI.SetStatusText(“Connecting to [” + gs_OverrideHostWith + “] for requests to [” + gs_OverridenHost + “]”);
return true;
case “urlreplace”:
if (sParams.Length<3) {gs_ReplaceToken=null; FiddlerApplication.UI.SetStatusText(“URL Replacement cleared”); return false;}
gs_ReplaceToken = sParams[1];
gs_ReplaceTokenWith = sParams[2].Replace(” ", “%20”); // Simple helper
FiddlerApplication.UI.SetStatusText(“Replacing [” + gs_ReplaceToken + “] in URIs with [” + gs_ReplaceTokenWith + “]”);
return true;
case “allbut”:
case “keeponly”:
if (sParams.Length<2) { FiddlerApplication.UI.SetStatusText(“Please specify Content-Type to retain during wipe.”); return false;}
FiddlerApplication.UI.actSelectSessionsWithResponseHeaderValue(“Content-Type”, sParams[1]);
FiddlerApplication.UI.actRemoveUnselectedSessions();
FiddlerApplication.UI.lvSessions.SelectedItems.Clear();
FiddlerApplication.UI.SetStatusText("Removed all but Content-Type: " + sParams[1]);
return true;
case “stop”:
FiddlerApplication.UI.actDetachProxy();
return true;
case “start”:
FiddlerApplication.UI.actAttachProxy();
return true;
case “cls”:
case “clear”:
FiddlerApplication.UI.actRemoveAllSessions();
return true;
case “g”:
case “go”:
FiddlerApplication.UI.actResumeAllSessions();
return true;
case “goto”:
if (sParams.Length != 2) return false;
Utilities.LaunchHyperlink(“http://www.google.com/search?hl=en&btnI=I%27m+Feeling+Lucky&q=” + Utilities.UrlEncode(sParams[1]));
return true;
case “help”:
Utilities.LaunchHyperlink(“http://fiddler2.com/r/?quickexec”);
return true;
case “hide”:
FiddlerApplication.UI.actMinimizeToTray();
return true;
case “log”:
FiddlerApplication.Log.LogString((sParams.Length<2) ? “User couldn’t think of anything to say…” : sParams[1]);
return true;
case “nuke”:
FiddlerApplication.UI.actClearWinINETCache();
FiddlerApplication.UI.actClearWinINETCookies();
return true;
case “screenshot”:
FiddlerApplication.UI.actCaptureScreenshot(false);
return true;
case “show”:
FiddlerApplication.UI.actRestoreWindow();
return true;
case “tail”:
if (sParams.Length<2) { FiddlerApplication.UI.SetStatusText(“Please specify # of sessions to trim the session list to.”); return false;}
FiddlerApplication.UI.TrimSessionList(int.Parse(sParams[1]));
return true;
case “quit”:
FiddlerApplication.UI.actExit();
return true;
case “dump”:
FiddlerApplication.UI.actSelectAll();
FiddlerApplication.UI.actSaveSessionsToZip(CONFIG.GetPath(“Captures”) + “dump.saz”);
FiddlerApplication.UI.actRemoveAllSessions();
FiddlerApplication.UI.SetStatusText("Dumped all sessions to " + CONFIG.GetPath(“Captures”) + “dump.saz”);
return true;

default:
    if (sAction.StartsWith("http") || sAction.StartsWith("www"))
    {
        System.Diagnostics.Process.Start(sParams[0]);
        return true;
    }
    else
    {
        FiddlerApplication.UI.SetStatusText("Requested ExecAction: '" + sAction + "' not found. Type HELP to learn more.");
        return false;
    }

}
}
}

public sealed class XXTEA {
private static readonly UTF8Encoding utf8 = new UTF8Encoding();

private const UInt32 delta = 0x9E3779B9;

private static UInt32 MX(UInt32 sum, UInt32 y, UInt32 z, Int32 p, UInt32 e, UInt32[] k) {
return (z >> 5 ^ y << 2) + (y >> 3 ^ z << 4) ^ (sum ^ y) + (k[p & 3 ^ e] ^ z);
}

private XXTEA() {
}

public static Byte[] Encrypt(Byte[] data, Byte[] key) {
if (data.Length == 0) {
return data;
}
return ToByteArray(Encrypt(ToUInt32Array(data, true), ToUInt32Array(FixKey(key), false)), false);
}

public static Byte[] Encrypt(String data, Byte[] key) {
return Encrypt(utf8.GetBytes(data), key);
}

