Comments (4)
sleeyax
commented on June 19, 2024
Full customization of the frames might be overkill, perhaps we should just set the recommended SETTINGS frame based on the selected browser fingerprint (especially chrome).
from burp-awesome-tls.
ChrisMcMStone
commented on June 19, 2024
Hi @sleeyax. Thanks for your great work with this project. Would be happy to help with this feature. Any tips you could provide to help me get started?
from burp-awesome-tls.
sleeyax
commented on June 19, 2024
Hey @ChrisMcMStone sure thing, thanks for your interest and willingness to contribute to the project! It's been a while but I can point you in a general direction.
The inital settings are created here: https://github.com/sleeyax/burp-awesome-tls/blob/main/src-go/server/internal/net/http2/transport.go#L674
You could patch it like this (this is from a different project of mine, so adjust accordingly):
From 2c399035ddb74e8c40e7f60fba3299b463fd44fd Mon Sep 17 00:00:00 2001
From: Sleeyax <[email protected]>
Date: Thu, 3 Jun 2021 21:46:23 +0200
Subject: [PATCH] Customizable initial SETTINGS frame
---
packages/http2/transport.go | 22 ++++++++++++++++++++--
1 file changed, 20 insertions(+), 2 deletions(-)
diff --git a/packages/http2/transport.go b/packages/http2/transport.go
index ff71e3e..7ab542d 100644
--- a/packages/http2/transport.go
+++ b/packages/http2/transport.go
@@ -89,6 +89,21 @@ type Transport struct {
// plain-text "http" scheme. Note that this does not enable h2c support.
AllowHTTP bool
+ // HeaderTableSize is the http2 SETTINGS_HEADER_TABLE_SIZE to send in the initial settings frame.
+ HeaderTableSize uint32
+
+ // EnablePush is the http2 SETTINGS_ENABLE_PUSH to send in the initial settings frame.
+ EnablePush uint32
+
+ // MaxConcurrentStreams is the http2 SETTINGS_MAX_CONCURRENT_STREAMS to send in the initial settings frame.
+ MaxConcurrentStreams uint32
+
+ // InitialWindowSize is the http2 SETTINGS_INITIAL_WINDOW_SIZE to send in the initial settings frame.
+ InitialWindowSize uint32
+
+ // MaxFrameSize is the http2 SETTINGS_MAX_FRAME_SIZE to send in the initial settings frame.
+ MaxFrameSize uint32
+
// MaxHeaderListSize is the http2 SETTINGS_MAX_HEADER_LIST_SIZE to
// send in the initial settings frame. It is how many bytes
// of response headers are allowed. Unlike the http2 spec, zero here
@@ -675,8 +690,11 @@ func (t *Transport) newClientConn(c net.Conn, singleUse bool) (*ClientConn, erro
}
initialSettings := []Setting{
- {ID: SettingEnablePush, Val: 0},
- {ID: SettingInitialWindowSize, Val: transportDefaultStreamFlow},
+ {ID: SettingHeaderTableSize, Val: t.HeaderTableSize},
+ {ID: SettingEnablePush, Val: t.EnablePush},
+ {ID: SettingMaxConcurrentStreams, Val: t.MaxConcurrentStreams},
+ {ID: SettingInitialWindowSize, Val: t.InitialWindowSize},
+ {ID: SettingMaxFrameSize, Val: t.MaxFrameSize},
}
if max := t.maxHeaderListSize(); max != 0 {
initialSettings = append(initialSettings, Setting{ID: SettingMaxHeaderListSize, Val: max})Next, make sure any hardcoded defaults are overriden by these new settings:
diff --git a/packages/http2/transport.go b/packages/http2/transport.go
index 7ab542d..82a691f 100644
--- a/packages/http2/transport.go
+++ b/packages/http2/transport.go
@@ -648,10 +648,10 @@ func (t *Transport) newClientConn(c net.Conn, singleUse bool) (*ClientConn, erro
tconn: c,
readerDone: make(chan struct{}),
nextStreamID: 1,
- maxFrameSize: 16 << 10, // spec default
- initialWindowSize: 65535, // spec default
- maxConcurrentStreams: 1000, // "infinite", per spec. 1000 seems good enough.
