Unable to capture the mobile app request

Amankumar

unread,

May 4, 2020, 4:58:45 AM5/4/20

to Fiddler

Hi Team,

while capturing the request from fiddler getting the message as following--

A SSLv3-compatible ClientHello handshake was found. Fiddler extracted the parameters below.

Version: 3.3 (TLS/1.2)

Random: A9 56 49 4F 95 2A 98 57 8D 47 9D DE 5C F3 EA 84 37 25 AF 6A 8C 5D 78 A1 35 E6 93 54 7B 42 D4 66

"Time": 26-02-2012 03:16:17

SessionID: 77 A7 B4 9F 74 C9 14 27 21 0A 94 0C CB 8D 3F 75 88 6B 82 1D 8C E7 D7 5E B8 97 1D 0D 12 E9 43 91

Extensions:

server_name stage.******.com

extended_master_secret empty

renegotiation_info 00

supported_groups x25519 [0x1d], secp256r1 [0x17], secp384r1 [0x18]

ec_point_formats uncompressed [0x0]

SessionTicket empty

ALPN h2, http/1.1

status_request OCSP - Implicit Responder

signature_algs ecdsa_secp256r1_sha256, rsa_pss_rsae_sha256, rsa_pkcs1_sha256, ecdsa_secp384r1_sha384, rsa_pss_rsae_sha384, rsa_pkcs1_sha384, rsa_pss_rsae_sha512, rsa_pkcs1_sha512, rsa_pkcs1_sha1

key_share 00 24 00 1D 00 20 DE 67 84 57 1C 2E 34 D9 0D 84 ED 74 53 4E AF 8C BB 55 C6 63 25 9E AB D1 91 2C 68 5D DE 40 F5 48

psk_key_exchange_modes 01 01

supported_versions Tls1.3, Tls1.2, Tls1.1

padding 232 null bytes

Ciphers:

[1301] TLS_AES_128_GCM_SHA256

[1302] TLS_AES_256_GCM_SHA384

[1303] TLS_CHACHA20_POLY1305_SHA256

[C02B] TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

[C02C] TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384

[CCA9] TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256

[C02F] TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

[C030] TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

[CCA8] TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256

[C013] TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

[C014] TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

I am using fiddler 4.

fiddlerreq.PNG

Marco Fontana

unread,

Feb 26, 2021, 5:52:31 AM2/26/21

to Fiddler

Hello, we have the same problem. Some apps which we are trying to analyze give us those errors for their domains.

nepr...@gmail.com

unread,

Feb 27, 2021, 10:02:54 PM2/27/21

to Fiddler

You must install your selfmade cert into the system at "system/etc/security/cacerts"

https://www.mcafee.com/enterprise/en-us/assets/misc/ms-android-7-10-ssl-pinning-bypass.pdf

пятница, 26 февраля 2021 г. в 16:52:31 UTC+6, king...@gmail.com:

Reply all

Reply to author

Forward