Fiddler Ideas

The free web debugging proxy for any browser, system or platform.

TLS handshake inspection

To my knowledge, a Fiddler extension has no means of getting the raw TLS handshake data.

 

This would be extremely useful for some extensions I develop. Two use cases are, first, getting the TLS extensions. The primary motivation for this is to extract SCTs from the signed_certificate_timestamp extension. But I am sure there are other cases where I'll need more.

 

The second being getting the certificate in the case of a blind tunnel when HTTPS interception is disabled, then the certificate chain could still be obtained from the ServerHello.

  • Guest
  • Apr 27 2016
  • Attach files
  • Guest commented
    April 27, 2016 03:45

    To be clear, I not asking for a GUI around this or anything fancy, just a byte[] of ClientHello, ServerHello, etc. on Session.

  • Eric Lawrence commented
    June 18, 2016 00:59

    Today, Fiddler has some of this data (it uses a stream wrapper to eat TLS "SNI Name Mismatch" Warnings to avoid a bug in .NET; I'd considered generalizing this to expose some other interesting data (specifically, the size of the ServerHello and the number of certificates in the chain supplied) but never got around to it.