Spyware Sucks
“There is no magic fairy dust protecting Macs" – Dai Zovi, author of “The Mac Hacker’s Handbook"

Fiddler and MACs

November 27th 2007 in Uncategorized

Santa has responded to my wish for Fiddler on a MAC.  He says:

You can, however, run Fiddler on a Windows machine, and point the Mac’s proxy settings at WINMACHINE:8888. If Fiddler is configured to allow remote clients to connect, it will successfully proxy the traffic from the Mac. It’s non-trivial, but it does work.

Cool trick!

2 comments to...
“Fiddler and MACs”

F. Engelmann

That’s a good workaround, assuming Windows machines are allowed on your network – not the case here for security reasons.

One alternative is to run a VM under a Linux or OS X host, which makes a great test machine. Backup your clean install as a disk image; corrupt the working copy as needed; then toss the corrupted disk image and start over.

Another alternative is to use privoxy as an HTTP proxy, and use its logging to trace redirects or other malicious activity. We’ll use similar functions in our WatchGuard firewall to help trace malicious banner ads and/or javascript for Sandi.


Regarding VMs, that’s doesn’t always guarantee true results, at least it doesn’t when working with malware, which can be coded to check whether it is running in a VM, and behave differently if that environment is detected.

A new version (1.1) of FiddlerCap is available at http://www.fiddlercap.com.
The new version includes a checkbox that controls whether or not cookies and form POSTs are stored within the .SAZ file.
Fiddlercap is proving to be absolutely invaluable in the fight against malicious banner advertisements – Fiddlercap makes it easy for even the most inexperienced computer user […]

Previous Entry

This is of interest to my alter-ego
“Some e-mail messages remain in the queue on a server that is running Microsoft Exchange Server 2003. Additionally, the message sender receives non-delivery report (NDR) 4.4.7 messages that indicate the delivery failures.
This problem does not occur [recur?] if you restart the Microsoft Exchange Information Store service on the Exchange 2003 […]

Next Entry