I am using python requests library to make HTTP calls. However website bot detection is using JA3 fingerprint verification and blocking me.
Is there any way I can spoof the JA3 signature.
Asked
Active
Viewed 1,983 times
0
-
While you can have control over the offered ciphers I doubt that you have that much control about the TLS extensions from inside Python requests or even from Python ssl lib in general. Maybe you can spoof specific JA3 fingerprints by manipulating the accepted ciphers. But likely you cannot spoof arbitrary ones. – Steffen Ullrich Aug 11 '20 at 20:40
-
How to spoof specific JA3 fingerprints ? – Ditti Aug 11 '20 at 20:42
-
First, you have to figure out what exactly you need to change compared to what you currently have, i.e. compare ClientHello from an accepted client with yours from the perspective of [how JA3 works](https://engineering.salesforce.com/tls-fingerprinting-with-ja3-and-ja3s-247362855967). If all you need to change is the list and order of offered ciphers then see [How to select specific the cipher while sending request via python request module](https://stackoverflow.com/questions/40373115/). If other things need to change you likely have lost, at least with Python requests. – Steffen Ullrich Aug 11 '20 at 20:47
-
thanks a lot, I will read it :) – Ditti Aug 11 '20 at 20:52