Browse Source

tweak due to IP addresses not coming back on some sites

master
boB Rudis 3 months ago
parent
commit
baf8d395dc
No known key found for this signature in database GPG Key ID: 1D7529BE14E2BBA9
2 changed files with 11 additions and 9 deletions
  1. +3
    -3
      README.md
  2. +8
    -6
      inst/python/jarm.py

+ 3
- 3
README.md View File

@ -91,9 +91,9 @@ sites %>%
## host port ip result jarm
## <chr> <int> <chr> <chr> <chr>
## 1 rud.is 443 172.93.4… 15d2ad16d29d29d00015d2ad15d29dd1… 009e|0303|h2|0000-ff01-0010,c030|0303|h2|0000-ff01-000b-0…
## 2 r-projec… 443 <NA> 07d19d1ad21d21d07c42d43d000000ee… 0033|0303|http/1.1|ff01-0000-0001-0023-0010-0017,00c0|030…
## 3 rstudio.… 443 <NA> 2ad2ad16d2ad2ad00042d42d000000df… c030|0303|h2|ff01-0000-0001-000b-0023-0010-0017,c030|0303…
## 4 apple.com 443 <NA> 29d29d15d29d29d00041d41d000000a5… c02f|0303||ff01-0000-0001-000b-0023-0017,c02f|0303||ff01-
## 2 r-projec… 443 137.208.… 07d19d1ad21d21d07c42d43d000000ee… 0033|0303|http/1.1|ff01-0000-0001-0023-0010-0017,00c0|030…
## 3 rstudio.… 443 104.198.… 2ad2ad16d2ad2ad00042d42d000000df… c030|0303|h2|ff01-0000-0001-000b-0023-0010-0017,c030|0303…
## 4 apple.com 443 17.253.1… 29d29d15d29d29d00041d41d0000004a… c02f|0303|http/1.0|ff01-0000-0001-000b-0023-0010-0017,c02
```
## jarmed Metrics


+ 8
- 6
inst/python/jarm.py View File

@ -232,9 +232,10 @@ def supported_versions(jarm_details, grease):
return ext
#Send the assembled client hello using a socket
def send_packet(destination_host, destination_port, packet):
def send_packet(destination_host, destination_port, packet, timeout = 20):
try:
#Determine if the input is an IP or domain name
raw_ip = False
try:
if (type(ipaddress.ip_address(destination_host)) == ipaddress.IPv4Address) or (type(ipaddress.ip_address(destination_host)) == ipaddress.IPv6Address):
raw_ip = True
@ -245,13 +246,11 @@ def send_packet(destination_host, destination_port, packet):
#Connect the socket
if ":" in destination_host:
sock = socket.socket(socket.AF_INET6, socket.SOCK_STREAM)
#Timeout of 20 seconds
sock.settimeout(20)
sock.settimeout(timeout)
sock.connect((destination_host, destination_port, 0, 0))
else:
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
#Timeout of 20 seconds
sock.settimeout(20)
sock.settimeout(timeout)
sock.connect((destination_host, destination_port))
#Resolve IP if given a domain name
if raw_ip == False:
@ -436,9 +435,11 @@ def jarm_query(destination_host, destination_port):
jarm = ""
#Assemble, send, and decipher each packet
iterate = 0
ips = []
while iterate < len(queue):
payload = packet_building(queue[iterate])
server_hello, ip = send_packet(destination_host, destination_port, payload)
ips.append(ip)
#Deal with timeout error
if server_hello == "TIMEOUT":
jarm = "|||,|||,|||,|||,|||,|||,|||,|||,|||,|||"
@ -452,5 +453,6 @@ def jarm_query(destination_host, destination_port):
jarm += ","
#Fuzzy hash
result = jarm_hash(jarm)
ips = [ ip for ip in list(set(ips)) if ip ]
return({ "host" : destination_host, "port" : destination_port, "ip": ip, "result" : result, "jarm" : jarm })
return({ "host" : destination_host, "port" : destination_port, "ip": ips, "result" : result, "jarm" : jarm })

Loading…
Cancel
Save