fiddler trace of hyper-v hosted vm traffic where vm os doesn't support running fiddler within vm
1,428 views
Skip to first unread message
robertob
Sep 3, 2012, 10:44:42 AM9/3/12
to httpf...@googlegroups.com
Has any solution been arrived at for doing fiddler trace of w08r2, win8, ws12 hyper-v hosted vm traffic where the vm operating system doesn't support running fiddler within the vm?
For example any solution in the works that could attach to hyper-v vm virtual switch generated network adapter and proxy + capture all http traffic that happens across it?
robertob
Dec 11, 2012, 3:29:18 PM12/11/12
to httpf...@googlegroups.com
Interesting, if I change fiddler applied wininet proxy settings from 127.0.0.1:8888 to <my host's ipV4 address>:8888 then fiddler tracing of hyper-v vm generated traffic succeeds. Anyone know why that is?
EricLaw
Dec 11, 2012, 6:17:56 PM12/11/12
to httpf...@googlegroups.com
I'm not sure exactly why this works this way, but it sorta makes sense given that the same trick is used for Windows Phone Emulator traffic capture (which is also hyper-v based). I think it's related to some special-casing logic which was done for 127.0.0.1 within the emulator/VM.
robertob
Dec 12, 2012, 9:59:28 PM12/12/12
to httpf...@googlegroups.com
I my case I'm applying this wininet proxy 127.0.0.1:8888 -> <my hosts ipv4 address:8888> change to enable fiddler tracing of the hyper-v hosted wp8 emulator vm traffic. Seemed really odd that this works since I don't understand how my desktop browser proxy settings have anything to do with hooking traffic going across vm's virtual switch network adapter. Whatever is going on i'm glad it works because being able to fiddler trace traffic coming from wp8 emulator is a common requirement.
robertob
Dec 13, 2012, 12:01:34 PM12/13/12
to httpf...@googlegroups.com
I'm guessing what is going on here in case of hyper-v vm hosted wp8 emulator is the wp8 emulator image has some special behavior where it uses desktop browser proxy settings for its local system level proxy settings. Therefore when you change the fiddler wininet proxy settings to use the ipv4 address of your localhost it then causes phone emulator to send everything through localhost fiddler proxy. This is similar to how guidance was provided for enabling a usb+zune tethered physical wp7 device to have its traffic flow through your localhost fiddler proxy instance.
That being the case can we get a fiddler vNext option that tells it to use my host's ipV4 address when enabling wininet proxy settings when you hit f12 so that you don't have to constantly manually configure this change in between every f12 capture session?
EricLaw
Dec 13, 2012, 3:06:04 PM12/13/12
to httpf...@googlegroups.com
Does it only work with the IP, or does it work with the hostname of the host? If it works with the hostname (or if the host's IP is relatively stable) simply use the following command in QuickExec...
prefs set fiddler.network.proxy.RegistrationHostName hostOrIPAddress
...and restart Fiddler.
robertob
Dec 13, 2012, 3:51:13 PM12/13/12
to httpf...@googlegroups.com
Apparently every time the wp8 emulator starts it checks the proxy settings on the host machine, and copies them over so that explains why using a host resolvable address vs the loopback address enables fiddler tracing of the hyper-v hosted wp8 emulator vm.
It also means an emulator restart is necessary to enable/disable the setting unless there is a way to navigate somewhere in the phone emulator UI to enable/disable the setting yourself manually.
Also for domain joined dev wks where IPsec policy is in place you need an IPsec policy exclusion as the emulator can't do IPsec connection negotiation.
I tested the command you provided for automating fiddler wininet proxy settings and it works with ipV4 address and i'm told should work using hostname but i'd bet the hostname would have to be fully qualified domain name.
Message has been deleted
Message has been deleted
Message has been deleted
Message has been deleted
Alan
Feb 19, 2013, 6:52:57 PM2/19/13
to httpf...@googlegroups.com
Hi,
Wonder if this still work on the latest WP8 emulator?
