Tamia Zulauf
New member
- Joined
- Apr 22, 2024
- Messages
- 4
- Points
- 0
while most people complain about this issue and think that a browser that leaks proxy this won't be the case in 99%
the first reason is a fingerprinting method called JA3 now there is JA4
let's stay in JA3 as it is the most used till now so what is it
a method located in the "Transport Layer" In the OSI model that fingerprints you based on the following:
what is cipher suite:
so this is what happened
lets say you send a request claiming that you are Chrome 122 and have proper headers that's great but when it comes to the cipher suite the proxy won't adjust the cipher suite according to your headers and UserAgent
most proxies send requests via nodejs or python and simply those clients don't have low-level access to change the cipher suite
you will look like the following example to the end server
send a request claiming that you are chrome 122 but when I verify your cipher suite I found that you have nodejs cipher suite so this will look to the server 99% using proxy
The solution
well there is no solution for this as it is related to the proxy provider and not you if the server is checking for JA3 then it knows that you are using a proxy
Except you are using your proxy farm then you can make a logic that will adjust the cipher suite according to every userAgent and this is a pain to do
another bypass for this is to use only 1 well-known user agent with the exact same header and adjust the cypher suite to this using C/C++ or Golang, this is the solution I am using I adjusted the cipher suite using C but other languages listed above can do the job as well
feel free to ask anything regarding this
the first reason is a fingerprinting method called JA3 now there is JA4
let's stay in JA3 as it is the most used till now so what is it
a method located in the "Transport Layer" In the OSI model that fingerprints you based on the following:
- headers
- UserAgent
- cipher suite
what is cipher suite:
so this is what happened
lets say you send a request claiming that you are Chrome 122 and have proper headers that's great but when it comes to the cipher suite the proxy won't adjust the cipher suite according to your headers and UserAgent
most proxies send requests via nodejs or python and simply those clients don't have low-level access to change the cipher suite
you will look like the following example to the end server
send a request claiming that you are chrome 122 but when I verify your cipher suite I found that you have nodejs cipher suite so this will look to the server 99% using proxy
The solution
well there is no solution for this as it is related to the proxy provider and not you if the server is checking for JA3 then it knows that you are using a proxy
Except you are using your proxy farm then you can make a logic that will adjust the cipher suite according to every userAgent and this is a pain to do
another bypass for this is to use only 1 well-known user agent with the exact same header and adjust the cypher suite to this using C/C++ or Golang, this is the solution I am using I adjusted the cipher suite using C but other languages listed above can do the job as well
feel free to ask anything regarding this
