20
Debugging proxy tuning for fun and profit By Peter Volkov

4.2. Web analyst fiddler

Tags:

Embed Size (px)

Citation preview

Page 1: 4.2. Web analyst fiddler

Debugging proxy tuning for fun and profit

By Peter Volkov

Page 2: 4.2. Web analyst fiddler

Still using wireshark for HTTP debugging/analysis?

Page 3: 4.2. Web analyst fiddler

Use appropriate tools!

Page 4: 4.2. Web analyst fiddler

JScript based scripting engine

Page 5: 4.2. Web analyst fiddler

Fiddler script basics

Page 6: 4.2. Web analyst fiddler

My favorite use case:Where did this @$%^ came from?

Easy case:

Page 7: 4.2. Web analyst fiddler

But what if plaintext search doesn’t help?

Inspect all these 60+ js from 10+ hosts manually?

Page 8: 4.2. Web analyst fiddler

Breakpoints!

Page 9: 4.2. Web analyst fiddler

Breakpoints!

Page 10: 4.2. Web analyst fiddler

Fiddler script basics

Page 11: 4.2. Web analyst fiddler

Fiddler script basics

Page 12: 4.2. Web analyst fiddler
Page 13: 4.2. Web analyst fiddler
Page 14: 4.2. Web analyst fiddler

Go get some exploit kits regexps onhttp://www.malwaresigs.com/

Page 15: 4.2. Web analyst fiddler

Dyndns, .in, .cn, etc

http://mirror1.malwaredomains.com/files/dynamic_dns.txt

Page 16: 4.2. Web analyst fiddler
Page 17: 4.2. Web analyst fiddler
Page 18: 4.2. Web analyst fiddler

Setting referrer

Disabling HTTP cookies

Page 19: 4.2. Web analyst fiddler

Download ‘em all!

Page 20: 4.2. Web analyst fiddler

The end.


Fiddler Presentation

Fiddler Presentation

Documents
Fiddler on the Roof 3

Fiddler on the Roof 3

Documents
Fiddler Playbill - WISE SCHOOL

Fiddler Playbill - WISE SCHOOL

Documents
Johnny the Fiddler¿?

Johnny the Fiddler¿?

Documents
Fiddler on the Roof (1983)

Fiddler on the Roof (1983)

Documents
Advanced Web Debugging with Fiddler

Advanced Web Debugging with Fiddler

Technology
The Klezmer Fiddler

The Klezmer Fiddler

Documents
Fiddler study guide - KS Blogsblogs.ksbe.edu/erstack/files/2014/09/Fiddler-study-guide.pdf · The musical director re-works the musical score ... shaky as a fiddler on the roof."

Fiddler study guide - KS Blogsblogs.ksbe.edu/erstack/files/2014/09/Fiddler-study-guide.pdf · The musical director re-works the musical score ... shaky as a fiddler on the roof."

Documents
Backdrop Recommendations List for the staging of Fiddler ...schellscenic.com/rentals/backdrops/Plays/Fiddler.pdf · Fiddler on the Roof Fiddler on the Roof Scenic Backdrop # Act I

Backdrop Recommendations List for the staging of Fiddler ...schellscenic.com/rentals/backdrops/Plays/Fiddler.pdf · Fiddler on the Roof Fiddler on the Roof Scenic Backdrop # Act I

Documents
Fiddler on the Roof 2

Fiddler on the Roof 2

Documents
BAREFOOT FIDDLER - InstantEncoredata.instantencore.com/pdf/1002018/ACO-105+Fiddler+-+IPHONE.pdf · BAREFOOT FIDDLER PATRICIA KOPATCHINSKAJA Guest Director and Lead Violin Th e Australian

BAREFOOT FIDDLER - InstantEncoredata.instantencore.com/pdf/1002018/ACO-105+Fiddler+-+IPHONE.pdf · BAREFOOT FIDDLER PATRICIA KOPATCHINSKAJA Guest Director and Lead Violin Th e Australian

Documents
Fiddler Roofing Products

Fiddler Roofing Products

Services
Fiddler with Watcher: Passive Connect security auditor · miliar with Fiddler, ... set breakpoints, and “fiddle” with incoming or outgoing data. As a Fiddler enhancement,

Fiddler with Watcher: Passive Connect security auditor · miliar with Fiddler, ... set breakpoints, and “fiddle” with incoming or outgoing data. As a Fiddler enhancement,

Documents
Firebug & Fiddler: Development Tools for the WebFirebug & Fiddler: Development Tools for the Web •Tools help develop, test, and debug •Fiddler and Firebug are powerful –Fiddler

Firebug & Fiddler: Development Tools for the WebFirebug & Fiddler: Development Tools for the Web •Tools help develop, test, and debug •Fiddler and Firebug are powerful –Fiddler

Documents
Lundecocks Fiddler On The RoofLundecocks Fiddler On The Roof · 1 Photo- Marcella Koenen Lundecocks Fiddler On The RoofLundecocks Fiddler On The Roof 2008 Nr. 2

Lundecocks Fiddler On The RoofLundecocks Fiddler On The Roof · 1 Photo- Marcella Koenen Lundecocks Fiddler On The RoofLundecocks Fiddler On The Roof 2008 Nr. 2

Documents
Fiddler Intro

Fiddler Intro

Documents
Policy brief fiddler v1

Policy brief fiddler v1

Documents
Fiddler co.. Ltd. e, 9. presents FIDDLER ON THE ROOF Base

Fiddler co.. Ltd. e, 9. presents FIDDLER ON THE ROOF Base

Documents
Fiddler Crabs

Fiddler Crabs

Documents
Fiddler on the Roof.indd

Fiddler on the Roof.indd

Documents
Fiddler & GeoEdge

Fiddler & GeoEdge

Documents
Fiddler web testing tool

Fiddler web testing tool

Documents
Fiddler on the Roof Rehearsal - svct.org · Fiddler on the Roof Rehearsal . Morgan Hill Times | Lora Schraft/Chief Photographer . Esteban Zapiain, playing the role of the fiddler,

Fiddler on the Roof Rehearsal - svct.org · Fiddler on the Roof Rehearsal . Morgan Hill Times | Lora Schraft/Chief Photographer . Esteban Zapiain, playing the role of the fiddler,

Documents
Fiddler Web debugger

Fiddler Web debugger

Technology
Debugging with Fiddler

Debugging with Fiddler

Technology
Fiddler on the Roof program

Fiddler on the Roof program

Documents
sample PDF - Debugging with Fiddler: The official ... · PDF filee_lawrence@hotmail.com @ericlaw on Twitter . ACKNOWLEDGEMENTS This book, and Fiddler itself, ... Debugging with Fiddler

sample PDF - Debugging with Fiddler: The official ... · PDF [email protected] @ericlaw on Twitter . ACKNOWLEDGEMENTS This book, and Fiddler itself, ... Debugging with Fiddler

Documents
Fiddler Callbacks

Fiddler Callbacks

Entertainment & Humor
Debugging with Fiddler - Fiddler Web Debugger - A free web

Debugging with Fiddler - Fiddler Web Debugger - A free web

Documents
Fiddler crabs - biology-assets.anu.edu.au PDFS... · Fiddler crabs Jochen Zeil1, Jan M. Hemmi1 and Patricia R.Y. Backwell2 What are fiddler crabs? Fiddler crabs belong to the genus

Fiddler crabs - biology-assets.anu.edu.au PDFS... · Fiddler crabs Jochen Zeil1, Jan M. Hemmi1 and Patricia R.Y. Backwell2 What are fiddler crabs? Fiddler crabs belong to the genus

Documents