Categorygithub.com/syncall/jarm-go
modulepackage
0.0.8
Repository: https://github.com/syncall/jarm-go.git
Documentation: pkg.go.dev
Overview
Versions
1
Dependencies
13
Dependents
1
Files
569 SLOC

# README

jarm-go

This is a Go implementation of JARM.

jarmscan

To install jarmscan, download a binary from the releases page or install using go get -u -v github.com/RumbleDiscovery/jarm-go/cmd/jarmscan.

To run a scan, provide a list of targets. The following examples are all supported:

  • jarmscan www.rumble.run
  • jarmscan -p 443,8443 192.168.0.1
  • jarmscan -p 1-1024 https://www.example.com/
  • jarmscan -p 443,465,993,995,8443,9443 192.168.0.0/24
  • jarmscan 192.168.0.1:8443
  • jarmscan 192.168.0.1,443

The -q option can be used to disable verbose output and the -w parameter can be used to increase the worker count.

The -p option allows port lists and port ranges to be specified in a form similar to Nmap.

jarm

To use the jarm-go library from a Go application please review the Fingerprint() function in the cmd/jarmscan/main.go code.

The basic process involves:

  • Creating a list of probes for a given host and port using GetProbes(). The host is sent as part of the client probe.
  • Building each individual probe in the order they are returned using BuildProbe().
  • Opening a connection to the host and port and sending the probe.
  • Receiving the response (up to 1484 bytes). Receiving more or less can change the hash.
  • Parsing the Server Hello from the received data using ParseServerHello().
  • Calculating the JARM hash using RawHashToFuzzyHash().

# Packages

No description provided by the author
No description provided by the author

# Functions

BuildProbe creates client hello packet for the probe.
ExtGetALPN returns an encoded ALPN extension.
ExtGetKeyShare returns an encoded KeyShare extension.
ExtGetServerName returns an encoded server name extension.
ExtGetSupportedVersions returns an encoded SupportedVersions extension.
ExtractCipherBytes converts a selected cipher to an index of the known cipher list.
ExtractExtensionInfo returns parsed extension information from a server hello response.
ExtractExtensionType returns the stringified value of a given extension type.
ExtractVersionByte returns 1-byte hex string representing the negotiated version.
Fingerprint probes a single host/port.
GetCiphers returns the cipher array for a given probe.
GetExtensions returns the encoded extensions for a given probe.
GetProbes returns the standard set of JARM probes in the correct order.
GetUint16Bytes returns the 16-bit big endian version of an integer.
MungCipher reorders the cipher list based on the probe settings.
ParseServerHello returns the raw fingerprint for a server hello response.
RandomBytes generates a random byte sequence of the requested length.
RandomGrease returns a randomly chosen grease value.
RawHashToFuzzyHash converts a raw hash to a JARM hash.

# Variables

No description provided by the author
ZeroHash represents an empty JARM hash.

# Structs

JarmProbeOptions specifies the parameters for a single probe.
No description provided by the author
No description provided by the author