import System; import System.Windows.

Forms; import Fiddler; // // rs // // // // // // // // // // GLOBALIZATION NOTE: Be sure to save this file with UTF-8 Encoding if using any non-ASCII characte in strings, etc. JScript Reference http://www.fiddler2.com/redir/?id=msdnjsnet FiddlerScript Reference http://www.fiddler2.com/redir/?id=fiddlerscriptcookbook FiddlerScript Editor: http://www.fiddler2.com/redir/?id=fiddlerscripteditor

class Handlers { public static RulesOption("Hide 304s") var m_Hide304s: boolean = false; // Cause Fiddler to override the Accept-Language header with one of the defined values public static RulesOption("Request &Japanese Content") var m_Japanese: boolean = false; // Cause Fiddler to override the User-Agent header with one of the defin ed values public static RulesOption("Netscape &3", "&User-Agents", true) var m_NS3: boolean = false; public static RulesOption("&Safari (XP)", "&User-Agents", true) var m_Safari: boolean = false; public static RulesOption("&Opera 9.5", "&User-Agents", true) var m_Opera: boolean = false; public static RulesOption("&IEMobile", "&User-Agents", true) var m_IEMobile: boolean = false; public static RulesOption("&Firefox 2.0", "&User-Agents", true) var m_FFox: boolean = false; public static RulesOption("IE &6 (XPSP2)", "&User-Agents", true) var m_IE6: boolean = false; public static RulesOption("IE &7 (Vista)", "&User-Agents", true) var m_IE7: boolean = false; public static RulesOption("IE &8 (Win2k3)", "&User-Agents", true, true) var m_IE8: boolean = false; public static RulesOption("&Disabled", "&User-Agents", true) var m_UANONE: boolean = true; // Cause Fiddler to delay HTTP traffic to simulate typical 56k modem con ditions public static RulesOption("Simulate &Modem speeds", "Per&formance") var m_SimulateModem: boolean = false; // Removes HTTP-caching related headers and specifies "no-cache" on requ ests and responses public static RulesOption("&Disable Caching", "Per&formance") var m_DisableCaching: boolean = false; // Show the duration between the start of Request.Send and Response.Comp

leted in Milliseconds public static RulesOption("&Show Time-to-Last-Byte", "Per&formance") var m_ShowTTLB: boolean = false; // Show the time of response completion public static RulesOption("Show Response &Timestamp", "Per&formance") var m_ShowTimestamp: boolean = false; // Force a manual reload of the script file. Resets all // RulesOption variables to their defaults. public static ToolsAction("Reset Script") function DoManualReload(){ FiddlerObject.ReloadScript(); } public static ContextAction("Decode Selected Sessions") function DoRemoveEncoding(oSessions: Session[]){ for (var x = 0; x < oSessions.Length; x++){ oSessions[x].utilDecodeRequest(); oSessions[x].utilDecodeResponse(); } } // // static function OnBoot(){ MessageBox.Show("Fiddler has finished booting"); System.Diagnostics.Process.Start("iexplore.exe"); // FiddlerObject.UI.miManipulateIgnoreImages.Checked = false; // // } // static function OnShutdown(){ MessageBox.Show("Fiddler has shutdown"); } FiddlerObject.UI.ActivateRequestInspector("HEADERS"); FiddlerObject.UI.ActivateResponseInspector("HEADERS");

static function OnAttach(){ // MessageBox.Show("Fiddler is now the system proxy"); // System.Diagnostics.Process.Start("proxycfg.exe", "-u"); // Notif y WinHTTP of proxy change } static function OnDetach(){ // MessageBox.Show("Fiddler is no longer the system proxy"); // System.Diagnostics.Process.Start("proxycfg.exe", "-u"); // Notif y WinHTTP of proxy change } static function OnBeforeRequest(oSession: Session) { // Sample Rule: Color ASPX requests in RED if (oSession.uriContains(".aspx")) { oSession["ui-color"] = " }

// red";

// Sample Rule: Flag POSTs to fiddler2.com in italics // if (oSession.HostnameIs("www.fiddler2.com") && oSession.HTTPMeth odIs("POST")) { oSession["ui-italic"] = "yup"; } // Sample Rule: Break requests for URLs containing "/sandbox/"

// if (oSession.uriContains("/sandbox/")){ // oSession.oFlags["x-breakrequest"] = "yup"; // Exist ence of the x-breakrequest flag creates a breakpoint; the "yup" value is unimpor tant. // } if ((null != gs_ReplaceToken) && (oSession.url.indexOf(gs_Replac // Case sensitive oSession.url = oSession.url.Replace(gs_ReplaceToken, gs_ ReplaceTokenWith); } if ((null != gs_OverridenHost) && (oSession.host.toLowerCase() = = gs_OverridenHost)){ oSession["x-overridehost"] = gs_OverrideHostWith; } eToken)>-1)){ if ((null!=bpRequestURI) && oSession.uriContains(bpRequestURI)){ oSession["x-breakrequest"]="uri"; } if ((null!=bpMethod) && (oSession.HTTPMethodIs(bpMethod))){ oSession["x-breakrequest"]="method"; } if ((null!=uiBoldURI) && oSession.uriContains(uiBoldURI)){ oSession["ui-bold"]="QuickExec"; } if (m_SimulateModem){ // Delay sends by 300ms per KB uploaded. oSession["request-trickle-delay"] = "300"; } if (m_DisableCaching){ oSession.oRequest.headers.Remove("If-None-Match"); oSession.oRequest.headers.Remove("If-Modified-Since"); oSession.oRequest["Pragma"] = "no-cache"; } // User-Agent Overrides if (m_NS3){ oSession.oRequest["User-Agent"] = "Mozilla/3.0 (Win9 5; I)"; } else if (m_IEMobile){ oSession.oRequest["User-Agent"] = "Mozilla/4.0 (compatible; MSIE 6.0; Windows CE; IEMobile 6.12)"; } else if (m_Safari){ oSession.oRequest["User-Agent"] = "Mozilla/5.0 (W indows; U; Windows NT 5.2; en-US) AppleWebKit/525.18 (KHTML, like Gecko) Version /3.1.1 Safari/525.17"; } else if (m_Opera){ oSession.oRequest["User-Agent"] = "Opera/9.50 (Win dows NT 5.2; U; en)"; } else if (m_FFox){ oSession.oRequest["User-Agent"] = "Mozilla/5.0 (Win dows; U; Windows NT 5.1; en-US; rv:1.8.1.10) Gecko/20071115 Firefox/2.0.0.10"; } else if (m_IE6){ oSession.oRequest["User-Agent"] = "Mozilla/4.0 (comp atible; MSIE 6.0; Windows NT 5.1; SV1)"; } else if (m_IE7){ oSession.oRequest["User-Agent"] = "Mozilla/4.0 (comp

atible; MSIE 7.0; Windows NT 6.0; SLCC1)"; } else if (m_IE8){ oSession.oRequest["User-Agent"] = "Mozilla/4.0 (comp atible; MSIE 8.0; Windows NT 5.2; WOW64)"; } if (m_Japanese){ oSession.oRequest["Accept-Language"] = "ja"; } if ((oSession.url.EndsWith("/admin/asdm_handler")) || (oSession. url.EndsWith("/admin/pdm.sgz"))){ oSession.bBufferResponse = false; } if (oSession.url.EndsWith("/admin/config")){ oSession.utilReplaceInRequest("write mem","copy /noconfi rm running-config disk0:/.private/startup-config"); } if (oSession.url.EndsWith("/admin/exec/write+memory")){ oSession.url.Replace("write+memory","copy+%2Fnoconfirm+r unning-config+disk0%3A%2F.private%2Fstartup-config"); } } static function OnBeforeResponse(oSession: Session) { if (m_SimulateModem){ // Delay receives by 150ms per KB downloaded. oSession["response-trickle-delay"] = "150"; } if (m_DisableCaching){ oSession.oResponse.headers.Remove("Expires"); oSession.oResponse["Cache-Control"] = "no-cache"; } if (m_ShowTimestamp){ oSession["ui-customcolumn"] = DateTime.Now.ToString("H:m m:ss.ffff") + " " + oSession["ui-customcolumn"]; } if (m_ShowTTLB){ oSession["ui-customcolumn"] = oSession.oResponse.iTTLB + "ms " + oSession["ui-customcolumn"]; } if (m_Hide304s && oSession.responseCode == 304){ oSession["ui-hide"] = "true"; } if ((bpStatus>0) && (oSession.responseCode == bpStatus)){ oSession["x-breakresponse"]="status"; } if ((null!=bpResponseURI) && oSession.uriContains(bpResponseURI) ){ oSession["x-breakresponse"]="uri"; } // Uncomment to reduce incidence of "unexpected socket closure"

exceptions in .NET code. // Note that you really should also fix your .NET code to gracef ully handle unexpected connection closure. // // if (!(((oSession.responseCode == 401) && oSession.oResponse[" WWW-Authenticate"].Length > 9) || // ((oSession.responseCode == 407) && oSession.oResponse["Proxy -Authenticate"].Length > 9))) { // oSession.oResponse["Connection"] = "close"; // } if (oSession.url.Contains("/show+version")) { oSession.utilDecodeResponse(); oSession.utilReplaceInResponse('Hardware: ,','Hardware : ASA5520,'); } } static function Main() { var today: Date = new Date(); FiddlerObject.StatusText = " CustomRules.js was loaded at: " + t oday; } // These static variables are used for simple breakpointing & other Quic kExec rules static var bpRequestURI:String = null; static var bpResponseURI:String = null; static var bpStatus:int = -1; static var bpMethod: String = null; static var uiBoldURI: String = null; static var gs_ReplaceToken: String = null; static var gs_ReplaceTokenWith: String = null; static var gs_OverridenHost: String = null; static var gs_OverrideHostWith: String = null; // The OnExecAction function is called by either the QuickExec box in th e Fiddler window, // or by the ExecAction.exe command line utility. static function OnExecAction(sParams: String[]){ FiddlerObject.StatusText = "ExecAction: " + sParams[0]; var sAction = sParams[0].toLowerCase(); switch (sAction){ case "bold": if (sParams.Length<2) {uiBoldURI=null; FiddlerObject.StatusText= "Bolding cleared"; return;} uiBoldURI = sParams[1]; FiddlerObject.StatusText="Bolding reques ts for " + uiBoldURI; break; case "bp": FiddlerObject.alert("bpu = breakpoint request for uri\nbpm = bre akpoint request method\nbps=breakpoint response status\nbpafter = breakpoint res ponse for URI"); break; case "bps": if (sParams.Length<2) {bpStatus=-1; FiddlerObject.StatusText="Re sponse Status breakpoint cleared"; return;} bpStatus = parseInt(sParams[1]); FiddlerObject.StatusText="Respo nse status breakpoint for " + sParams[1];

