Fiddler is a free web debugging proxy for any browser, system or platform. Fiddler can be run as a Windows Service using FireDaemon Pro, which allows you to have the script start automatically at boot prior to login, start multiple instances of the script and more. This HOWTO will show you how to set it up. You can also use FireDaemon Fusion to manage FireDaemon and other Windows services via a web browser.
NOTE: Fiddler does not currently have the ability to automatically save traffic logs so when the service is stopped or restarted any traffic logs are lost. The only way around this is to create a script that will force Fiddler to open up a save dialog when Fiddler is closed. There is one major caveat to this: the save dialog needs user intervention to set the file name. More information about this script can be found at the end of this HOWTO.
Fiddler Setup Under FireDaemon Pro
Download the latest Fiddler Installer from the official Fiddler website. If you are using Windows 8.1 or later, then download the .NET 4 version of Fiddler. If you are using Windows 7, Windows 2008 or earlier, then download the .NET 2 version of Fiddler. If you don't already have .NET installed on your computer, download .NET from the Microsoft website here.
Install the .NET version for Windows if you haven't already, and then install Fiddler. By default Fiddler installs to C:\Program Files (x86)\Fiddler2.
Run Fiddler at least once to change any settings. In particular, go to the Fiddler Options page (Tools Menu->Fiddler Options) and do the following:
- On the General tab: uncheck "Check for updates on startup" and uncheck "Show a message when HTTP protocol violations are encountered"
- On the Appearance tab: make sure "Always show tray icon" is unchecked.
- In the main window next to the "Decode" button, set All Sessions to one of the other settings. Otherwise, Fiddler will use massive amounts of memory.
Start the web browser you intend to use and check that the Fiddler addon is active and enabled. You may have to install the add-on first.
Download and install FireDaemon Pro into the directory of your choice, typically C:\Program Files\FireDaemon.
Next, start the FireDaemon GUI from the desktop shortcut. Click on the "Create a new service definition" button in the toolbar (or type Ctrl+N) and enter the information into the fields as you see below. Adjust the paths to suit your installation.
- Executable: The path to your fiddler.exe file. The default path is C:\Program Files (x86)\Fiddler2\fiddler.exe.
- Working Directory: The directory containing your fiddler.exe file. The default path is C:\Program Files (x86)\Fiddler2.
- Parameters: None. Leave this field blank.
Now click on the Settings tab. You must leave "Interact with Desktop" checked & select "Show" from the "Show Window" dropdown (or else you will not be able to save traffic logs). You must set the job type to "Global" so that child processes are terminated properly when the service is stopped or restarted. You must run Fiddler as the user you installed it as. In the Logon Account field type your username (e.g. Administrator) and then enter the user's password twice in the Password and Confirm fields. You can change the Process Priority to allocate more CPU time to Fiddler or specify which CPU or core Fiddler will run on (in the case of multi-processor, hyperthreaded or multi-core CPUs).
Now click on the Lifecycle tab. Check "Graceful Shutdown" as it is critical to give the application enough time to save the traffic logs. Also set "Maximum Shutdown Delay" to something high like 300000. Before stopping the service or restarting it, you must switch to its desktop to save the traffic logs. If you don't do this, they will be lost forever.
Now click on the OK button to install and start Fiddler!
Saving Fiddler's Traffic Log Before Closing
Neelay Shah over at the Open Security Research blog discovered a way to make Fiddler ask you to save the traffic log before closing:
.. the great thing about Fiddler is that it is extremely extensible and so I customized the existing Fiddler rules so that the user is prompted to save the session when Fiddler is closed.
Before we get into the details of the customized rule let’s spend a few minutes understanding how Fiddler’s “Load Archive” and “Save” features work –Now let’s look at the rule modifications that will cause Fiddler to allow the user to save sessions when Fiddler is closed. I have tested this with Fiddler v2.3.9.3. I recommend installing the Syntax Highlighting extension before attempting to modify the FiddlerScript Rules. Once you install the Syntax Highlighting extension, launch Fiddler and you should see a new tab “FiddlerScript” (between the Composer and the Filters tab). Click the “FiddlerScript” tab and that should open the Rules file. Then you can add the following code appropriately and click “Save Script”.
- Fiddler does not have an “auto save” feature and as such if you do not explicitly save the session(s) then your session(s) are lost as soon as Fiddler is closed.
- The “Save” functionality saves the captured sessions as a snapshot in time. So, if you explicitly save a Fiddler session, continue browsing the web application (being proxy'ed through Fiddler) and then exit Fiddler (without saving) all the new sessions that were captured after the previous “Save” operation are lost.
- The “Load Archive” functionality loads and appends the user selected session archive to the already open and existing capture. Now if the “Save” operation is invoked then the current capture plus the existing session archive (that was loaded) is saved as a new session archive.
You will most likely already have an OnShutdown() function in which case simply add the following code to the beginning of the OnShutdown() functionstatic function OnShutdown() {Once you add this code and save the Script Rules, the rule will be in effect and Fiddler will start using the same. Now when you close Fiddler, it should prompt you to save the capture. The behavior of this “Save on Exit” prompt is as follows -
// MessageBox.Show("Fiddler has shutdown");
var exitPromptResult: DialogResult;
exitPromptResult = MessageBox.Show("Do you want to save this session before Fiddler exits?", "Save on Exit", MessageBoxButtons.YesNo, MessageBoxIcon.Warning, MessageBoxDefaultButton.Button1);
if (DialogResult.Yes != exitPromptResult)
{
//The user does not want to save the capture so proceed to exit
return;
}
//The user selected Yes - Allow the user to save the capture
FiddlerApplication.UI.actSelectAll();
FiddlerApplication.UI.actSaveSessionsToZip();
}
- If you select “No” then the capture will not be saved and Fiddler will exit
- If you select “Yes” however select “Cancel” on the ensuing “Save Session Archive to…” dialog then the capture will not be saved and Fiddler will exit
- If you select “Yes” and enter an appropriate archive name and select “Save” on the ensuing “Save Session Archive to…” dialog then the capture will be saved to the appropriate archive.