一、查看TLS指纹的网站
二、网站防御方式及应对
-
非法指纹黑名单
-
应对策略:修改默认指纹(修改TLS hello包的值)
-
httpx示例:
import ssl import random import httpx # create an ssl context ssl_context = ssl.SSLContext(protocol=ssl.PROTOCOL_TLS) # create random CIPHERS CIPHERS = ":".join(random.sample( ["ECDHE+AESGCM", "ECDHE+CHACHA20", "DHE+AESGCM", "DHE+CHACHA20", "ECDH+AESGCM", "DH+AESGCM", "ECDH+AES", "DH+AES", "RSA+AESGCM", "RSA+AES", "!aNULL", "!eNULL", "!MD5", "!DSS"], random.randint(5, 10))) # CIPHERS = 'ECDH+AESGCM:ECDH+CHACHA20:DH+AESGCM:DH+CHACHA20:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+HIGH:DH+HIGH:RSA+AESGCM:RSA+AES:RSA+HIGH' ssl_context.set_ciphers(CIPHERS) r = httpx.get('https://tls.browserleaks.com/json', verify=ssl_context) print(r.json())
-
-
合法指纹白名单
-
应对策略:使用curl_cffi库模拟浏览器
-
curl_cffi库
- 安装
pip install curl_cffi
- 仓库地址:https://github.com/yifeikong/curl_cffi
- 使用
from curl_cffi import requests # 注意这个 impersonate 参数,指定了模拟哪个浏览器 r = requests.get("https://tls.browserleaks.com/json", impersonate="chrome101") print(r.json()) - 目前支持模拟的浏览器版本:["edge99", "edge101", "chrome99", "chrome100", "chrome101", "chrome104", "chrome107", "chrome110", "chrome99_android", "safari15_3", "safari15_5"]
- 支持代理(同requests)
from curl_cffi import requests # 使用代理 proxies={"http": "http://ip:port", "https": "http://ip:port"} r = requests.get("https://tls.browserleaks.com/json", impersonate="chrome101", proxies = proxies) print(r.json())
- 安装
-
参考来源:https://yifei.me/note/2719
标签:TLS,DH,AESGCM,ECDH,JA3,指纹,ssl,json,https From: https://www.cnblogs.com/eliwang/p/17334290.html