I notice the site said "Update: These steps also work in Windows Phone 8's emulator as of 10/31/2012"
I was able to get this to work in Selfhost device through the ZFiddlerClient program by using "Switch to local mode"
But I wasn't able to get it to work on a production device relying on the Proxy settings in IE.
I have a IPSec exclusion on a computer A.
My emulator is hosted on Computer B.
Computer A is able to see traffics from Computer B's desktop IE.
Computer A cannot see the traffics from Computer B's emulators even after restart of emulators.
Computer A have been used to capture actual device traffic so there shouldn't be a problem with IPSec.
Thanks,
Alan
EricLaw
Feb 20, 2013, 10:42:58 AM2/20/13
to
I don't think I understand the question. Why aren't you simply running Fiddler on Computer B? How specifically did you configure the proxy settings? What's a ZFiddlerClient?
Message has been deleted
robertob
Feb 20, 2013, 1:03:31 PM2/20/13
to httpf...@googlegroups.com
The following are my current notes on use of fiddler for wp8 emulator hosted apps, and win8 apps, created largely from responses provided to past questions posted in this forum. I used them just last week to successfully capture wp8 emulator traffic on my win8 x64 dev wks setup.
1. to enable https capture use fiddler | tools | fiddler options | https | capture https connects + decrypt https traffic [ ...from all processes ] + ignore server certificate
+ install fiddler root certificate on client or emulator that is initiating https connects, i.e. http://hostIpV4orFqdnOrNbn:8888/FiddlerRoot.cer
note - the fiddler root certificate is unique to each fiddler install and changes anytime you disable and re-enable tools | fiddler options | https | capture https connects
+ install fiddler root certificate on client or emulator that is initiating https connects, i.e. http://hostIpV4orFqdnOrNbn:8888/FiddlerRoot.cer
note - the fiddler root certificate is unique to each fiddler install and changes anytime you disable and re-enable tools | fiddler options | https | capture https connects
2. a) to capture sessions not involving forms based authN nothing special is required, see http://social.technet.microsoft.com/wiki/contents/articles/3286.aspx
b) to capture sessions involving negotiated authN, e.g. ntlm or kerberos, see http://blogs.msdn.com/b/fiddler/archive/2011/09/04/fiddler-http-401-authentication-workaround-to-support-channel-binding-tokens-removing-endless-prompts.aspx
c) to capture sessions involving wstrust kerberosmixed or acs signins using idp issued tokens set fiddler | tools | fiddler options | https |
skip decryption for the following hosts = "mycorp.sts.mydomain.com;mynamespace.accesscontrol.windows.net" vs having to resort to fiddler tools |
fiddler options | connections | bypass fiddler for urls that start with = "<-loopback>;https://mycorp.sts.mydomain.com;https://mynamespace.accesscontrol.windows.net"
for more info see https://groups.google.com/forum/#!topic/httpfiddler/orM5GtzUz_c
d) to enable win8 app capture enable https capture and configure fiddler | win8 config | <app> + microsoft.windows.authhost.* loopback exemptions
note - using vs12 debug/f5 to run win8 app will automatically enable loopback exemption for that app
b) to capture sessions involving negotiated authN, e.g. ntlm or kerberos, see http://blogs.msdn.com/b/fiddler/archive/2011/09/04/fiddler-http-401-authentication-workaround-to-support-channel-binding-tokens-removing-endless-prompts.aspx
c) to capture sessions involving wstrust kerberosmixed or acs signins using idp issued tokens set fiddler | tools | fiddler options | https |
skip decryption for the following hosts = "mycorp.sts.mydomain.com;mynamespace.accesscontrol.windows.net" vs having to resort to fiddler tools |
fiddler options | connections | bypass fiddler for urls that start with = "<-loopback>;https://mycorp.sts.mydomain.com;https://mynamespace.accesscontrol.windows.net"
for more info see https://groups.google.com/forum/#!topic/httpfiddler/orM5GtzUz_c
