Skip to content

xHaash/SNI-Leak-PoC

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits

SNI-Leak-PoC

SNI-Leak-PoC

 
 

README.md

README.md

 
 

SNI_Pcap_scanner.py

SNI_Pcap_scanner.py

 
 

SNI_Sniffer.py

SNI_Sniffer.py

 
 

output.txt

output.txt

 
 

requirements.txt

requirements.txt

 
 

Repository files navigation

SNI-Leak-PoC

This is a very simple script that sniff TLS Handshakes (Client Hello) and parse the leaked domains in an output file thanks to the SNI Leak. This script is made for showing the information leak that remains in the TLS protocole and more precisly in the SNI extension.

There's 2 versions of the script:

  1. SNI_Pcap_Scanner.py -> Let you scan a .pcap file to extract the leaked domains from it. (Only CLI Output !)

  2. SNI_Sniffer.py -> Let you sniff your trafic live to extract the leaked domain directly while your browsing and parse them in the output.txt file.

Installation

  1. Install Python3 on your Device

  2. pip3 install -r requirements.txt

  3. You can edit iface="" and uncomment the lines 9 and 39 to sniff from a specific eth card. (Only if needed. Skip this step if you don't understand what it's about !)

  4. MacOS: python3 SNI_Sniffer.py Windows: py SNI_Sniffer.py

Screenshots

Capture d’écran 2023-07-10 171016 Capture d’écran 2023-07-10 171703

About

A very simple script that sniff TLS Handshakes to parse the leaked domain in a output file thanks to the SNI Leak.

Topics

dns scapy dns-leak sniffing sni tls-handshake clienthello dns-sniffer sniffer-packet sni-leak

Resources

Readme
Activity

Stars

8 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages