ASP.NET Development Server with Fiddler

by Administrator 11. September 2010 04:11

The ASP.NET Development Server, which is used when developing websites with Visual Studio without IIS running only accepts localhost connections which prevents Fiddler from being able to intercept the traffic. The good news is, that fiddler offers a way to get to such traffic using the url http://ipv4.fiddler:<port> (or ipv6).

Check out this post for more information about hooking up with fiddler (funny wording btw. :P)

Tags: , ,

ASP.NET

XapDump v1.1

by Administrator 31. Mai 2010 13:25

Ok, there was some stuff important enough to pack a new release:

  • Bug fixed, when extracting files in subfolders (either via copy&paste or Reflector)
  • Fixed a display bug with filtering
  • Added the option to select a reflector directory. If the executable is not found at %PROGRAMFILES%\Reflector, a browse dialog opens to select the executable.

Tags: , ,

My Stuff

Fiddler & The new Domain

by Administrator 8. März 2010 13:22

After changing our domain at work, Fiddler was not able to intercept any more SSL traffic. When accessing the local development box via SSL an error occured stating, that the certificate could not be created.

When intercepting SSL traffic, fiddler creates a self-signed  root certificate and uses this one to issue certificates to the site you are navigating to. Since the root certificate is issued to the computer fiddler runs on, it makes a difference when that computer changes the domain. Fiddler uses the makecert.exe utility from the windows sdk to generate it's certificates. Launching this one with the same arguments (I used Process Monitor to find the exact invocation) showed the following error:

Can't create the key of the subject ('JoeSoft')

It seems we were not the first one experiencing the problem. Some articles suggested to delete specific files from the crypto storage, however all this did not help me. In the end I found this article that suggested that the root cause of the problem is a lack of permission and that manually importing the certificate would do the job, so I created the self signed certificate in another location and then manually imported. These are the exact steps:

  • Remove all Certificates signed by the fiddler root and the fiddler root itself from your current user's certificate store using the mmc certfificate snapin.
  • Open a command prompt and navigate to the fiddler directory (e.g. c:\program files\fiddler2), execute the following commandline:
    MakeCert.exe -ss my -n "CN=DO_NOT_TRUST_FiddlerRoot, O=DO_NOT_TRUST, OU=Created by http://www.fiddler2.com" -eku 1.3.6.1.5.5.7.3.1 -r -cy authority -a sha1 -sr LocalMachine
  • This creates a root certificate for fiddler, however in a different location than fiddler would to it.
  • Open your mmc certificate snapin, connect to your Local Computer and navigate to Personal -> Certificates.
  • Export the DO_NOT_TRUST_FiddlerRoot certificate to disk (that is the certficate you created two steps before), use Pcks#7 as a format.
  • Open the mmc certificate snapin for the current user and import the exported certificate to Personal -> Certificates and Trusted Root Certification Authorities -> Certficates.
  • Restart fiddler

The interesting question here is, what changed the permissions since I originally installed fiddler and everything worked for over a year. Perhaps something changed during the migration process, perhaps even before. Who knows.

 

Tags: , ,

Injecting Code into Silverlight Applications

by Administrator 20. September 2009 14:28

I added an article about how to inject code into Silverlight applications.

Enjoy.

Tags: , , , ,

Projects

About the author

for comments and suggestions contact:

 

Month List