d) to enable win8 app capture enable https capture and configure fiddler | win8 config | <app> + microsoft.windows.authhost.* loopback exemptions
note - using vs12 debug/f5 to run win8 app will automatically enable loopback exemption for that app
3. to enable phone device and emulator capture enable https capture and set fiddler | tools | fiddler options | connections | allow remote computers to connect
note - if you are running fiddler on a domain joined dev wks where ipsec is enabled then you'll need to either stop the ipsec policy agent service during
tracing efforts, e.g. net stop PolicyAgent, or get a permanent policy exception enabled, for remote connections from phone device and emulators to work
+ fiddler | alt-q [ quickexec ] | prefs set fiddler.network.proxy.registrationhostname hostIpV4OrFqdn[OrNbn] | restart fiddler
note - because emulator picks up this setting when it starts that means that fiddler capture traffic uncheck / f12 will not stop emulator capture
+ emulator [ started after fiddler ] | mobile browser | address = http://hostIpV4orFqdnOrNbn:8888/FiddlerRoot.cer | <accept fiddler capture error dialogs that popup> | install | ok
note - you need to redo this whenever you restart emulator and there is no way to currently to remove it so you shouldn't apply this to physical device
note - if you are running fiddler on a domain joined dev wks where ipsec is enabled then you'll need to either stop the ipsec policy agent service during
tracing efforts, e.g. net stop PolicyAgent, or get a permanent policy exception enabled, for remote connections from phone device and emulators to work
+ fiddler | alt-q [ quickexec ] | prefs set fiddler.network.proxy.registrationhostname hostIpV4OrFqdn[OrNbn] | restart fiddler
note - because emulator picks up this setting when it starts that means that fiddler capture traffic uncheck / f12 will not stop emulator capture
+ emulator [ started after fiddler ] | mobile browser | address = http://hostIpV4orFqdnOrNbn:8888/FiddlerRoot.cer | <accept fiddler capture error dialogs that popup> | install | ok
note - you need to redo this whenever you restart emulator and there is no way to currently to remove it so you shouldn't apply this to physical device
4. to scope captures to just what the win8 app or wp8 app generates drag the any process target icon onto app or emulator hosting ap
to disable fiddler system level proxy setting close fiddler and restart system processes using wininet or use fiddler | alt-q | about:config | select "fiddler.network.proxy.registration" | delete
to remove and re-add fiddler self-signed https certs use fiddler | tools | options | https | decrypt = unchecked + remove interception certificates -> decrypt = checked + accept trusted root cert = yes
to disable fiddler system level proxy setting close fiddler and restart system processes using wininet or use fiddler | alt-q | about:config | select "fiddler.network.proxy.registration" | delete
to remove and re-add fiddler self-signed https certs use fiddler | tools | options | https | decrypt = unchecked + remove interception certificates -> decrypt = checked + accept trusted root cert = yes
if directaccess traffic starts showing up in fiddler close fiddler until directAccess connection has been established and then restart fiddler
5. for more info on hyper-v hosted wp8 emulator tracing see http://portals/windowsphone8/client/wp8wiki/Pages/How%20to%20set%20up%20Fiddler%20to%20catpure%20traces%20from%20Apollo%20devices.aspx
for more info on vpc hosted wp7 emulator tracing see http://blogs.msdn.com/b/fiddler/archive/2011/01/09/debugging-windows-phone-7-device-traffic-with-fiddler.aspx
and http://blogs.msdn.com/b/fiddler/archive/2010/10/15/fiddler-and-the-windows-phone-emulator.aspx
for more info on vpc hosted wp7 emulator tracing see http://blogs.msdn.com/b/fiddler/archive/2011/01/09/debugging-windows-phone-7-device-traffic-with-fiddler.aspx
and http://blogs.msdn.com/b/fiddler/archive/2010/10/15/fiddler-and-the-windows-phone-emulator.aspx
Reply all
Reply to author
Forward
0 new messages