Fiddler2 extension: Burp-like inspector

How to use session handling macro

1. Launch Fiddler2 and browsing target web site: http://yamagata.int21h.jp/tool/BurplikeInspector/testapp/

   

   

   

2. Select first request (Pre-processing request) and right click, "Add to Session Handling Macro"

   

3. Input macro description and click "OK"

   

4. Select third request (Post-processing request) and right click, "Add to Session Handling Macro"

   

5. Input macro description and click "OK"

   

6. Click [Add] button on Session Handling Rules section.

   

7. Click [Add] button on Rule Editor.

   

8. Select "Run a macro" radio button, and click [Add] button on (1)Run a macro.
   Then, on Select Macro window, check "show input" macro and click [OK] button.

   

9. Click [Edit] button on (4)Update current request section.
   Then, on Configure Macro Item window, select "Derived from prior response" pulldown menu at "PHPSESSID" and "sid". Click [OK] button.

   

10. Click [OK] button.

    

11. Click [Add] button to add a post-processing macro.

    

12. Select "Run a post-request macro" radio button, and click [Add] button on (1)Run a macro section. Then, check "submit" macro on Select Macro window. Click [OK] button.

    

13. Click [OK] button.

    

14. Session handling macro and rule setting was finished.

Repeater21
• Select second request (target request) and "Send to Repeater21".

  

• Click [Pre (F4)] button, then run a pre-processing macro, and refresh "PHPSESSID" and "sid" parameter.
  Modify request and click [Go (F5)] button, then send target request.
  Click [Post (F6)] button, then run a post-processing macro.

  

Intruder21
• "Send to Intruder21", you should enable Pre/Post macro on "Session" panel.

  

return to tool page