jarm

package module
v0.0.6 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 28, 2021 License: BSD-3-Clause Imports: 10 Imported by: 0

README

jarm-go

This is a Go implementation of JARM.

jarmscan

To install jarmscan, download a binary from the releases page or install using go get -u -v github.com/RumbleDiscovery/jarm-go/cmd/jarmscan.

To run a scan, provide a list of targets. The following examples are all supported:

  • jarmscan www.rumble.run
  • jarmscan -p 443,8443 192.168.0.1
  • jarmscan -p 1-1024 https://www.example.com/
  • jarmscan -p 443,465,993,995,8443,9443 192.168.0.0/24
  • jarmscan 192.168.0.1:8443
  • jarmscan 192.168.0.1,443

The -q option can be used to disable verbose output and the -w parameter can be used to increase the worker count.

The -p option allows port lists and port ranges to be specified in a form similar to Nmap.

jarm

To use the jarm-go library from a Go application please review the Fingerprint() function in the cmd/jarmscan/main.go code.

The basic process involves:

  • Creating a list of probes for a given host and port using GetProbes(). The host is sent as part of the client probe.
  • Building each individual probe in the order they are returned using BuildProbe().
  • Opening a connection to the host and port and sending the probe.
  • Receiving the response (up to 1484 bytes). Receiving more or less can change the hash.
  • Parsing the Server Hello from the received data using ParseServerHello().
  • Calculating the JARM hash using RawHashToFuzzyHash().

Documentation

Overview

+build gofuzz

Index

Constants

This section is empty.

Variables

View Source 
var ZeroHash = "00000000000000000000000000000000000000000000000000000000000000"

ZeroHash represents an empty JARM hash

Functions

func BuildProbe 

func BuildProbe(details JarmProbeOptions) []byte

BuildProbe creates client hello packet for the probe

func ExtGetALPN 

func ExtGetALPN(details JarmProbeOptions) []byte

ExtGetALPN returns an encoded ALPN extension

func ExtGetKeyShare 

func ExtGetKeyShare(grease bool) []byte

ExtGetKeyShare returns an encoded KeyShare extension

func ExtGetServerName 

func ExtGetServerName(name string) []byte

ExtGetServerName returns an encoded server name extension

func ExtGetSupportedVersions 

func ExtGetSupportedVersions(details JarmProbeOptions, grease bool) []byte

ExtGetSupportedVersions returns an encoded SupportedVersions extension

func ExtractCipherBytes 

func ExtractCipherBytes(c string) string

ExtractCipherBytes converts a selected cipher to an index of the known cipher list

func ExtractExtensionInfo 

func ExtractExtensionInfo(data []byte, offset int, serverHelloLength int) string

ExtractExtensionInfo returns parsed extension information from a server hello response

func ExtractExtensionType 

func ExtractExtensionType(ext []byte, etypes [][]byte, evals [][]byte) string

ExtractExtensionType returns the stringified value of a given extension type

func ExtractVersionByte 

func ExtractVersionByte(c string) string

ExtractVersionByte returns 1-byte hex string representing the negotiated version

func Fuzz added in v0.0.6 

func Fuzz(data []byte) int

func GetCiphers 

func GetCiphers(details JarmProbeOptions) []byte

GetCiphers returns the cipher array for a given probe

func GetExtensions 

func GetExtensions(details JarmProbeOptions) []byte

GetExtensions returns the encoded extensions for a given probe

func GetUint16Bytes 

func GetUint16Bytes(v int) []byte

GetUint16Bytes returns the 16-bit big endian version of an integer

func MungCiphers 

func MungCiphers(ciphers [][]byte, request string) [][]byte

MungCipher reorders the cipher list based on the probe settings

func ParseServerHello 

func ParseServerHello(data []byte, details JarmProbeOptions) (string, error)

ParseServerHello returns the raw fingerprint for a server hello response

func RandomBytes 

func RandomBytes(numbytes int) []byte

RandomBytes generates a random byte sequence of the requested length

func RandomGrease 

func RandomGrease() []byte

RandomGrease returns a randomly chosen grease value

func RawHashToFuzzyHash 

func RawHashToFuzzyHash(raw string) string

RawHashToFuzzyHash converts a raw hash to a JARM hash

Types

type JarmProbeOptions 

type JarmProbeOptions struct {
	Hostname       string
	Port           int
	Version        int
	Ciphers        string
	CipherOrder    string
	Grease         string
	ALPN           string
	V13Mode        string
	ExtensionOrder string
}

JarmProbeOptions specifies the parameters for a single probe

func GetProbes 

func GetProbes(hostname string, port int) []JarmProbeOptions

GetProbes returns the standard set of JARM probes in the correct order

Source Files

View all Source files

Directories

Path Synopsis
cmd
jarmscan
tests
fuzz/build_probes
fuzz/fuzzy_hash
fuzz/parse_server_hello

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.