Comments (6)
I appreciate the fast reply, that helped a lot.
For anyone who comes along with this question, it was easy to do this via Wireshark by just grabbing a ClientHello packet from the browser I wanted to fingerprint, and exporting the packet bytes of specifically the TLS frame.
from utls.
Ah, i see now that this was brought up a few months ago here.
So, I suppose that answers my question. A better question would be, has any momentum been built around this feature since?
from utls.
We haven't been able to focus on this feature yet since there are much more to be done with TLSfingerprint.io... It is not too bad (see an example here) and we just need more time to actually start working on it ;)
from utls.
Just to clarify, the ImportTLSClientHelloFromJSON
is meant to allow user importing an existing (known and prerecorded) ClientHello from a database.
The major blocker on this is that we have to make some modifications to TLSfingerprint.io before we can fully support this feature. For now the database from TLSFingerprint.io does not record that many different fields that do not impact the result hash on the website (e.g., the content of ApplicationSettings
) but subject to be fingerprintable. It is not a very trivial work as the database might need to be redesigned into an extensible structure, and we DO need stronger database servers 😄
I see you are trying to replicate the ClientHello of your web browser. In which case you might just want to use func (f *Fingerprinter) RawClientHello(raw []byte) (clientHelloSpec *ClientHelloSpec, err error)
which takes your ClientHello message as raw bytes.
from utls.
And we are also planning to support importing directly from https://client.tlsfingerprint.io/, which would be much easier to achieve since we will not have to modify the database.
from utls.
Just a reminder that the ClientHello you grab from your pcap may or may not fully cover the "ClientHello space" of a TLS client.
For example, Chrome shuffles the TLS extensions list and use a few different combinations of settings in ECH.
from utls.
Related Issues (20)
- panic: tls: setSessionTicketExt failed: invalid state HOT 3
- Support for padding extension HOT 6
- feat: GREASE ECH Extension HOT 4
- bump Auto parrot for Firefox and Chrome
- bug: configuration for GREASE ECH parrot for Chrome 120 doesn't match BoringSSL HOT 7
- HelloFirefox* gets an ECDSA verification failure HOT 4
- FingerprintClientHello support for GREASE ECH extension
- Weird observation regarding ClientId and Spec HOT 9
- B uTLS does not support 0xFB1A as max version,add ja3 tls error,roundTripper error HOT 7
- crypto/ecdh is not in GOROOT (Go 1.18) HOT 1
- Secured Renegotiation is not supported HOT 10
- What is the hash function of the fingerprint in utls? HOT 6
- HTTP2 (akamai) fingerprint always same? HOT 1
- Towards better versioning policy HOT 4
- bug: `(*Conn).Handshake()` is called upon `(*UConn).Read()` HOT 3
- *.tlsfingerprint.io down? HOT 6
- Any plans implements in Python HOT 1
- UnmarshalClientHello returns nil
- Request for TLS 1.3 Fingerprint Draft 26 Support
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from utls.