python、go、node的ja3指纹实现

一.初识

1.什么是ja3相信大家都有所耳闻，这里就不做太多概述，简单来讲就是基于tls/ssl协议的客户端指纹特征识别技术。

2.绕过ja3的四种方法

访问ip指定host绕过waf

代理中转请求(go版本有实现可以去了解下)

更换request工具库

魔改requests

3.tls检测网站

akamai 1.75

akamai2.0

Cloudflare(5秒盾)

这里我们讲解各语言版本的实现，详细了解ja3的可以移步到一下文章。

参考1

参考2

参考3

二.语言实现——(案例猿人学19题)

python

一.pyhttpx

importpyhttpx

sess=pyhttpx.HttpSession()

url=f"https://match.yuanrenxue.com/api/match/19?page=1"

response=sess.get(url,headers=Headers)

二. Pycurl（pycurl是curl的一个python版本）

importpycurl,json

fromioimportBytesIO

ClassgetAll():

def__init__(self):

self.pyc=pycurl.Curl()

self.buffer=BytesIO()

defgetoutPut():

self.pyc.setopt(pycurl.URL,'http://some-url')

#跳过验证

self.pyc.setopt(pycurl.SSL_VERIFYHOST,0)

self.pyc.setopt(pycurl.SSL_VERIFYPEER,0)

self.pyc.setopt(pycurl.POST,1)

self.pyc.setopt(pycurl.WRITEDATA,self.buffer)

self.pyc.setopt(pycurl.HTTPHEADER, ['content-type: application/json','content-type:multipart/form-data'])

data=json.dumps({"name":"abc","path":"def","target":"ghi"})

self.pyc.setopt(pycurl.POSTFIELDS,data)

self.pyc.perform()

self.pyc.close()

print(self.buffer.getvalue().decode('utf-8'))

三.魔改open_ssl

from requests.adapters import HTTPAdapter

from requests.packages.urllib3.util.ssl_ import create_urllib3_context

ORIGIN_CIPHERS=('ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+HIGH:'

'DH+HIGH:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+HIGH:RSA+3DES')

class DESAdapter(HTTPAdapter):

def __init__(self, *args, **kwargs):

"""

A TransportAdapter that re-enables 3DES supportinRequests.

"""

CIPHERS=ORIGIN_CIPHERS.split(':')

random.shuffle(CIPHERS)

CIPHERS=':'.join(CIPHERS)

self.CIPHERS=CIPHERS+':!aNULL:!eNULL:!MD5'

super().__init__(*args, **kwargs)

def init_poolmanager(self, *args, **kwargs):

context=create_urllib3_context(ciphers=self.CIPHERS)

kwargs['ssl_context']=context

return super(DESAdapter, self).init_poolmanager(*args, **kwargs)

def proxy_manager_for(self, *args, **kwargs):

context=create_urllib3_context(ciphers=self.CIPHERS)

kwargs['ssl_context']=context

return super(DESAdapter, self).proxy_manager_for(*args, **kwargs)

import requests

headers={'User-Agent':'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67'}

s=requests.Session()

s.headers.update(headers)

for_inrange(5):

s.mount('https://ja3er.com', DESAdapter())

resp=s.get('https://ja3er.com/json').json()

print(resp)

提示：cycletls是一个针对go和node的ja3实现

项目地址:cycletls

go（cycletls）

1.安装：go get github.com/Danny-Dasilva/CycleTLS/cycletls

2.使用

packagemain

import(

"github.com/Danny-Dasilva/CycleTLS/cycletls"

"log"

)

funcmain() {

client:=cycletls.Init()

response,err:=client.Do("https://match.yuanrenxue.com/api/match/19?page=1",cycletls.Options{

Body:"",

Ja3:"771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49162- 49161-49171-49172-51-57-47-53-10,0-23-65281-10-11-35-16-5-51-43-13-45-28- 21,29-23-24-25-256-257,0",

UserAgent:"Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:87.0) Gecko/20100101 Firefox/87.0",

},"GET")

iferr!=nil{

log.Print("Request Failed: "+err.Error())

}

log.Println(response)

}

node（cycletls）

1.安装：npm install cycletls

2.使用

const initCycleTLS = require('cycletls');

// Typescript: import initCycleTLS from 'cycletls';

(async () => {

// Initiate CycleTLS

const cycleTLS = await initCycleTLS();

// Send request

const response = await cycleTLS('https://match.yuanrenxue.com/api/match/19?page=1', {

body: '',

ja3: '771,4865-4867-4866-49195-49199-52393-52392-49196-49200-49162-49161- 49171-49172-51-57-47-53-10,0-23-65281-10-11-35-16-5-51-43-13-45-28-21,29-23- 24-25-256-257,0',

userAgent: 'Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:87.0) Gecko/20100101 Firefox/87.0',

timeout: 2,

// proxy: 'http://username:password@hostname.com:443'

}, 'get');

console.log(response);

// Cleanly exit CycleTLS

cycleTLS.exit();

})();

效果

三.结语

好了，上面列举的这些ja3指纹工具实现相信能够应付绝大多是情况,兄弟们可以自行测试效果,如果遇到更多的情况，还得详细的分析，去进行魔改测试。