Menu
Home
Forums
New posts
Search forums
What's new
New posts
New media
New media comments
New profile posts
Latest activity
Media
New media
New comments
Search media
Members
Current visitors
New profile posts
Search profile posts
Account Upgrades
Advertise
Marketplace
Money
PerfectMoney
Log in
Register
What's new
Search
Search
Search titles only
By:
New posts
Search forums
Menu
Log in
Register
Home
Forums
Programming & Web Design
Programming
This is the first reason why most proxies get detected (with or without a browser) all details included
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="Tamia Zulauf" data-source="post: 3184" data-attributes="member: 538"><p><span style="font-size: 15px">while most people complain about this issue and think that a browser that leaks proxy this won't be the case in 99% </span></p><p><span style="font-size: 15px"></span></p><p><span style="font-size: 15px">the first reason is a fingerprinting method called JA3 now there is JA4</span></p><p><span style="font-size: 15px"></span></p><p><span style="font-size: 15px">let's stay in JA3 as it is the most used till now so what is it</span></p><p><span style="font-size: 15px">a method located in the "Transport Layer" In the OSI model that fingerprints you based on the following:</span></p><p><span style="font-size: 15px"></span></p><ul> <li data-xf-list-type="ul"><span style="font-size: 15px">headers</span></li> <li data-xf-list-type="ul"><span style="font-size: 15px">UserAgent</span></li> <li data-xf-list-type="ul"><span style="font-size: 15px">cipher suite</span></li> </ul><p><span style="font-size: 15px"></span></p><p><span style="font-size: 15px"><strong>what is cipher suite:</strong></span></p><p><span style="font-size: 15px"></span></p><ul> <li data-xf-list-type="ul"><span style="font-size: 15px"><a href="https://en.wikipedia.org/wiki/Cipher_suite" target="_blank">https://en.wikipedia.org/wiki/Cipher_suite</a></span></li> </ul><p><span style="font-size: 15px"></span></p><p><span style="font-size: 15px"><strong>so this is what happened</strong></span></p><p><span style="font-size: 15px"></span></p><p><span style="font-size: 15px">lets say you send a request claiming that you are Chrome 122 and have proper headers that's great but when it comes to the cipher suite the proxy won't adjust the cipher suite according to your headers and UserAgent</span></p><p><span style="font-size: 15px">most proxies send requests via nodejs or python and simply those clients don't have low-level access to change the cipher suite</span></p><p><span style="font-size: 15px"></span></p><p><span style="font-size: 15px"></span></p><p><span style="font-size: 15px"><strong>you will look like the following example to the end server </strong></span></p><p><span style="font-size: 15px"></span></p><p><span style="font-size: 15px">send a request claiming that you are chrome 122 but when I verify your cipher suite I found that you have nodejs cipher suite so this will look to the server 99% using proxy</span></p><p><span style="font-size: 15px"></span></p><p><span style="font-size: 15px"><strong><u>The solution</u></strong></span></p><p><span style="font-size: 15px">well there is no solution for this as it is related to the proxy provider and not you if the server is checking for JA3 then it knows that you are using a proxy </span></p><p><span style="font-size: 15px"></span></p><p><span style="font-size: 15px">Except you are using your proxy farm then you can make a logic that will adjust the cipher suite according to every userAgent and this is a pain to do </span></p><p><span style="font-size: 15px"></span></p><p><span style="font-size: 15px">another bypass for this is to use only 1 well-known user agent with the exact same header and adjust the cypher suite to this using C/C++ or Golang, this is the solution I am using I adjusted the cipher suite using C but other languages listed above can do the job as well</span></p><p><span style="font-size: 15px"></span></p><p><span style="font-size: 15px">feel free to ask anything regarding this <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite1" alt=":)" title="Smile :)" loading="lazy" data-shortname=":)" /></span></p></blockquote><p></p>
[QUOTE="Tamia Zulauf, post: 3184, member: 538"] [SIZE=4]while most people complain about this issue and think that a browser that leaks proxy this won't be the case in 99% the first reason is a fingerprinting method called JA3 now there is JA4 let's stay in JA3 as it is the most used till now so what is it a method located in the "Transport Layer" In the OSI model that fingerprints you based on the following: [/SIZE] [LIST] [*][SIZE=4]headers[/SIZE] [*][SIZE=4]UserAgent[/SIZE] [*][SIZE=4]cipher suite[/SIZE] [/LIST] [SIZE=4] [B]what is cipher suite:[/B] [/SIZE] [LIST] [*][SIZE=4][URL]https://en.wikipedia.org/wiki/Cipher_suite[/URL][/SIZE] [/LIST] [SIZE=4] [B]so this is what happened[/B] lets say you send a request claiming that you are Chrome 122 and have proper headers that's great but when it comes to the cipher suite the proxy won't adjust the cipher suite according to your headers and UserAgent most proxies send requests via nodejs or python and simply those clients don't have low-level access to change the cipher suite [B]you will look like the following example to the end server [/B] send a request claiming that you are chrome 122 but when I verify your cipher suite I found that you have nodejs cipher suite so this will look to the server 99% using proxy [B][U]The solution[/U][/B] well there is no solution for this as it is related to the proxy provider and not you if the server is checking for JA3 then it knows that you are using a proxy Except you are using your proxy farm then you can make a logic that will adjust the cipher suite according to every userAgent and this is a pain to do another bypass for this is to use only 1 well-known user agent with the exact same header and adjust the cypher suite to this using C/C++ or Golang, this is the solution I am using I adjusted the cipher suite using C but other languages listed above can do the job as well feel free to ask anything regarding this :)[/SIZE] [/QUOTE]
Name
Verification
Post reply
Home
Forums
Programming & Web Design
Programming
This is the first reason why most proxies get detected (with or without a browser) all details included
Top