ja3能力改造
Security Classification: 【C-1】 | Publish Time:2024-09-24 | Category:Test Notes | EditOld Version | Diff |
AI Summary: 本文介绍了通过反向代理配置获取JA3指纹信息的解决方案。由于当前使用的Nginx镜像未加JA3补丁,无法直接获取TLS指纹,笔者选择在HK服务器上进行反向代理,将数据迁移至SH服务器,同时调整Nginx配置。HK服务器的Nginx配置使用了SSL和反向代理设置,确保JA3指纹信息能够通过HTTP头部传递到SH服务器。SH服务器则配置了基本的静态资源支持和跨域设置。最终,实现了通过HTTP头部获取JA3指纹信息,增强了安全性,例如可以防止Burp Suite的抓包行为。 --- (From Model:gpt-4o-mini-2024-07-18)
Web3 Info
The ownership of the data in this article is secured by blockchain encryption technology and smart contracts, and is solely owned by the creator.
Comment List