public static Byte[] Encrypt(Byte[] data, String key) {
return Encrypt(data, utf8.GetBytes(key));
}

public static Byte[] Encrypt(String data, String key) {
return Encrypt(utf8.GetBytes(data), utf8.GetBytes(key));
}

public static String EncryptToBase64String(Byte[] data, Byte[] key) {
return Convert.ToBase64String(Encrypt(data, key));
}

public static String EncryptToBase64String(String data, Byte[] key) {
return Convert.ToBase64String(Encrypt(data, key));
}

public static String EncryptToBase64String(Byte[] data, String key) {
return Convert.ToBase64String(Encrypt(data, key));
}

public static String EncryptToBase64String(String data, String key) {
return Convert.ToBase64String(Encrypt(data, key));
}

public static Byte[] Decrypt(Byte[] data, Byte[] key) {
if (data.Length == 0) {
return data;
}
return ToByteArray(Decrypt(ToUInt32Array(data, false), ToUInt32Array(FixKey(key), false)), true);
}

public static Byte[] Decrypt(Byte[] data, String key) {
return Decrypt(data, utf8.GetBytes(key));
}

public static Byte[] DecryptBase64String(String data, Byte[] key) {
return Decrypt(Convert.FromBase64String(data), key);
}

public static Byte[] DecryptBase64String(String data, String key) {
return Decrypt(Convert.FromBase64String(data), key);
}

public static String DecryptToString(Byte[] data, Byte[] key) {
return utf8.GetString(Decrypt(data, key));
}

public static String DecryptToString(Byte[] data, String key) {
return utf8.GetString(Decrypt(data, key));
}

public static String DecryptBase64StringToString(String data, Byte[] key) {
return utf8.GetString(DecryptBase64String(data, key));
}

public static String DecryptBase64StringToString(String data, String key) {
return utf8.GetString(DecryptBase64String(data, key));
}

private static UInt32[] Encrypt(UInt32[] v, UInt32[] k) {
Int32 n = v.Length - 1;
if (n < 1) {
return v;
}
UInt32 z = v[n], y, sum = 0, e;
Int32 p, q = 6 + 52 / (n + 1);
unchecked {
while (0 < q–) {
sum += delta;
e = sum >> 2 & 3;
for (p = 0; p < n; p++) {
y = v[p + 1];
z = v[p] += MX(sum, y, z, p, e, k);
}
y = v[0];
z = v[n] += MX(sum, y, z, p, e, k);
}
}
return v;
}

private static UInt32[] Decrypt(UInt32[] v, UInt32[] k) {
Int32 n = v.Length - 1;
if (n < 1) {
return v;
}
UInt32 z, y = v[0], sum, e;
Int32 p, q = 6 + 52 / (n + 1);
unchecked {
sum = (UInt32)(q * delta);
while (sum != 0) {
e = sum >> 2 & 3;
for (p = n; p > 0; p–) {
z = v[p - 1];
y = v[p] -= MX(sum, y, z, p, e, k);
}
z = v[n];
y = v[0] -= MX(sum, y, z, p, e, k);
sum -= delta;
}
}
return v;
}

private static Byte[] FixKey(Byte[] key) {
if (key.Length == 16) return key;
Byte[] fixedkey = new Byte[16];
if (key.Length < 16) {
key.CopyTo(fixedkey, 0);
}
else {
Array.Copy(key, 0, fixedkey, 0, 16);
}
return fixedkey;
}

private static UInt32[] ToUInt32Array(Byte[] data, Boolean includeLength) {
Int32 length = data.Length;
Int32 n = (((length & 3) == 0) ? (length >> 2) : ((length >> 2) + 1));
UInt32[] result;
if (includeLength) {
result = new UInt32[n + 1];
result[n] = (UInt32)length;
}
else {
result = new UInt32[n];
}
for (Int32 i = 0; i < length; i++) {
result[i >> 2] |= (UInt32)data[i] << ((i & 3) << 3);
}
return result;
}

private static Byte[] ToByteArray(UInt32[] data, Boolean includeLength) {
Int32 n = data.Length << 2;
if (includeLength) {
Int32 m = (Int32)data[data.Length - 1];
n -= 4;
if ((m < n - 3) || (m > n)) {
return null;
}
n = m;
}
Byte[] result = new Byte[n];
for (Int32 i = 0; i < n; i++) {
result[i] = (Byte)(data[i >> 2] >> ((i & 3) << 3));
}
return result;
}
}
}