-
-
[原创]Client Hello解析和代理检测
-
发表于: 1天前
-
1e1K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6%4N6%4N6Q4x3X3g2^5j5$3y4@1L8s2y4Q4x3X3g2@1L8%4m8Q4x3V1j5`.
ce3K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6%4N6%4N6Q4x3X3g2^5j5$3y4@1L8s2y4Q4x3X3g2@1L8%4m8Q4x3V1k6S2L8r3H3`. 展示Client Hello包的解析内容,以及请求头。
accK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6%4N6%4N6Q4x3X3g2^5j5$3y4@1L8s2y4Q4x3X3g2@1L8%4m8Q4x3V1k6$3k6i4u0A6k6Y4W2Q4x3@1b7I4
789K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6%4N6%4N6Q4x3X3g2^5j5$3y4@1L8s2y4Q4x3X3g2@1L8%4m8Q4x3V1j5`.verify=2
c8eK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6%4N6%4N6Q4x3X3g2^5j5$3y4@1L8s2y4Q4x3X3g2@1L8%4m8Q4x3V1j5`.verify=3
这三个就是基于ja3和headers做的一些检测,这也是反爬的常用手段了。
前两个比较简单,第三个应该还算有些难度,现在还没有大量运用,但是已经存在与Client Hello的扩展之中了。就是扩展65037———加密的Client Hello。451K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6@1L8s2y4Q4x3X3g2T1M7X3!0%4M7$3g2J5L8r3g2S2K9%4y4Q4x3X3g2U0L8$3#2Q4x3V1k6Q4c8e0S2Q4b7V1k6Q4z5e0W2Q4c8e0c8Q4b7U0S2Q4b7f1q4Q4c8e0c8Q4b7U0W2Q4z5f1k6Q4c8e0k6Q4z5e0S2Q4b7f1k6Q4c8e0k6Q4z5e0c8Q4b7f1k6Q4c8e0k6Q4z5p5y4Q4z5o6q4q4b7@1S2Q4c8e0N6Q4z5f1q4Q4z5o6c8Q4c8f1k6Q4b7V1y4Q4z5p5y4Q4c8e0g2Q4b7f1g2Q4b7e0u0Q4c8e0k6Q4z5o6S2Q4b7U0N6Q4c8e0N6Q4b7f1u0Q4b7f1k6Q4c8e0N6Q4z5f1q4Q4z5o6c8Q4c8e0S2Q4b7f1k6Q4z5f1c8Q4c8f1k6Q4b7V1y4Q4z5p5y4U0K9s2u0G2L8h3g2Q4c8e0y4Q4z5o6m8Q4z5o6q4W2k6r3N6W2i4@1f1K6i4K6R3H3i4K6R3I4i4@1f1%4i4K6R3I4i4@1q4n7i4@1f1%4i4K6S2n7i4K6V1H3i4@1f1$3i4K6V1^5i4@1q4r3i4@1f1$3i4K6V1@1i4@1q4r3i4@1f1$3i4K6S2o6i4K6R3I4i4@1f1^5i4@1u0r3i4K6V1&6i4@1f1@1i4@1t1^5i4@1q4m8i4@1f1#2i4K6S2m8i4K6W2r3i4@1f1^5i4K6R3K6i4@1u0p5i4@1f1%4i4K6W2m8i4K6R3@1i4@1g2r3i4@1u0o6i4K6S2o6i4@1f1$3i4K6R3K6i4@1t1K6i4@1f1^5i4@1p5$3i4K6R3I4i4@1f1$3i4@1t1#2i4K6S2n7i4@1f1^5i4@1q4r3i4K6V1#2i4@1f1$3i4K6R3^5i4K6V1H3i4@1f1#2i4K6S2m8i4K6W2r3i4@1g2r3i4@1u0o6i4K6S2o6i4@1f1#2i4@1t1H3i4@1u0p5i4@1f1&6i4K6R3%4i4K6S2r3i4@1f1&6i4K6R3H3i4K6R3&6i4@1f1^5i4@1u0r3i4K6V1&6i4@1f1@1i4@1u0m8i4K6W2n7i4@1f1$3i4@1t1#2i4K6S2r3i4@1f1^5i4@1p5%4i4K6R3^5i4@1f1#2i4K6V1&6i4@1p5^5i4@1f1K6i4K6R3H3i4K6R3J5i4@1f1$3i4K6R3&6i4K6R3H3i4@1f1@1i4@1u0n7i4@1p5#2i4@1g2r3i4@1u0o6i4K6S2o6i4@1f1@1i4@1u0p5i4@1p5H3i4@1f1%4i4K6W2m8i4K6R3@1i4@1f1^5i4@1q4r3i4@1t1%4i4@1f1$3i4@1t1I4i4K6R3J5i4@1f1#2i4@1u0m8i4K6V1K6i4@1f1$3i4K6R3^5i4K6V1$3i4@1f1^5i4K6R3H3i4K6R3#2i4@1f1#2i4@1q4q4i4@1p5J5i4@1f1$3i4K6R3^5i4@1t1%4i4@1f1%4i4@1q4n7i4@1q4r3i4@1f1$3i4K6V1@1i4@1q4r3i4@1f1$3i4K6S2o6i4K6R3I4i4@1f1^5i4@1u0r3i4K6V1&6i4@1f1@1i4@1t1^5i4@1q4m8i4@1f1#2i4K6S2m8i4K6W2r3i4@1f1^5i4K6R3K6i4@1u0p5i4@1f1#2i4K6V1H3i4K6V1%4i4@1g2r3i4@1u0o6i4K6W2r3i4K6t1^5i4K6u0m8i4@1g2r3i4@1u0r3i4@1p5K6x3q4!0q4c8W2!0n7c8W2!0m8x3#2)9J5z5b7`.`.
接下来就是题目中提到的代理检测了,这个功能好像和前面的差距有点大,但没办法,它太强了,我必须加上它。因为它可以不用建立黑白名单、不查信誉分、不进行行为分析,直接就能认出你到底是小红帽,还是奥特曼。检测地址是672K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6%4N6%4N6Q4x3X3g2^5j5$3y4@1L8s2y4Q4x3X3g2@1L8%4m8Q4x3V1j5`.verify=4,大家可以去看看你的代理能得多少分。
检测原理大家可以去看这篇文章: 你用了VPN和代理?服务器量一下延迟就知道了,不侵犯隐私还能抓到92%
chrome浏览器ECH结果
挂上代理请求,看看能得多少分?
[培训]《冰与火的战歌:Windows内核攻防实战》!从零到实战,融合AI与Windows内核攻防全技术栈,打造具备自动化能力的内核开发高手。
|
|
|---|---|
