Skip to content

Instantly share code, notes, and snippets.

@wongsyrone
Created March 8, 2021 06:22
Show Gist options
  • Save wongsyrone/8cbefb6e847b0af9aa194f0440200bac to your computer and use it in GitHub Desktop.
Save wongsyrone/8cbefb6e847b0af9aa194f0440200bac to your computer and use it in GitHub Desktop.
top TLS fingerprint
// import tls "github.com/refraction-networking/utls"
tcpConn, err := net.Dial("tcp", "tlsfingerprint.io:443")
if err != nil {
fmt.Printf("net.Dial() failed: %+v\n", err)
return
}
config := tls.Config{ServerName: "tlsfingerprint.io"}
tlsConn := tls.Client(tcpConn, &tlsConfig, utls.HelloCustom)
clientHelloSpec := tls.ClientHelloSpec {
CipherSuites: []uint16{
tls.GREASE_PLACEHOLDER,
tls.TLS_AES_128_GCM_SHA256,
tls.TLS_AES_256_GCM_SHA384,
tls.TLS_CHACHA20_POLY1305_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
tls.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,
tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
tls.TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,
tls.TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,
tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
tls.TLS_RSA_WITH_AES_128_GCM_SHA256,
tls.TLS_RSA_WITH_AES_256_GCM_SHA384,
tls.TLS_RSA_WITH_AES_128_CBC_SHA,
tls.TLS_RSA_WITH_AES_256_CBC_SHA,
},
CompressionMethods: []byte{
0x00, // compressionNone
},
Extensions: []tls.TLSExtension{
&tls.UtlsGREASEExtension{},
&tls.SNIExtension{},
&tls.UtlsExtendedMasterSecretExtension{},
&tls.RenegotiationInfoExtension{renegotiation: tls.RenegotiateOnceAsClient},
&tls.SupportedCurvesExtension{[]tls.CurveID{
tls.CurveID(tls.GREASE_PLACEHOLDER),
tls.X25519,
tls.CurveP256,
tls.CurveP384,
}},
&tls.SupportedPointsExtension{SupportedPoints: []byte{
0x00, // pointFormatUncompressed
}},
&tls.SessionTicketExtension{},
&tls.ALPNExtension{AlpnProtocols: []string{"h2","http/1.1"}},
&tls.StatusRequestExtension{},
&tls.SignatureAlgorithmsExtension{SupportedSignatureAlgorithms: []SignatureScheme{
tls.ECDSAWithP256AndSHA256,
tls.PSSWithSHA256,
tls.PKCS1WithSHA256,
tls.ECDSAWithP384AndSHA384,
tls.PSSWithSHA384,
tls.PKCS1WithSHA384,
tls.PSSWithSHA512,
tls.PKCS1WithSHA512,
},},
&tls.SCTExtension{},
&tls.KeyShareExtension{[]tls.KeyShare{
{Group: tls.CurveID(tls.GREASE_PLACEHOLDER), Data: []byte{0}},
{Group: tls.X25519},
}},
&tls.PSKKeyExchangeModesExtension{[]uint8{
tls.PskModeDHE,
}},
&tls.SupportedVersionsExtension{[]uint16{
tls.GREASE_PLACEHOLDER,
tls.VersionTLS13,
tls.VersionTLS12,
tls.VersionTLS11,
tls.VersionTLS10,
}},
&tls.FakeCertCompressionAlgsExtension{[]tls.CertCompressionAlgo{
tls.CertCompressionBrotli,
}},
&tls.UtlsGREASEExtension{},
&tls.UtlsPaddingExtension{GetPaddingLen: BoringPaddingStyle},
},
}
tlsConn.ApplyPreset(clientHelloSpec)
n, err = tlsConn.Write("Hello, World!")
// or tlsConn.Handshake() for better control
@wongsyrone
Copy link
Author

@leiless
Copy link

leiless commented Sep 12, 2021

@GunGunGun
Copy link

Hey guys, how can I convert this https://tlsfingerprint.io/id/bbf04e5f1881f506 back to JA3 String like this

ja3_string = "771,49196-49195-49200-49199-159-158-49188-49187-49192-49191-49162-49161-49172-49171-157-156-61-60-53-47-10,0-10-11-13-35-23-65281,29-23-24,0"

Is there a quick and dirty way to do that ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment