首页 > 其他分享 >一套最全的突破tls/ja3指纹的方案

一套最全的突破tls/ja3指纹的方案

时间:2023-06-13 15:56:54浏览次数:46  
标签:tls 最全 CIPHERS ja3 https requests com

访问这个网站可以查看自己ja3信息   https://tls.browserleaks.com/json

方法一

pip install curl_cffi   # https://github.com/yifeikong/curl_cffi
from curl_cffi import requests

# 注意 impersonate 这个参数
r = requests.get("https://tls.browserleaks.com/json", impersonate="chrome101")

print(r.json())
# output: {'ja3_hash': '53ff64ddf993ca882b70e1c82af5da49'
# 指纹和目标浏览器一致

# 支持使用代理
proxies = {"https": "http://localhost:3128"}
r = requests.get("https://tls.browserleaks.com/json", impersonate="chrome101", proxies=proxies)





from curl_cffi import Curl, CurlOpt
from io import BytesIO

buffer = BytesIO()
c = Curl()
c.setopt(CurlOpt.URL, b'https://tls.browserleaks.com/json')
c.setopt(CurlOpt.WRITEDATA, buffer)

c.impersonate("chrome101")

c.perform()
c.close()
body = buffer.getvalue()
print(body.decode())  # 查看当前请求的ja3信息

方法二

pip install tls-client   # https://github.com/FlorianREGAZ/Python-Tls-Client
import tls_client

# You can also use the following as `client_identifier`:
# Chrome --> chrome_103, chrome_104, chrome_105, chrome_106, chrome_107, chrome_108, chrome109, Chrome110,
#            chrome111, chrome112
# Firefox --> firefox_102, firefox_104, firefox108, Firefox110
# Opera --> opera_89, opera_90
# Safari --> safari_15_3, safari_15_6_1, safari_16_0
# iOS --> safari_ios_15_5, safari_ios_15_6, safari_ios_16_0
# iPadOS --> safari_ios_15_6
# Android --> okhttp4_android_7, okhttp4_android_8, okhttp4_android_9, okhttp4_android_10, okhttp4_android_11,
#             okhttp4_android_12, okhttp4_android_13

session = tls_client.Session(
    client_identifier="chrome112",
    random_tls_extension_order=True
)

res = session.get(
    "https://www.example.com/",
    headers={
        "key1": "value1",
    },
    proxy="http://user:password@host:port"
)

方法三

pip install pyhttpx  # https://github.com/zero3301/pyhttpx
import pyhttpx

sess = pyhttpx.HttpSession()
r = sess.get('https://httpbin.org/get', headers={'User-Agent': '3301'}, cookies={'k': '3301'})
r = sess.post('https://httpbin.org/get',data={})
proxies = {'https': 'http://username:password@host:port'}
r = sess.post('https://httpbin.org/get',proxies=proxies)
print(r.status_code)
print(r.request.raw)

方法四

镜像有点大,不过有完整的编译环境

docker pull geekbyte1/pyantitls:v1.0

docker run -it -d geekbyte1/pyantitls:v1.0

方法五

Q佬的Dockerfile版

https://mp.weixin.qq.com/s/UZlLuzlQZrI7w82HI7zGuw

方法六

https://github.com/synodriver/pycurl/blob/master/special.markdown https://github.com/synodriver/pycurl/blob/master/special.markdown

2.git clone https://github.com/ycq0125/pycurl.git

3.cd pycurl搞定。可以把./pycurl/requests_curl 整个移动到site-package目录下,就可以全局使用了

方法七

https://pypi.org/project/requests-curl-antitls/ 内有详细步骤

另外下面这个是vmwear的镜像,已经编译好的环境,可以自己拿来玩玩

链接:https://pan.baidu.com/s/1_R02JKqvmA8Km4QNAKYfYg

提取码:curl

 方法八  使用 requests 请求网站的时候,修改 JA3指纹

import random

from requests.adapters import HTTPAdapter
from requests.packages.urllib3.util.ssl_ import create_urllib3_context

ORIGIN_CIPHERS = ('ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+HIGH:'
                  'DH+HIGH:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+HIGH:RSA+3DES')


class DESAdapter(HTTPAdapter):
    def __init__(self, *args, **kwargs):
        """
        A TransportAdapter that re-enables 3DES support in Requests.
        """
        CIPHERS = ORIGIN_CIPHERS.split(':')
        random.shuffle(CIPHERS)
        CIPHERS = ':'.join(CIPHERS)
        self.CIPHERS = CIPHERS + ':!aNULL:!eNULL:!MD5'
        super().__init__(*args, **kwargs)

    def init_poolmanager(self, *args, **kwargs):
        context = create_urllib3_context(ciphers=self.CIPHERS)
        kwargs['ssl_context'] = context
        return super(DESAdapter, self).init_poolmanager(*args, **kwargs)

    def proxy_manager_for(self, *args, **kwargs):
        context = create_urllib3_context(ciphers=self.CIPHERS)
        kwargs['ssl_context'] = context
        return super(DESAdapter, self).proxy_manager_for(*args, **kwargs)


import requests
headers = {'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67'}
s = requests.Session()
s.headers.update(headers)

for _ in range(5):
    s.mount('https://tls.browserleaks.com', DESAdapter())
    resp = s.get('https://tls.browserleaks.com/json').json()
    print(resp)  # ja3指纹一直在变

  

