jarm

package module

v0.0.1 Latest Latest Go to latest Published: May 15, 2023 License: BSD-3-Clause Imports: 16 Imported by: 1

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/HarshVaragiya/jarm-go

Links

Open Source Insights

README ¶

jarm-go

Warning: This project is archived and is now read-only. Feel free to fork this as needed.

This is a Go implementation of JARM.

jarmscan

To install jarmscan, download a binary from the releases page or install using go install github.com/hdm/jarm-go/cmd/jarmscan@latest.

To run a scan, provide a list of targets. The following examples are all supported:

jarmscan www.example.com
jarmscan -p 443,8443 192.168.0.1
jarmscan -p 1-1024 https://www.example.com/
jarmscan -p 443,465,993,995,8443,9443 192.168.0.0/24
jarmscan 192.168.0.1:8443
jarmscan 192.168.0.1,443

The -q option can be used to disable verbose output and the -w parameter can be used to increase the worker count.

The -p option allows port lists and port ranges to be specified in a form similar to Nmap.

jarm

To use the jarm-go library from a Go application please review the Fingerprint() function in the cmd/jarmscan/main.go code.

The basic process involves:

Creating a list of probes for a given host and port using GetProbes(). The host is sent as part of the client probe.
Building each individual probe in the order they are returned using BuildProbe().
Opening a connection to the host and port and sending the probe.
Receiving the response (up to 1484 bytes). Receiving more or less can change the hash.
Parsing the Server Hello from the received data using ParseServerHello().
Calculating the JARM hash using RawHashToFuzzyHash().

Documentation ¶

Index ¶

Variables
func AddressesFromCIDR(cidr string, out chan string, quit chan int) error
func AsyncFingerprint(t Target, och chan *Result)
func BuildProbe(details JarmProbeOptions) []byte
func ExtGetALPN(details JarmProbeOptions) []byte
func ExtGetKeyShare(grease bool) []byte
func ExtGetServerName(name string) []byte
func ExtGetSupportedVersions(details JarmProbeOptions, grease bool) []byte
func ExtractCipherBytes(c string) string
func ExtractExtensionInfo(data []byte, offset int, serverHelloLength int) string
func ExtractExtensionType(ext []byte, etypes [][]byte, evals [][]byte) string
func ExtractVersionByte(c string) string
func GetCiphers(details JarmProbeOptions) []byte
func GetExtensions(details JarmProbeOptions) []byte
func GetUint16Bytes(v int) []byte
func IPv42UInt(ips string) (uint32, error)
func MungCiphers(ciphers [][]byte, request string) [][]byte
func ParseServerHello(data []byte, details JarmProbeOptions) (string, error)
func RandomBytes(numbytes int) []byte
func RandomGrease() []byte
func RawHashToFuzzyHash(raw string) string
func UInt2IPv4(ipi uint32) string
type JarmProbeOptions
- func GetProbes(hostname string, port int) []JarmProbeOptions
type Result
- func Fingerprint(t Target) (*Result, error)
type Target

Constants ¶

This section is empty.

Variables ¶

View Source

var DefualtBackoff = func(r, m int) time.Duration {
	return time.Second
}

View Source

var ZeroHash = "00000000000000000000000000000000000000000000000000000000000000"

ZeroHash represents an empty JARM hash

Functions ¶

func AddressesFromCIDR ¶

func AddressesFromCIDR(cidr string, out chan string, quit chan int) error

AddressesFromCIDR parses a CIDR and writes individual IPs to a channel

func AsyncFingerprint ¶

func AsyncFingerprint(t Target, och chan *Result)

Fingerprint probes a single host/port

func BuildProbe ¶

func BuildProbe(details JarmProbeOptions) []byte

BuildProbe creates client hello packet for the probe

func ExtGetALPN ¶

func ExtGetALPN(details JarmProbeOptions) []byte

ExtGetALPN returns an encoded ALPN extension

func ExtGetKeyShare ¶

func ExtGetKeyShare(grease bool) []byte

ExtGetKeyShare returns an encoded KeyShare extension

func ExtGetServerName ¶

func ExtGetServerName(name string) []byte

ExtGetServerName returns an encoded server name extension

func ExtGetSupportedVersions ¶

func ExtGetSupportedVersions(details JarmProbeOptions, grease bool) []byte

ExtGetSupportedVersions returns an encoded SupportedVersions extension

func ExtractCipherBytes ¶

func ExtractCipherBytes(c string) string

ExtractCipherBytes converts a selected cipher to an index of the known cipher list

func ExtractExtensionInfo ¶

func ExtractExtensionInfo(data []byte, offset int, serverHelloLength int) string

ExtractExtensionInfo returns parsed extension information from a server hello response

func ExtractExtensionType ¶

func ExtractExtensionType(ext []byte, etypes [][]byte, evals [][]byte) string

ExtractExtensionType returns the stringified value of a given extension type

func ExtractVersionByte ¶

func ExtractVersionByte(c string) string

ExtractVersionByte returns 1-byte hex string representing the negotiated version

func GetCiphers ¶

func GetCiphers(details JarmProbeOptions) []byte

GetCiphers returns the cipher array for a given probe

func GetExtensions ¶

func GetExtensions(details JarmProbeOptions) []byte

GetExtensions returns the encoded extensions for a given probe

func GetUint16Bytes ¶

func GetUint16Bytes(v int) []byte

GetUint16Bytes returns the 16-bit big endian version of an integer

func IPv42UInt ¶

func IPv42UInt(ips string) (uint32, error)

IPv42UInt converts IPv4 addresses to unsigned integers

func MungCiphers ¶

func MungCiphers(ciphers [][]byte, request string) [][]byte

MungCipher reorders the cipher list based on the probe settings

func ParseServerHello ¶

func ParseServerHello(data []byte, details JarmProbeOptions) (string, error)

ParseServerHello returns the raw fingerprint for a server hello response

func RandomBytes ¶

func RandomBytes(numbytes int) []byte

RandomBytes generates a random byte sequence of the requested length

func RandomGrease ¶

func RandomGrease() []byte

RandomGrease returns a randomly chosen grease value

func RawHashToFuzzyHash ¶

func RawHashToFuzzyHash(raw string) string

RawHashToFuzzyHash converts a raw hash to a JARM hash

func UInt2IPv4 ¶

func UInt2IPv4(ipi uint32) string

UInt2IPv4 converts unsigned integers to IPv4 addresses

Types ¶

type JarmProbeOptions ¶

type JarmProbeOptions struct {
	Hostname       string
	Port           int
	Version        int
	Ciphers        string
	CipherOrder    string
	Grease         string
	ALPN           string
	V13Mode        string
	ExtensionOrder string
}

JarmProbeOptions specifies the parameters for a single probe

func GetProbes ¶

func GetProbes(hostname string, port int) []JarmProbeOptions

GetProbes returns the standard set of JARM probes in the correct order

type Result ¶

type Result struct {
	Target Target
	Hash   string
	Error  error
}

func Fingerprint ¶

func Fingerprint(t Target) (*Result, error)

type Target ¶

type Target struct {
	Host    string
	Port    int
	Retries int
	Backoff func(r, m int) time.Duration
}

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
cmd
jarmscan
tests
fuzz/build_probes
fuzz/fuzzy_hash
fuzz/parse_server_hello

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL