- Setup a Hyper-V test lab for capturing traffic from an Android client.
- Use OpenWRT as the routing gateway for the private VM network and Transparent Proxy HTTP and HTTPS traffic to Fiddler.
- Config Fidder for traffic capture.
- Part 1 – Building OpenWRT image for Hyper-V
Configuring OpenWRT for Transpart Proxy
Create Port Forward / Pre-routing rules for TCP port 80 and 443 to forward traffic to Fiddler.
- Assuming Fiddler is running at 192.168.1.2, port 8888 for HTTP proxy and 8443 for HTTPS proxy.
- Exclude the Fiddler machine from the port forward.
Create Source NAT / Post-routing rule
OR write the rules in the Firewall Custom Rules page.
Configuring Fiddler for Transpart Proxy
Enable “Allow remote computers to connect” in Fiddler Options and open corresponding ports in the Windows Firewall.
Use the command “!listen 8443 your_dummy_CN” to make Fiddler to listen to port 8443 for HTTPS proxy.
- The dummy CN value is important. Without the CN value Fiddler will not handle the HTTPS handshake.
- Use the command “prefs set fiddler.network.https.SetCNFromSNI true” to make Fiddler to generate the cert with CN to match the incoming request.