Code Monkey home page Code Monkey logo

Comments (6)

jonreesman avatar jonreesman commented on June 10, 2024 1

I appreciate the fast reply, that helped a lot.

For anyone who comes along with this question, it was easy to do this via Wireshark by just grabbing a ClientHello packet from the browser I wanted to fingerprint, and exporting the packet bytes of specifically the TLS frame.

from utls.

jonreesman avatar jonreesman commented on June 10, 2024

Ah, i see now that this was brought up a few months ago here.

So, I suppose that answers my question. A better question would be, has any momentum been built around this feature since?

from utls.

gaukas avatar gaukas commented on June 10, 2024

We haven't been able to focus on this feature yet since there are much more to be done with TLSfingerprint.io... It is not too bad (see an example here) and we just need more time to actually start working on it ;)

from utls.

gaukas avatar gaukas commented on June 10, 2024

Just to clarify, the ImportTLSClientHelloFromJSON is meant to allow user importing an existing (known and prerecorded) ClientHello from a database.

The major blocker on this is that we have to make some modifications to TLSfingerprint.io before we can fully support this feature. For now the database from TLSFingerprint.io does not record that many different fields that do not impact the result hash on the website (e.g., the content of ApplicationSettings) but subject to be fingerprintable. It is not a very trivial work as the database might need to be redesigned into an extensible structure, and we DO need stronger database servers 😄

I see you are trying to replicate the ClientHello of your web browser. In which case you might just want to use func (f *Fingerprinter) RawClientHello(raw []byte) (clientHelloSpec *ClientHelloSpec, err error) which takes your ClientHello message as raw bytes.

from utls.

gaukas avatar gaukas commented on June 10, 2024

And we are also planning to support importing directly from https://client.tlsfingerprint.io/, which would be much easier to achieve since we will not have to modify the database.

from utls.

gaukas avatar gaukas commented on June 10, 2024

Just a reminder that the ClientHello you grab from your pcap may or may not fully cover the "ClientHello space" of a TLS client.

For example, Chrome shuffles the TLS extensions list and use a few different combinations of settings in ECH.

from utls.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.