search

Danny-Dasilva / CycleTLS

Spoof TLS/JA3 fingerprints in GO and Javascript
GNU General Public License v3.0
944 stars 174 forks source link

Changing JA3 & UserAgent doesn't change akamai hash #324

Open 64chevy opened 9 months ago

64chevy commented 9 months ago

Description

I have tested with 20+ different ja3 & their respective user agents with a new residential proxy everytime. I always get the same akamai_hash & akamai_text from (https://tls.peet.ws/api/all & https://tls.browserleaks.com/json).

akamai values should be different if we change all these 3 things right? Is there any way to resolve this?

Issue Type

Bug

Operating System

Mac OS

Node Version

None

Golang Version

Other

Relevant Log Output

No response

lif0 commented 9 months ago

because akamai_fingerprint and akamai_fingerprint_hash use WINDOW_UPDATE, PRIORITY and other data, akamai_fingerprint and akamai_fingerprint_hash don't use ciphers, extensions

64chevy commented 9 months ago

Yeah, its bassed on SETTINGS, WINDOW_UPPDATE & PRIORITY frames. Is there a way to modify it? No point of changing ja3 if the akamai hash remains same.

Danny-Dasilva commented 9 months ago

I'm planning on adding a way to configure this, akamai will typically use the akamai hash in conjunction with a ja3 to do validation. If you're wondering why changing the ja3 isn't changing the akamai hash that is because CycleTLS parses the User-Agent to determine SETTINGS, WINDOW_UPDATE & PRIORITY frames.

Danny-Dasilva commented 9 months ago

I'll add configuration options for this but currently we determine what we send based on Chrome/Firefox User agents.

https://github.com/Danny-Dasilva/CycleTLS/blob/4184f73d94b8be9ccd9ce45f43a1b8cef3b5f46a/cycletls/utils.go#L28-L38

dr3adx commented 9 months ago

I'll add configuration options for this but currently we determine what we send based on Chrome/Firefox User agents.

https://github.com/Danny-Dasilva/CycleTLS/blob/4184f73d94b8be9ccd9ce45f43a1b8cef3b5f46a/cycletls/utils.go#L28-L38

hello bro thanks for everything, please add ability to customize HTTP2 data like header_table_size and window_size, etc

there is a library that already implemented http2 spoofing: https://github.com/Noooste/azuretls-client you can use their code, theyre based on utls as well

p.s please give me your discord bro so i can send you everything i have

dr3adx commented 8 months ago

@Danny-Dasilva bro? check comment above

Danny-Dasilva commented 3 months ago

@dr3adx

p.s please give me your discord bro so i can send you everything i have discord is danny_dasilva also feel free to join the cycletls discord server https://discord.gg/gsmxMHrwhu