Whenever I need to examine HTTP/HTTPS traffic, I use Fiddler. Fiddler can be a lifesaver when debugging problems, but can also be an extremely useful tool when you want to see what an application sending and receiving.
As I have had some spare time on my hands over the festive break (a rarity these days!!), I wanted to have a look at API calls from some apps on my Windows Phone. Fiddler should fit the bill for this. A few days ago, I upgraded my home machine to run Windows 8.1, so I needed to do a re-install of Fiddler. If you visit http://fiddler2.com/get-fiddler you can download the required build for you operating system. As I have Windows 8.1, I downloaded Fiddler4. Once you have downloaded Fiddler, follow the steps below to set up Fiddler and your phone for traffic capture.
When you have run Fiddler, select the menu option Tools -> Fiddler Options and select the Connections tab. You will see the dialog box that is shown below:
As we want to be able to view HTTPS traffic, we want to be able to decrypt this so we can view it. Click on the HTTPS tab. The tab looks as follows:
Select the checkbox Decrypt HTTPS traffic.
If you haven’t already restart Fiddler. Upon restarting Fiddler, the Windows Firewall warning may pop up.
Windows Phone Settings
We now need to perform some configuration tasks on the phone. Ensure your phone is connected to your WiFi network and perform the following steps.
In order for traffic to be captured by Fiddler, we need to set the WiFi proxy settings for the phones WiFi connection. Long tap on your WiFi connection within the WiFi settings on your phone. An example of this is shown below:
Select the edit option. You will then be presented with the following:
Swipe On to switch on the proxy functionality.
In the Server/URL setting, type in the IP Address of the computer where you installed Fiddler. You then need to specify the Port number. By default, Fiddler will use 8888. If you have changed this within the Fiddler settings, make sure you use this port number. Click the tick to save your settings.
We now need to download the Fiddler root certificate to the phone. Open Internet Explorer on your phone and key in the URL http://<<server>>:8888/fiddlerroot.cer. <<server>> will be the IP Address of the machine where you installed Fiddler. Using the settings from the example screenshots above, you would use http://192.168.1.78:8888/fiddlerroot.cer. Your phone will then show the following in Internet Explorer:
And that’s it!! As long as Fiddler is running and you have the proxy settings correctly configured on your phone, you should now be able to monitor the HTTP/HTTPS traffic from your Windows Phone.
When you have finished monitoring traffic and you have shut down Fiddler, remember to switch of the proxy functionality on your phone. If you don’t do this, you will not be able to use the internet from your WiFi connection, as all traffic will be sent to the proxy, which obviously will not be running.