All geek questions in one place

Inspect HTTPS traffic from SWF files

Is there a way to check HTTPS traffic from Flex applications compiled into SWF files?

I am trying to use Fiddler for this, added DO_NOT_TRUST_FiddlerRootto my trusted root certification authorities, so my IE can now access other HTML sites that usually complain about an unreliable certificate. However, the HTTPS traffic from the SWF file is still not displayed in Fiddler, and in fact the Flex application will not work (HTTPS with a self-signed certificate is not supported by Flex applications, which I assume). Is there any way around this?

Refresh . To be clear, I am interested in traffic between a SWF file running under Flash Player and a server (usually, Flex components such as HTTPService will be used for this). The SWF file itself can be serviced via HTTP or HTTPS, it does not really matter.

Clarification 2 . Do not assume that the source code is available for the SWF file. If so, you can use Flash Builder 4 Network Monitor.

(I assess the possible security risks for my client, just to understand my intentions.)

+3
source share
3 answers

Charles Proxy, HTTPS, AMF. . ssl, Proxy- > Proxy Settings- > SSL , .

---- ----

, Proxy- > SSL Certificate, , ( - ).

+6

, Fiddler HTTPS-. Flex , (, - , Fiddler , Flash Player ), HTTP- Fiddler.

, , Charles Proxy , , , ( , Fiddler ).

+2

Adobe Flash Builder 4 Beta .

: Flash Builder 4 beta

: ( HTTPS)

The Network Monitor supports monitoring HTTPS calls to a server certified by a certificate 
authority (CA) or that has a self-signed certificate.

To monitor calls over the HTTPS protocol, modify the default preference for the Network Monitor
to ignore SSL security checks. Open the Preferences dialog and navigate to Flash Builder > 
Network Monitor.
+1

Source: https://habr.com/ru/post/1731872/

More articles:


All Articles