Post Reply 
Cloudflare captcha [split] prox-config-sidki_2019-01-26b1
Feb. 28, 2022, 04:01 AM
Post: #13
RE: Cloudflare captcha [split] prox-config-sidki_2019-01-26b1
I can say from experience - trying to write a browser (long story...) - that having an "unusual" UA header, or even none at all, definitely sticks out like the proverbial sore thumb and gets you blocked from a lot of sites even beyond Cloudflare. The classic SpaceBison has already somehow become famous enough to be blacklisted by many "bot detectors".

(Feb. 26, 2022 03:50 AM)whenever Wrote:  
(Feb. 06, 2022 10:21 AM)amy Wrote:  Proxomitron Reborn can already specify the cipher configuration which OpenSSL will use.

What if we just relay the Client Hello from the browser to the remote server (for example Cloudflare CDN) and make sure we don't touch the browser's User Agent string? Though I'm not sure if Proxomitron Reborn can do this kind of low level stuff.
The ClientHello sets up the SSL/TLS handshake negotiation, so it could theoretically specify stuff that Proxo's OpenSSL doesn't know how to handle, like some ciphers, if the server decides to pick one.

This is an issue that has been on my mind for a while and unfortunately I currently don't have much time to work on it, but others have also been doing some work on beating TLS handshake fingerprinting:
Code:
https://github.com/lwthiker/curl-impersonate
Add Thank You Quote this message in a reply
Post Reply 


Messages In This Thread
RE: Cloudflare captcha [split] prox-config-sidki_2019-01-26b1 - amy - Feb. 28, 2022 04:01 AM
RE: prox-config-sidki_2019-01-26b1 - JJoe - Feb. 04, 2022, 04:19 PM
RE: prox-config-sidki_2019-01-26b1 - ProxRocks - Feb. 04, 2022, 04:46 PM

Forum Jump: