Capture Android Traffic with Fiddler

Wappler General How To
#1

You can use the method below to quickly identify the problems that will occur in the android application development phase. It was very useful for me. I think it will be useful for you.
Fiddler Download : https://www.telerik.com/fiddler

First, you should enable the Allow remote computers to connect setting in Fiddler

  1. Open Fiddler and select Tools -> Options
  2. Choose the Connections tab
  3. Select the Allow remote computers to connect checkbox to enable the setting
  4. Restart Fiddler in order the changes to take effect

Fiddler is now listening on port 8888 (this is the default port, you can change it from the setting above).

image

Setting up the Android Device

Once Fiddler is listening, we should use it as a proxy in Android.

  1. Open the WiFi menu.
  2. Tap and hold on your current network to show the network details
  3. Choose the Manage network settings option
  4. Check Show advanced options checkbox
  5. Choose Manual from the Proxy dropdown list
  6. Type your IP address in the Proxy host name field
    NOTE: You can check your IP address by hovering over the Network Connection icon in the Fiddler toolbar.
  7. Type the Fiddler listening port (8888 by default) in the Proxy port field
  8. Click Save to apply changes

Screenshot_20200627-124512_Settings
Screenshot_20200627-124512_Settings1080×1920 234 KB

Capture HTTPS Traffic

With the current setup you should be able to capture HTTP traffic. However, if you try to open any HTTPS website, you’ll get the This site’s security certificate is not trusted! error. To fix this, you should trust the Fiddler root certificate.

NOTE: By default, Fiddler-generated certificate is valid for 5 years. However, this can cause ERR_CERT_VALIDITY_TOO_LONG error in Chrome on Android. To fix this:

  1. Run about:config in Fiddler QuickExec.
  2. Create new variable fiddler.certmaker.ValidDays with value 820

Then, you can proceed with installing the Fiddler Root certificate as follow:

  1. In your browser, navigate to http://ipv4.fiddler:8888 or http://localhost:8888
  2. Download the Fiddler root certificate.
  3. Install the certificate on your device.

Now you should be able to capture HTTPS traffic too.

*you use this method for many application models, not just android.

1 Like