Post Reply 
Cloudflare captcha [split] prox-config-sidki_2019-01-26b1
Mar. 26, 2022, 04:20 AM
Post: #18
RE: Cloudflare captcha [split] prox-config-sidki_2019-01-26b1
(Mar. 22, 2022 03:02 AM)cattleyavns Wrote:  Should I share the whole progress ?
I think you've given sufficient information already; on the other hand, browsers' ciphersuites and user-agent strings are not exactly secret either. There's a nice list of their ciphersuites here:
Removing the SCSV from OpenSSL requires a patch/recompile (it's hardcoded) so it is not easy to do, but on the other hand, looking through that list, it seems besides bots some older Android and Apple systems will send it. (They might also be using OpenSSL internally.)

The other thing I'm considering is allowing Proxomitron Reborn to use one of the varyingly-compatible forks of OpenSSL like BoringSSL, which is used in e.g. Chrome and doesn't send SCSV. Another alternative is the native Windows Schannel, but it's significantly different in API and would require quite a lot more work. Stock OpenSSL is indeed quite bot-like in its default fingerprint, no doubt because it's a widely used default SSL library for everything---except, unfortunately, most browsers.
Add Thank You Quote this message in a reply
[-] The following 1 user says Thank You to amy for this post:
Post Reply 

Messages In This Thread
RE: Cloudflare captcha [split] prox-config-sidki_2019-01-26b1 - amy - Mar. 26, 2022 04:20 AM
RE: prox-config-sidki_2019-01-26b1 - JJoe - Feb. 04, 2022, 04:19 PM
RE: prox-config-sidki_2019-01-26b1 - ProxRocks - Feb. 04, 2022, 04:46 PM

Forum Jump: