I have a smart led bulb. I want to create my own server to control it but there are no APIs available for the bulb. So I decided to hack into my bulb to know where HTTPS requests are going but I am not getting any HTTPS requests when I click on the Turn On/ turn off button. I am getting some requests when I log in(Requests are encrypted) or fetch something in-app.
This is the screenShot of some requests. (I set up the fiddler and connected an Android device to it and it is working great.)
The a1.tuyain.com/api.json is the server address of that apk (Syska smart home)
So what should I do to know what's happening when I turn on the bulb?
Related
I am trying to see network request done by an iPhone app so I can check what data is being sent. Or at least, how many requests it is doing.
But when using Charles or Burp Suite on my Mac, it does not show any request outputs from this specific app. All other requests show, also from inside other apps. But this specific app does not register any requests at all, even when all data inside the app is reloaded.
How is this possible? Are there other ways to do requests? And can they be registered?
Ron
The app was doing SOAP requests. Apparently Charles does not pick those up.
I used Wireshark to investigate. That one did the trick.
If this app is making https requests, and you haven't configured your Charles instance to inspect https traffic, one single "unknown" request may be shown under the app's domain(s) in the "structure" tab, and no new requests will appear in the sequence tab when you reload.
In case you haven't configured the https proxy yet, here is a good short walkthrough:
Monitor Google Analytics requests on an iPhone Application
In case you already are seeing other https requests, I would try disabling mobile data, and see if this app's calls appear then - just in case iOS was bypassing Charles because it caused the wifi connection to lag.
We develop APPs, and sometimes we want to see the traffic of the APP.
Now we use Charles, AnyProxy, or Fiddler, but all these tools need manually settings on the Mobile Device, and not easily to share the traffic.
So I am thinking about a solution:
1. on the router run tcpdump, or make a port-traffic-mirror to a specific machine, so I can get all the traffic
2. there will be a program, decoding the traffic stream to pure http/https package, and show them on a webpage.
3. anyone who want to see the http/https(based on the APP, or may be protobuf) requests and responses. and can do some search or filter.
4. yes, these works like Wireshark, but how to make Wireshark run on a web?
I am trying to intercept HTTP requests sent via an application I have installed on my Windows 7 machine. I'm not sure what platform the application is built on, I just know that Fiddler isn't correctly intercepting anything that this program is sending/receiving. Requests through Chrome are intercepted fine.
Can Fiddler be set up as a proxy for ALL applications, and if so, how would I go about doing this? I have no control over the application code, it's just something I installed. It is a live bidding auction program which seems to mainly display HTML pages inside the application window.
Fiddler isn't correctly intercepting anything that this program is sending/receiving
That means the program is either firing requests to localhost (very unlikely), or ignoring the proxy settings for the current user (most likely). The latter also means this application won't function on a machine where a proxy connection is required in order to make HTTP calls to the outside.
The alternative would be to use a packet inspector like Wireshark, or to let the application be fixed to respect proxy settings, or to capture all HTTP requests originating from that machine on another level, for example the next router in your network.
I had Fiddler open recently with no filters on, and I was running a program from my command prompt that communicates with a server (it's a simple in-house proprietary program).
Interestingly, Fiddler was not picking up this communication, which is mostly made up of REST API calls. I did some research and found this quote, from here
With regard to why you're not seeing this traffic in Fiddler--
assuming you don't have any filters set, this suggests that whatever
mechanism you're using to send the HTTP request isn't adopting the
system's proxy settings. This means, for instance, that your code
would fail if run on a corporate computer that requires a proxy server
to reach the Internet.
However, I'm wondering why this would be the case. As far as I understand, my computer still needs to send data from my network card to the proxy server's network card. The traffic isn't bypassing my network card - it simply carries a different address. Why isn't Fiddler able to see this?
The reason is that Fiddler works not by sniffing your network card but by installing itself as the system proxy. If you click start and type "Internet Options" and choose the tab "Connections" and the button "LAN Settings" you'll see that localhost:8888 is your system proxy. Now, most well-behaved clients (e.g. IE and Chromer) respect and use the system proxy but some don't. In particular Java programs have their own ideas about which proxy they will use and you would have to set that separately. For other programs which are just hard-coded to make their own direct HTTP request you cannot AFAIK monitor them with Fiddler.
My q is whats can stop http post from desktop applications ?
e.g
i have a desktop application before it start it's ask users form some information
like a username ad Email ,,, and then take this information and post it on php webpage and php insert it into MySql Server any way the problem now is lets say like
6 of 16 download(s) are registered and the others not so whats can make http post not run correctly ?
Note :
Software tested on every windows os and runs ok
Software run with all anti viruses programs ok
Software add port throw windows firewall ok
So whats can make http post not run correctly ?
Regards
There are many things that could stop communication between your application, and your database.
If the client has a firewall that requires authorisation for outbound requests.
If the client has to connect via a proxy server, and you application is not proxy aware
If your website fails to process your request (perhaps, if the MySql server is too busy to allow connections, etc.)
So, consider an end user behind a WebSense proxy that additionally allows administrators to filter out unwanted traffic. If your application is not proxy server aware, it will fail to connect; If your application is proxy aware, and whatever WebSense category you fall into is filtered for that client, it will also fail to connect.