Java方式获取ja3指纹,请参考《Java获取SSL/TLS指纹(JA3)》文章。
1.安装依赖
yum -y install patch git pcre-devel zlib zlib-devel gcc gcc-c++ autoconf automake
2.下载nginx-ssl-ja3模块代码
git clone https://github.com/fooinha/nginx-ssl-ja3.git
# 国内镜像
git clone https://gitee.com/pengjianbo/nginx-ssl-ja3.git
3.下载openssl并加入补丁包进行编译
git clone https://github.com/openssl/openssl.git
# 国内镜像
git clone https://gitee.com/mirrors/openssl.git
cd openssl
git checkout OpenSSL_1_1_1 -b patched
cp ../nginx-ssl-ja3/patches/openssl.extensions.patch .
patch -p1 < openssl.extensions.patch
./config
make && make install
4.下载nginx源码
wget http://nginx.org/download/nginx-1.17.1.tar.gz
5.编译nginx和ja3模块
tar -zxvf nginx-1.17.1.tar.gz
cd nginx-1.17.1
# 拷贝ja3补丁程序
cp ../nginx-ssl-ja3/patches/nginx.latest.patch .
# 合并补丁程序
patch -p1 < nginx.latest.patch
# 将nginx.cnf配置文件覆盖原先配置文件(这步只是可根据实际情况是否执行,主要就两个变量:$http_ssl_ja3和$http_ssl_ja3_hash)
cp ../nginx-ssl-ja3/docker/debian-nginx-ssl-ja3/nginx.conf conf/nginx.conf
# 编译前配置
./configure --add-module=/root/soft/nginx-ssl-ja3 --with-http_ssl_module --with-stream_ssl_module --with-debug --with-stream --with-http_stub_status_module --with-http_v2_module --with-http_gzip_static_module --with-http_sub_module
# 编译与安装
make && make install
# 创建日志目录
mkdir /usr/local/nginx/logs
6.配置和启动nginx
server {
listen 443 ssl;
server_name www.bbmax.cc;
# 配置证书
ssl_certificate 6072302_www.bbmax.cc.pem;
ssl_certificate_key 6072302_www.bbmax.cc.key;
# 将ja3信息设置到请求头header中
proxy_set_header ja3 $http_ssl_ja3;
proxy_set_header ja3_hash $http_ssl_ja3_hash;
# 将ja3信息返回给响应header中
#add_header ja3 $http_ssl_ja3;
#add_header ja3_hash $http_ssl_ja3_hash;
# 访问时直接返回ja3信息
#return 200 "$http_ssl_ja3\n\n$http_ssl_ja3_hash\n";
}
启动nginx
./nginx
7.测试
浏览器测试:https://www.bbmax.cc
命令行测试:
openssl s_client -connect 127.0.0.1:12345 -cipher "AES128-SHA" -curves secp521r1
问题
1.更新openssl后执行openssl version
提示报错:openssl: error while loading shared libraries: libssl.so.1.1: cannot open shared object file: No such file or directory
cp /usr/lib64/libssl.so ~/bak/
ln -s /usr/local/lib64/libssl.so /usr/lib64/
ln -s /usr/local/lib64/libssl.so.1.1 /usr/lib64/
ln -s /usr/local/lib64/libcrypto.so /usr/lib64/
ln -s /usr/local/lib64/libcrypto.so.1.1 /usr/lib64/
2.编译报错
ngx_ssl_ja3.c: In function ‘ngx_ssl_ja3_detail_print’:
ngx_ssl_ja3.c:137: error: ‘for’ loop initial declarations are only allowed in C99 mode
ngx_ssl_ja3.c:137: note: use option -std=c99 or -std=gnu99 to compile your code
这是因为在gcc中直接在for循环中初始化了增量,修改代码将要for()循环内部定义的变量放到外部去定义
3 条评论
受用~~~~~~~
按文章步骤已搞定,哈哈哈哈OωO
谢谢分享