[.NET]Fiddler Core实现HTTP HTTPS抓包分析 数据篡改 全局监听
2020-04-29 07:37
1636 查看
附C# VB.NET互转工具 https://download.csdn.net/download/xxxvxxv/10877188
附FiddlerCore4.dll
https://download.csdn.net/download/xxxvxxv/10877493
Imports System.Text Imports Fiddler Imports System.Threading ''' <summary> ''' 全局侦听HTTP HTTPS事件 ''' </summary> ''' <remark> ''' 需要下载Fiddler core https://www.telerik.com/purchase/fiddlercore ''' 引用 FiddlerCore4.dll ''' https://blog.csdn.net/ruxie8527/article/details/77880133 ''' https://blog.csdn.net/zhang116868/article/details/49406599 ''' 包括三个方法,每个过程均可搞点事情 ''' BeforeRequest 可以篡改请求的参数 如截获请求Cookie ''' BeforeResponse 可以篡改返回的数据 ''' AfterSessionComplete 相当于抓包分析 ''' </remark> Class C_Fiddler Friend FidderStatus As Boolean ' Fiddler开关状态-只读 Friend RTBox As New RichTextBox ' 输出的RichTextbox 可选 Friend Response As New List(Of String) ' 返回字符串list Private CaptureConfiguration As New CaptureConfig ' 过滤设置 #Region "开关" ''' <summary> ''' 关闭Fiddler 不关闭会提示代理服务器异常 ''' </summary> Public Sub FiddlerClose() RemoveHandler FiddlerApplication.BeforeRequest, AddressOf FiddlerApplication_BeforeRequest RemoveHandler FiddlerApplication.BeforeResponse, AddressOf FiddlerApplication_BeforeResponse RemoveHandler FiddlerApplication.AfterSessionComplete, AddressOf FiddlerApplication_AfterSessionComplete Application.DoEvents() Do If FiddlerApplication.IsStarted() Then FiddlerApplication.Shutdown() FidderStatus = 0 End If Loop While FidderStatus = 1 Echo("已停止") End Sub ''' <summary> ''' 打开监听 ''' </summary> ''' <param name="CaptureUrl">需要监听的url list</param> Public Sub FiddlerOpen(Optional ByVal CaptureUrl As List(Of String) = Nothing) CaptureConfiguration.captureUrl = CaptureUrl 'AddHandler FiddlerApplication.BeforeRequest, AddressOf FiddlerApplication_BeforeRequest 'AddHandler FiddlerApplication.BeforeResponse, AddressOf FiddlerApplication_BeforeResponse AddHandler FiddlerApplication.AfterSessionComplete, AddressOf FiddlerApplication_AfterSessionComplete If FidderStatus = 1 Then FiddlerClose() ' 端口8987(可以自己定义),是否使用windows系统代理(如果为true,系统所有的http访问都会使用该代理) FiddlerApplication.Startup(8987, True, True, True) FidderStatus = 1 Echo("启动成功") End Sub #End Region #Region "内部方法" ''' <summary> ''' 请求之前 篡改发送的数据 ''' </summary> ''' <param name="oS">os中含有需要的信息</param> Private Sub FiddlerApplication_BeforeRequest(oS As Session) If CaptureConfigSet(oS) = False Then Return ' 过滤 Return ' 为了能篡改,必须使用缓冲模式,这样FiddlerCore才允许修改 ' 在BeforeResponse处理程序中的反应,而不是流 Dim oAllSessions As New List(Of Fiddler.Session)() oS.bBufferResponse = True Monitor.Enter(oAllSessions) oAllSessions.Add(oS) Monitor.[Exit](oAllSessions) oS("X-AutoAuth") = "(default)" oS.utilCreateResponseAndBypassServer() oS.oResponse.headers.SetStatus(200, "Ok") Dim Str As String = oS.GetResponseBodyAsString oS.utilSetResponseBody(Str + "aaaaaaaaaaaaaaaaaaaaa") oS.utilCreateResponseAndBypassServer() oS.oResponse.headers.SetStatus(200, "Ok") oS.oResponse("Content-Type") = "text/html; charset=UTF-8" oS.oResponse("Cache-Control") = "private, max-age=0" End Sub ''' <summary> ''' 发送请求后 收到请求前,可以篡改返回的数据 ''' </summary> ''' <param name="oS"></param> Private Sub FiddlerApplication_BeforeResponse(oS As Session) If CaptureConfigSet(oS) = False Then Return ' 过滤 Return ' 返回的数据 oS.GetResponseBodyAsString() ' 执行篡改 ' oS.utilReplaceInResponse("1.