Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] Unsound hack in JA4 c-part #16

Open
XOR-op opened this issue Dec 7, 2023 · 0 comments
Open

[Bug] Unsound hack in JA4 c-part #16

XOR-op opened this issue Dec 7, 2023 · 0 comments

Comments

@XOR-op
Copy link

XOR-op commented Dec 7, 2023

TrackMe/ja4.go

Lines 82 to 85 in d9579a8

// VERY dirty hack: append padding, because it gets filtered out for JA3
// but we want it here. _SHOULD_ be included in ever TLS clienthello, so
// _shouldnt_ cause any issues.
extensions = append(extensions, "21")
is under an unsound assumption that every TLS clienthello will include a padding extension. I don't see any standard that requires padding extension as a mandatory component. In fact, some implementations, e.g. curl on my machine, do NOT have padding in the extensions.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@XOR-op