二:tls相关原理可以看这篇文章

python完美突破tls/ja3 # https://mp.weixin.qq.com/s/GU2AgushvIEtLHtYR7BQzg
为什么随机 IP、随机 UA 也逃不掉被反爬虫的命运 # https://mp.weixin.qq.com/s/Qx7PjnBgrTR30oCurU6CGw
Python 如何突破反爬虫指纹 JA3 # https://mp.weixin.qq.com/s/7VJHCl2ht4pjkgIdcOKc5w
JS逆向之猿人学第十九题突破ja3指纹验证 # https://mp.weixin.qq.com/s?__biz=MzU0MjUwMTA2OQ==&mid=2247484137&idx=1&sn=ccfa46a45a09e7fde284dfba281fd719&chksm=fb18f34bcc6f7a5d49ee3050887aa909708ede268cb5046bcd80d43ffdc7c9f948d428c65ec4&scene=21#wechat_redirect
深度剖析ja3指纹及突破 # https://mp.weixin.qq.com/s?__biz=MzU0MjUwMTA2OQ==&mid=2247484649&idx=1&sn=42eb5319db1ca830ca81d75218e4c0e4&chksm=fb18f54bcc6f7c5de60395d03650aa7c6a30e37407989c604c31ffa1076d071a32afcb0556c4&scene=21#wechat_redirect
ja3指纹补充说明 # https://mp.weixin.qq.com/s?__biz=MzU0MjUwMTA2OQ==&mid=2247484522&idx=1&sn=1d47898130e689413c40fecc4b0a2b39&chksm=fb18f5c8cc6f7cde416ae1c5f93555b66be6bfdc01b9d715b2b4c5662900c95f39a1036312ea&scene=21#wechat_redirect

标签:tls,最全,CIPHERS,ja3,https,requests,com
From: https://www.cnblogs.com/yoyo1216/p/17477760.html

相关文章

  • 解决:pip is configured with locations that require TLS/SSL
     在使用pip进行软件包安装的时候出现问题:WARNING:pipisconfiguredwithlocationsthatrequireTLS/SSL,howeverthesslmoduleinPythonisnotavailable.解决:mkdir-p~/.pipvim~/.pip/pip.conf 然后输入内容:[global]index-url=http://mirrors.aliyun.......
  • Mybatis-Plus必会知识点(精美最全)
    1首先说下引入pom里面添加:<!--mybatis-plus--><dependency><groupId>com.baomidou</groupId><artifactId>mybatis-plus-boot-starter</artifactId><version>3.3.1</version></de......
  • SpringCloud必会知识点最全(精美版)
    为什么要学习SpringCloud在项目开发中随着业务越来越多,导致功能之间耦合性高、开发效率低、系统运行缓慢难以维护、不稳定。微服务架构可以解决这些问题,而SpringCloud是微服务架构最流行的实现.1.微服务微服务架构是使用一套小服务来开发单个应用的方式或途径,每个服务基于单一业......
  • Linux最常用命令(最全)精美
    By CaesarChang张旭       ~关注我 带你看更多精品技术和面试必备想要进修一下基础的可以加群    号码 1153132260 1  touch文件名:创建文件可以一次创建多个文件,以空格隔开        touchab2rm:删除文件或者文件夹-r:递归删......
  • Nginx漏洞修复:SSL/TLS 服务器瞬时 Diffie-Hellman 公共密钥过弱
    SSL/TLS服务器瞬时Diffie-Hellman公共密钥过弱【原理扫描】。需编辑nginx.conf解决。1、生成dhparams.pem。cd/usr/local/nginx/confopenssldhparam-outdhparams.pem2048chmod-R755dhparams.pem2、编辑nging.conf文件,添加ssl_dhparam{pathto......
  • nginx开启更为安全的tls1.3
    随着互联网安全越来越受到重视,越来越多的网站选择启用https来保证数据的加密传输,TLS1.2发布于2008年8月,至今正好有10年,所以新协议TLS1.3呼之欲出。Googlechrome在最近的版本更新中也开始逐步对TLS1.3进行支持,TLS1.3对于TLS1.2有重大改写,提高了安全性并且提高了速度,所以升级还是很......
  • wireshark 导出tls ssl证书
    wireshark导出证书心逝夜空 2019-03-1117:54:05  2592  收藏 3作者使用版本: Version2.2.1(v2.2.1-0-ga6fbd27frommaster-2.2)1.过滤证书  根据ssl协议来过滤需要的信息2. 选择有Certificate的那一行3.展开,记住不要双击打开,新窗口是无法使用右键的,展开后的样......
  • 码住!CRMEB 618最全省钱攻略,高能宠粉时刻来啦!
    当~当~当~当~......
  • satlstack常用命令
    查看解压和压缩命令支持的格式和命令[root@host106salt]#salt'*'sys.list_functionsarchivehost104:-archive.cmd_unzip-archive.cmd_zip-archive.gunzip-archive.gzip-archive.is_encrypted-archive.list-archive.rar-a......
  • tls 流量画像——直接使用图像处理的思路探索,待进一步观察
    代码,示意了一个tls的数据内容:importnumpyasnpimportmatplotlib.pyplotaspyplot#!!!Ifontheserver,usefollowing,commentshowandyoucanjustsavefigure!!!#pyplot.switch_backend('agg')a=np.array([1,2,3,4,5,6,7,8,9,10,11,12])b......