欢迎使用!", "aaaaaaaaaaaaaaaaaaaaaa"); ' oS.utilDecodeResponse() End Sub ''' <summary> ''' 请求完成后返回数据 ''' </summary> ''' <param name="oS"></param> Private Sub FiddlerApplication_AfterSessionComplete(oS As Session) If CaptureConfigSet(oS) = False Then Return ' 过滤 Dim reqheaders As String = oS.oRequest.headers.ToString() Dim reqBody As String = Encoding.UTF8.GetString(oS.RequestBody) Dim respHeaders As String = oS.oResponse.headers.ToString() Dim respBody As String = Encoding.UTF8.GetString(oS.ResponseBody) Response = New List(Of String) If reqheaders Is Nothing Then reqheaders = "" If respHeaders Is Nothing Then respHeaders = "" Response.Add(oS.fullUrl & vbCrLf) Response.Add(reqheaders & vbCrLf) Response.Add(respHeaders & vbCrLf) Response.Add(respBody & vbCrLf) ' 打印结果到UI Dim output As String = oS.fullUrl & vbCrLf & vbCrLf & reqheaders & vbCrLf & vbCrLf & respHeaders & vbCrLf & "-----------------------------------" & vbCrLf Echo(output) End Sub #End Region #Region "其他" Private Function CaptureConfigSet(ByVal oS As Session) As Boolean If oS Is Nothing Then Return False If oS.RequestMethod = "CONNECT" Then Return False CaptureConfiguration.IgnoreResources = True ' 忽略图片资源文件 CaptureConfiguration.ProcessId = 0 ' 指定进程ID CaptureConfiguration.CaptureDomain = "" ' 指定HOST If CaptureConfiguration.ProcessId > 0 Then If oS.LocalProcessID <> 0 AndAlso oS.LocalProcessID <> CaptureConfiguration.ProcessId Then Return False End If End If If Not String.IsNullOrEmpty(CaptureConfiguration.CaptureDomain) Then If oS.hostname.ToLower() <> CaptureConfiguration.CaptureDomain.Trim().ToLower() Then Return False End If End If If CaptureConfiguration.IgnoreResources Then Dim url As String = oS.fullUrl.ToLower() ' 排除文件后缀名为。。。的资源文件 Dim extensions As New List(Of String) From {".jpg", ".png", ".jpeg", ".css", ".zip", ".rar", ".7z", ".exe"} For Each ext In extensions If url.Contains(ext) Then Return False Next End If If CaptureConfiguration.captureUrl.Count > 0 Then For Each surl In CaptureConfiguration.captureUrl If surl <> oS.fullUrl Then Return False Else Return True End If Next End If Return True End Function Private Structure CaptureConfig Dim IgnoreResources As Boolean ' 是否忽略图片资源文件 Dim ProcessId As Integer ' 指定进程ID Dim CaptureDomain As String ' 指定HOST Dim captureUrl As List(Of String) ' 指定url End Structure #End Region #Region "UI输出" Public Sub Echo(ByVal ErrorMsg As String) Try RTBox.Invoke(New EventHandler(AddressOf RTref), ErrorMsg) Catch ex As Exception End Try End Sub Private Sub RTref(ByVal sender As System.Object, ByVal e As System.EventArgs) Try If sender.ToString.ToLower.Contains("error") Then RTBox.SelectionColor = Color.Red Else RTBox.SelectionColor = Color.Black End If RTBox.AppendText(sender.ToString & vbCrLf) RTBox.ScrollToCaret() Catch ex As Exception MsgBox(ex.Message, vbInformation) End Try End Sub #End Region End Classxxxvxxv 原创文章 2获赞 1访问量 3226 关注 私信
相关文章推荐
- 用Fiddler2来监听HTTP(记:用skydrive sdk访问时,出错后用Fidder抓包分析)
- 使用Fiddler抓取bilibili安卓客户端口数据并分析(http、https)
- fiddler抓包小技巧之自动保存抓包数据的实现方法分析【可根据需求过滤】
- PHP配合fiddler抓包抓取微信指数小程序数据的实现方法分析
- ios开发防止App被抓包(一句话实现iOS应用底层所有网络请求拦截(如ajax请求拦截),包含http-dns解决方法,有效防止DNS劫持,用于分析http,https请求,禁用/允许代理,防抓包)
- 项目实战 - 使用Fiddler抓取bilibili安卓客户端口数据并分析(http、https)
- 用Fiddler2来监听HTTP(记:用skydrive sdk访问时,出错后用Fidder抓包分析)
- 用Fiddler2来监听HTTP(记:用skydrive sdk访问时,出错后用Fidder抓包分析)
- 【HTTP】Fiddler(二) - 使用Fiddler做抓包分析
- HTTP隧道代理及wireshark抓包分析HTTPS过程
- 利用HttpWebRequest通过POST Json数据在.net后台实现不同平台间的数据传输
- Wireshark抓包分析HTTPS与HTTP报文的差异
- 【HTTP】Fiddler(二) - 使用Fiddler做抓包分析
- 抓包分析HTTP/HTTPS请求,写12306抢票软件
- 【HTTP】Fiddler(二) - 使用Fiddler做抓包分析
- 用Fiddler在Android上抓包(Http+https)
- 使用Fiddler对IPhone手机的应用数据进行抓包分析
- HTTP/HTTPS抓包工具—Fiddler(使用)
- 【HTTP】Fiddler(二) - 使用Fiddler做抓包分析
- Fiddler怎么对IPhone手机的数据进行抓包分析