- peerMaxHeaderListSize: 0xffffffffffffffff, // "infinite", per spec. Use 2^64-1 instead.
+ maxFrameSize: t.MaxFrameSize, // spec default
+ initialWindowSize: t.InitialWindowSize, // spec default
+ maxConcurrentStreams: t.MaxConcurrentStreams, // "infinite", per spec. 1000 seems good enough.
+ peerMaxHeaderListSize: 0xffffffffffffffff, // "infinite", per spec. Use 2^64-1 instead.
streams: make(map[uint32]*clientStream),
singleUse: singleUse,
wantSettingsAck: true,
@@ -666,14 +666,14 @@ func (t *Transport) newClientConn(c net.Conn, singleUse bool) (*ClientConn, erro
}
cc.cond = sync.NewCond(&cc.mu)
- cc.flow.add(int32(initialWindowSize))
+ cc.flow.add(int32(t.InitialWindowSize))
// TODO: adjust this writer size to account for frame size +
// MTU + crypto/tls record padding.
cc.bw = bufio.NewWriter(stickyErrWriter{c, &cc.werr})
cc.br = bufio.NewReader(c)
cc.fr = NewFramer(cc.bw, cc.br)
- cc.fr.ReadMetaHeaders = hpack.NewDecoder(initialHeaderTableSize, nil)
+ cc.fr.ReadMetaHeaders = hpack.NewDecoder(t.InitialWindowSize, nil)
cc.fr.MaxHeaderListSize = t.maxHeaderListSize()
// TODO: SetMaxDynamicTableSize, SetMaxDynamicTableSizeLimit on
@@ -703,7 +703,7 @@ func (t *Transport) newClientConn(c net.Conn, singleUse bool) (*ClientConn, erro
cc.bw.Write(clientPreface)
cc.fr.WriteSettings(initialSettings...)
cc.fr.WriteWindowUpdate(0, transportDefaultConnFlow)
- cc.inflow.add(transportDefaultConnFlow + initialWindowSize)
+ cc.inflow.add(transportDefaultConnFlow + int32(t.InitialWindowSize))
cc.bw.Flush()
if cc.werr != nil {
cc.Close()Finally, you can set set the correct initial settings frame based on the specified r.TlsFingerprint here: https://github.com/sleeyax/burp-awesome-tls/blob/main/src-go/server/roundtripper.go#L115
You can use Charles proxy to see which settings are the defaults for several browsers. Please try to add support for the latest Chrome version at minimum.
I hope that's enough information to get you started. Good luck and have fun!
from burp-awesome-tls.
sleeyax
commented on June 19, 2024
Hi @ChrisMcMStone any news? Let me know if you need any additional help!
from burp-awesome-tls.
Related Issues (20)
- Bad request when binary data in HTTP request
- Support for Linux/arm64
- Error: open ca.der: permission denied HOT 1
- Wechat mini program can not catch the packet, Repeater can not send HOT 2
- Awesome TLS error: create spec from client hello: FingerprintClientHello: record is not a handshake HOT 1
- Update HTTP/TLS implementation
- error on burp HOT 1
- Not working on Windows x64 HOT 31
- Log error when server binary can't be found or loaded
- Error after adding extension HOT 1
- err HOT 1
- Does this plugin have specific requirements for Java versions and Burp versions? I'm experiencing crashes when installing both the fat version and the Windows x64 version of the release on Burp 2023.10.3.6 with Java 17.0.99. HOT 1
- Working through an external proxy HOT 1
- -
- 返回错误 HOT 2
- Awesome TLS error: create spec from client hello: FingerprintClientHello: unsupported extension 65037 HOT 1
- Errors HOT 1
- Java version error HOT 1
- 加载插件时报错 HOT 1
- burp and browser config HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from burp-awesome-tls.