rfid - Dave's Blog

Search
My timeline on Mastodon

WPAD Server Fiddler Extension Source

2016 Aug 5, 3:18

I've put my WPAD Fiddler extension source and the installer on GitHub.

Six years ago I made a WPAD DHCP server Fiddler extension (described previously and previously). The extension runs a WPAD DHCP server telling any clients that connect to connect to the running Fiddler instance. I've finally got around to putting the source on GitHub. I haven't touched it in five or so years so this is either for posterity or education or something.

PermalinkCommentsdhcp fiddler network security wpad

WPAD Server Fiddler Extension Update v1.0.1

2011 Jun 12, 3:34
As it turns out the WPAD Server Fiddler Extension I made a while back actually has a non-malicious purpose. Apparently its useful for debugging HTTP on the WP7 phone (or so I'm told). Anyway I took some requests and I've fixed a few minor bugs (start button not updating correctly), changed the dialog to be a Fiddler tab so you can use it non-modally, and the WPAD server is now always off when Fiddler starts.
PermalinkCommentsextension fiddler technical update wpad

WPAD Server Fiddler Extension

2010 Jan 5, 7:42

I've made a WPAD server Fiddler extension and in a fit of creativity I've named it: WPAD Server Fiddler Extension.

Of course you know about Fiddler, Eric's awesome HTTP debugger tool, the HTTP proxy that lets you inspect, visualize and modify the HTTP traffic that flows through it. And on the subject you've probably definitely heard of WPAD, the Web Proxy Auto Discovery protocol that allows web browsers like IE to use DHCP or DNS to automatically discover HTTP proxies on their network. While working on a particularly nasty WPAD bug towards the end of IE8 I really wished I had a way to see the WPAD requests and responses and modify PAC responses in Fiddler. Well the wishes of me of the past are now fulfilled by present day me as this Fiddler extension will respond to WPAD DHCP requests telling those clients (by default) that Fiddler is their proxy.

When I started working on this project I didn't really understand how DHCP worked especially with respect to WPAD. I won't bore you with my misconceptions: it works by having your one DHCP server on your network respond to regular DHCP requests as well as WPAD DHCP requests. And Windows I've found runs a DHCP client service (you can start/stop it via Start|Run|'services.msc', scroll to DHCP Client or via the command line with "net start/stop 'DHCP Client'") that caches DHCP server responses making it just slightly more difficult to test and debug my extension. If a Windows app uses the DHCP client APIs to ask for the WPAD option, this service will send out a DHCP request and take the first DHCP server response it gets. That means that if you're on a network with a DHCP server, my extension will be racing to respond to the client. If the DHCP server wins then the client ignores the WPAD response from my extension.

Various documents and tools I found useful while working on this:

PermalinkCommentsproxy fiddler http technical debug wpad pac tool dhcp

(Video) Visualizing RFID Fields - PSFK

2009 Oct 15, 6:29Visualization of the fields created by RFID products
PermalinkCommentsvideo rfid visualization

PicoCool - The Flipside Wallet

2009 Sep 1, 4:57"Protect the wonderful convenience of RFID enabled cards with the Flipside Wallet." Looks like the Jimi but does RFID shielding and looks fat enough to hold US paper money folded once vertically.
PermalinkCommentsproduct wallet rfid

ioanghip - Tweeting Cat Door

2009 Apr 13, 12:20Cat door that opens only for the owner's cat's collars containing particular RFID tags. When opened a photo is snapped and twittered. "Best use of Twitter, the Tweeting Cat Door"PermalinkCommentsrfid twitter cat humor programming geek diy automation

A complete break of the KeeLoq access control system

2008 Apr 4, 9:48I wonder if my car uses KeeLoq: "Hence, using the methods described by us, an attacker can clone a remote control from a distance and gain access to a target that is protected by the claimed to be "highly secure" KeeLoq algorithm."PermalinkCommentscryptography rfid security keeloq via:schneier car

Active RFID and Passive RFID Comparison

2005 Dec 29, 4:27PermalinkCommentsrfid reference
Older Entries Creative Commons License Some rights reserved.