lylemi / ja3proxy Goto Github PK
View Code? Open in Web Editor NEWCustomizing TLS (JA3) Fingerprints through HTTP Proxy
License: MIT License
Customizing TLS (JA3) Fingerprints through HTTP Proxy
License: MIT License
Hi- new user so sorry if I'm doing something stupid.
I've tried lots of combinations for the proxy Firefox 55/58/102/105, Chrome 58, iOS 111/13
using curl to https://www.yahoo.com and https://www.bing.com with and without the curl --http2 flag and I always get the curl HTTP/0.9 error
(with Firefox 102)
$ curl -v -k --proxy http://localhost:8080 https://www.bing.com --http2
* Trying 127.0.0.1:8080...
* Connected to localhost (127.0.0.1) port 8080 (#0)
* allocate connect buffer
* Establish HTTP proxy tunnel to www.bing.com:443
> CONNECT www.bing.com:443 HTTP/1.1
> Host: www.bing.com:443
> User-Agent: curl/7.88.1
> Proxy-Connection: Keep-Alive
>
< HTTP/1.1 200 OK
< Date: Thu, 24 Aug 2023 13:29:59 GMT
< Transfer-Encoding: chunked
* Ignoring Transfer-Encoding in CONNECT 200 response
<
* CONNECT phase completed
* CONNECT tunnel established, response 200
* ALPN: offers h2,http/1.1
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
* ALPN: server did not agree on a protocol. Uses default.
* Server certificate:
* subject: CN=localhost
* start date: Aug 24 12:43:45 2023 GMT
* expire date: Aug 23 12:43:45 2024 GMT
* issuer: CN=localhost
* SSL certificate verify result: self-signed certificate (18), continuing anyway.
* using HTTP/1.x
> GET / HTTP/1.1
> Host: www.bing.com
> User-Agent: curl/7.88.1
> Accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* Received HTTP/0.9 when not allowed
* Closing connection 0
* TLSv1.3 (OUT), TLS alert, close notify (256):
curl: (1) Received HTTP/0.9 when not allowed
I noticed this repository doesn't have a license yet. Since there are only two contributors so far, me and @LyleMi, it should be easy to add a license and license existing commits under that license.
I would suggest using the MIT license, since it's simple and permissive.
When -cert
and -key
flags are provided but those files don't exist, ja3proxy creates the certificate and key at the default locations but still attempts to use the paths provided by the flags. This issue also occurs when using the compose.yaml
provided in #4.
Cert or key isn't found, calls generateCertificate()
Lines 162 to 165 in a485d37
Cert generation uses default path:
Line 38 in a485d37
Key generation uses default path:
Line 45 in a485d37
Proxy unsuccessfully attempts to find cert and key at specified paths and fails:
Lines 89 to 92 in a485d37
Create cert and key at the paths specified through the CLI, by passing Config.Cert
and Config.Key
to the generateCertificate
function. Throw an error if only one those files exists (do not overwrite either one).
Moved to #7: Unless I'm overlooking something, I believe it would also make more sense to load the certificates on proxy startup (inside main()
) and not on every connection.
Would it be possible to add an option to chain a second proxy between the ja3proxy and the final destination?
So the request would look like:
client --> ja3proxy --> other_proxy --> destination server
(goal is the pass the modified ja3 signature via the second proxy to the server)
The 2nd proxy params can be passed as parameters to ja3proxy.
Thanks!
➜ ./ja3proxy -port 8080 -client Chrome -version 106
HTTP Proxy Server started at localhost Port:8080
2023/07/15 15:45:09 proxy to kawayiyi.com:443
2023/07/15 15:45:10 copy dest to client error read tcp 127.0.0.1:8080->127.0.0.1:56461: use of closed network connection
$ curl -v -k --proxy http://localhost:8080 https://kawayiyi.com/tls
CONNECT kawayiyi.com:443 HTTP/1.1
Host: kawayiyi.com:443
User-Agent: curl/8.1.2
Proxy-Connection: Keep-Alive
< HTTP/1.1 200 OK
< Date: Sat, 15 Jul 2023 07:50:40 GMT
< Transfer-Encoding: chunked
GET /tls HTTP/1.1
Host: kawayiyi.com
User-Agent: curl/8.1.2
Accept: /
At the moment the certificate and key seem to be loaded from the disk every time a new connection is made:
Line 89 in a485d37
It would be more efficient to load them once at startup and keep them in memory, since users probably don't expect the proxy to recognize file changes while running.
How can I solve the problem that the certificate is not secure when using it
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.