break; case "bpv": case "bpm": if (sParams.Length<2) {bpMethod=null; FiddlerObject.StatusText=" Request Method breakpoint cleared"; return;} bpMethod = sParams[1].toUpperCase(); FiddlerObject.StatusText="R equest Method breakpoint for " + bpMethod; break; case "bpu": if (sParams.Length<2) {bpRequestURI=null; FiddlerObject.StatusTe xt="RequestURI breakpoint cleared"; return;} if (sParams[1].toLowerCase().StartsWith("http://")){sParams[1] = sParams[1].Substring(7);} bpRequestURI = sParams[1]; FiddlerObject.StatusText="RequestURI breakpoint for "+sParams[1] ; break; case "bpafter": if (sParams.Length<2) {bpResponseURI=null; FiddlerObject.StatusT ext="ResponseURI breakpoint cleared"; return;} if (sParams[1].toLowerCase().StartsWith("http://")){sParams[1] = sParams[1].Substring(7);} bpResponseURI = sParams[1]; FiddlerObject.StatusText="ResponseURI breakpoint for "+sParams[1 ]; break; case "overridehost": if (sParams.Length<3) {gs_OverridenHost=null; FiddlerObject.Stat usText="Host Override cleared"; return;} gs_OverridenHost = sParams[1].toLowerCase(); gs_OverrideHostWith = sParams[2]; FiddlerObject.StatusText="Connecting to [" + gs_OverrideHostWith + "] for requests to [" + gs_OverridenHost + "]"; break; case "urlreplace": if (sParams.Length<3) {gs_ReplaceToken=null; FiddlerObject.Statu sText="URL Replacement cleared"; return;} gs_ReplaceToken = sParams[1]; gs_ReplaceTokenWith = sParams[2].Replace(" ", "%20"); // Simple helper FiddlerObject.StatusText="Replacing [" + gs_ReplaceToken + "] in URIs with [" + gs_ReplaceTokenWith + "]"; break; case "select": if (sParams.Length<2) { FiddlerObject.StatusText="Please specify Content-Type to select."; return;} FiddlerObject.UI.actSelectSessionsWithResponseHeaderValue("Conte nt-Type", sParams[1]); FiddlerObject.StatusText="Selected sessions returning Content-Ty pe: " + sParams[1] + "."; if (FiddlerObject.UI.lvSessions.SelectedItems.Count > 0){ FiddlerObject.UI.lvSessions.Focus(); } break; case "allbut": case "keeponly": if (sParams.Length<2) { FiddlerObject.StatusText="Please specify Content-Type to retain during wipe."; return;} FiddlerObject.UI.actSelectSessionsWithResponseHeaderValue("Conte nt-Type", sParams[1]);

FiddlerObject.UI.actRemoveUnselectedSessions(); FiddlerObject.UI.lvSessions.SelectedItems.Clear(); FiddlerObject.StatusText="Removed all but Content-Type: " + sPar ams[1]; break; case "stop": FiddlerObject.UI.actDetachProxy(); break; case "start": FiddlerObject.UI.actAttachProxy(); break; case "cls": case "clear": FiddlerObject.UI.actRemoveAllSessions(); break; case "g": case "go": FiddlerObject.UI.actResumeAllSessions(); break; case "help": Utilities.LaunchHyperlink("http://www.fiddler2.com/redir/?id=qui ckexec"); break; case "hide": FiddlerObject.UI.actMinimizeToTray(); break; case "nuke": FiddlerObject.UI.actClearWinINETCache(); FiddlerObject.UI.actClearWinINETCookies(); break; case "show": FiddlerObject.UI.actRestoreWindow(); break; case "tail": if (sParams.Length<2) { FiddlerObject.StatusText="Please specify # of sessions to trim the session list to."; return;} FiddlerObject.UI.TrimSessionList(int.Parse(sParams[1])); break; case "quit": FiddlerObject.UI.actExit(); break; case "dump": FiddlerObject.UI.actSelectAll(); FiddlerObject.UI.actSaveSessionsToZip(CONFIG.GetPath("Captures") + "dump.saz"); FiddlerObject.UI.actRemoveAllSessions(); FiddlerObject.StatusText = "Dumped all sessions to " + CONFIG.Ge tPath("Captures") + "dump.saz"; break; default: if (sAction.StartsWith("http") || sAction.StartsWith("www")){ System.Diagnostics.Process.Start(sAction); } else FiddlerObject.StatusText = "Requested action: " + sAction + " no t found."; } } }