You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Which version are you referring to
3.2rc2 (default 3.1dev branch)
Describe your feature request (if it's a technical feature)
In the Running client simulations via sockets section report JA3 client TLS fingerprint and JA3/S server TLS fingerprint for each simulation. https://github.com/salesforce/ja3
Describe the solution you'd like
Could be an optional --ja3 flag that adds an extra line underneath each simulation printing JA3 and JA3/S TLS fingerprints.
Or alternatively could be appended at the end of each simulation output line.
In the Testing server defaults (Server Hello) section change "Fingerprints" to "Certificate Fingerprints" to avoid ambiguity.
The text was updated successfully, but these errors were encountered:
Delicates
changed the title
Report JA3 cleint and JA3/S server TLS fingerprints when running client simulations
[Feature request] Report JA3 cleint and JA3/S server TLS fingerprints when running client simulations
Mar 26, 2023
last time I looked it up they were ancient and somewhat the same as the ones from LeeBrotherston's TLS fingerprintting project
Somewhere I found a bigger and up-to-date database, but I forgot where that was
We should be careful inspect we can use that db (which is preferred over calculating) as Salesforce (cough) might have a copyright on it.
In general I like the idea though. (It interested e ages ago, gave talks by that time what a ClientHello will tell an adversary bc I everybody seemed to assume TLS is a VPN).
What could be done is sending the client handshakes and wiresharking those. Last time I tried it contained the JA3 strings. Don't know how accurate those are as supposed to real life
Which version are you referring to
3.2rc2 (default 3.1dev branch)
Describe your feature request (if it's a technical feature)
In the Running client simulations via sockets section report JA3 client TLS fingerprint and JA3/S server TLS fingerprint for each simulation.
https://github.com/salesforce/ja3
Describe the solution you'd like
Could be an optional --ja3 flag that adds an extra line underneath each simulation printing JA3 and JA3/S TLS fingerprints.
Or alternatively could be appended at the end of each simulation output line.
In the Testing server defaults (Server Hello) section change "Fingerprints" to "Certificate Fingerprints" to avoid ambiguity.
The text was updated successfully, but these errors were encountered: