V4NSH4J
commented
1 year ago Hi, the JA3 is a way of representing your TLS handshake in one string.
Let's take this JA3 for example, "771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49162-49161-49171-49172-156-157-47-53,0-23-65281-10-11-35-16-5-34-51-43-13-45-28-65037,29-23-24-25-256-257,0"
The format of this JA3 is TLSVersion,Ciphers,Extensions,EllipticCurves,EllipticCurvePointFormats
Which implies 771 is your TLS version. Which when converted to hexadecimal from decimal gives you 0x0303 which stands for TLS v1.2
Similarly each decimal number can be converted into hexadecimal and it can be found what it stands for. The ciphersuites, extensions & elliptical curves are ordered and each one is separated by a -
To randomly generate your JA3's you can mess around with the order of your data or selectively include or not include certain ones, each combination gives a different JA3 hash. To appear as a legitimate client to cloudflare, I'd recommend not completely randomizing the JA3, a scraped list would work better as they can start matching JA3 to useragents anytime.
Also don't try to make impossible combinations like setting your minimum TLS version to 1.3 then using only TLS v1.2 ciphersuites..
Good luck, let me know if you have any other questions.
How to generate ja3 myself?
Put the following in the title of your Issue:
[Question]for a general question.[Bug]for unexpected error/behavior on the program.Explain your question/bug below: