Skip to content

Latest commit

 

History

History
39 lines (34 loc) · 1.33 KB

readme.md

File metadata and controls

39 lines (34 loc) · 1.33 KB

ov

  • this is a toy project for learning how to capture TLS client hello ja3 fingerprint using cilium/eBPF
  • build (you must prepare yourself the eBPF toolchain first)
# if you are a just user
just

# if not...
BPF_CLANG=clang-14 BPF_CFLAGS="-O2 -g -Wall -Werror" go generate -v ./...
cd ja3 && go build

test

  • you can launch a local https server for test
  • generate a self-signed certificate by checking this stackoverflow
openssl req -x509 -newkey rsa:4096 -sha256 -days 3650 -nodes \
  -keyout example.key -out example.crt -subj "/CN=example.com" \
  -addext "subjectAltName=DNS:example.com,DNS:www.example.net,IP:127.0.0.1"
  • under the same dir, launch a simple python https server
from http.server import HTTPServer, SimpleHTTPRequestHandler
import ssl

port = 4443
httpd = HTTPServer(('0.0.0.0', port), SimpleHTTPRequestHandler)
httpd.socket = ssl.wrap_socket(httpd.socket, keyfile='example.key', certfile="example.crt", server_side=True)

print("Server running on https://0.0.0.0:" + str(port))

httpd.serve_forever()
  • and then send a http request
# here using HTTPie
http --verify=example.crt https://127.0.0.1:4443/