fiddler修改响应信息,xx某款软件vip,以及解决fiddler黄色弹窗

/ 后端 / 没有评论 / 277浏览

一.分析抓包请求

  1. 首先抓包后发现,登录请求了/api/user/login接口,会返回相关用户信息和token:
{"code":0,"data":{"account":"xxxx","is_vip":"1","token":"1"},"msg":"Success"}
  1. 后续操作会带着token请求/api/user/check_token接口:
{"code":0,"data":{"account":"xxxx","is_vip":"1"},"msg":"Success"}

二.编写fiddler脚本

分别打开Rules->Customize Rules..然后弹出文本框编写脚本:

	static function OnBeforeResponse(oSession: Session) {
		if (m_Hide304s && oSession.responseCode == 304) {
			oSession["ui-hide"] = "true";
		}
		if(oSession.fullUrl.Contains("/api/user/login")){
	    	var	responseStringOriginal = '{"code":0,"data":{"account":"785175323","is_vip":"1","token":"1"},"msg":"Success"}';
			oSession.utilSetResponseBody(responseStringOriginal)
			
			oSession.oResponse.headers.Remove("Content-Type")
			oSession.oResponse.headers.Add("Content-Type","application/json")
			
			oSession.responseCode = 200;
		}else if(oSession.fullUrl.Contains("/api/user/check_token")){
			var	responseStringOriginal = '{"code":0,"data":{"account":"785175323","is_vip":"1"},"msg":"Success"}';
			oSession.utilSetResponseBody(responseStringOriginal)
			
			oSession.oResponse.headers.Remove("Content-Type")
			oSession.oResponse.headers.Add("Content-Type","application/json")
			
			oSession.responseCode = 200;
		}
}

三.测试成功

随便输入,登录成功VIP身份;

四.关于解决翻x代理导致的fiddler弹窗黄色警告

1.搜索自定义脚本OnPeekAtResponseHeaders,在上面添加代码:

static function DoReattach(o: Object, ea: EventArgs)
{
   ScheduledTasks.ScheduleWork("reattach", 1000, innerReattach);
}
 
static function innerReattach()
{
   FiddlerApplication.UI.actAttachProxy();
}
 
static function OnRetire()
{
   FiddlerApplication.oProxy.remove_DetachedUnexpectedly(DoReattach);
}

2.找到Main()方法,第一行添加代码:

FiddlerApplication.oProxy.add_DetachedUnexpectedly(DoReattach);