search

jannispinter / indicatetls

Addon for Mozilla Firefox that displays the TLS protocol version of websites you visit
https://addons.mozilla.org/firefox/addon/indicatetls/
Mozilla Public License 2.0
64 stars 12 forks source link

TLS v1.3 everywhere. #50

Closed MrR10T closed 3 years ago

MrR10T commented 3 years ago

I get TLS 1.3 everywhere, even on a site that don't have TLS v1.3 I'm testing this site : littlecaesars.com.tr 1 2

and this is the ssllab https://www.ssllabs.com/ssltest/analyze.html?d=littlecaesars.com.tr

I tried again with this https://cap5.gestour360.com/ and it say it use TLS 1.3 But this is the ssllab https://www.ssllabs.com/ssltest/analyze.html?d=cap5.gestour360.com

I even tried to run this extension in Private Mode, but I get the same results

jannispinter commented 3 years ago

Hi there, seems like you are using a proxy (PortSwigger, BurpSuite) that supports TLS 1.3. There is nothing we can do to detect the TLS version of the destination host, when Firefox only sees the handshake with the MITM proxy.

MrR10T commented 3 years ago

Hi there, seems like you are using a proxy (PortSwigger, BurpSuite) that supports TLS 1.3. There is nothing we can do to detect the TLS version of the destination host, when Firefox only sees the handshake with the MITM proxy.

U solved my problem. Didn't know I could not use a proxy. When I disable the proxy, just for checking the TLS/SSL version, it work fine. Ty :)