I'm building an app that need to do some "light" server-side fingerprinting in order to track unique visitors on my website.
For many known reasons, HTTP headers are not sufficient to do so (ip, accept-language, accept-encoding, user-agent...).
I've recently heard of JA3 and JA3S (a method, originated at Salesforce, for profiling SSL/TLS Clients). It seems to fit my need but:
- Surprisingly no NPM library seems to exist for generating JA3/JA3S.
Have you heard of one? - Because there is no lib, I could try to write my own.
It seems "trivial" to generate J3A.
JA3 gathers the decimal values of the bytes for the following fields in the Client Hello packet; SSL Version, Accepted Ciphers, List of Extensions, Elliptic Curves, and Elliptic Curve Formats. It then concatenates those values together in order, using a "," to delimit each field and a "-" to delimit each value in each field.
However, I have no idea how to console.log() these data/this Hello packet from a NodeJS server app. Do I have to spawn a Python lib or whatever?
(I'm a network/TLS/SSL newbie)
Do you have any clue to help me make progress?