Open Delicates opened 1 year ago
The thing with those fingerprints are:
In general I like the idea though. (It interested e ages ago, gave talks by that time what a ClientHello will tell an adversary bc I everybody seemed to assume TLS is a VPN).
What could be done is sending the client handshakes and wiresharking those. Last time I tried it contained the JA3 strings. Don't know how accurate those are as supposed to real life
Which version are you referring to 3.2rc2 (default 3.1dev branch)
Describe your feature request (if it's a technical feature) In the Running client simulations via sockets section report JA3 client TLS fingerprint and JA3/S server TLS fingerprint for each simulation. https://github.com/salesforce/ja3
Describe the solution you'd like Could be an optional --ja3 flag that adds an extra line underneath each simulation printing JA3 and JA3/S TLS fingerprints. Or alternatively could be appended at the end of each simulation output line.
In the Testing server defaults (Server Hello) section change "Fingerprints" to "Certificate Fingerprints" to avoid ambiguity.