adulau/ssldump
1
0
Fork 0
mirror of https://github.com/adulau/ssldump.git synced 2024-09-18 08:46:25 +00:00
Code Issues Projects Releases Packages Wiki Activity

Update README & fix version

Browse source
This commit is contained in:
William Robinet 2023-08-10 11:40:34 +02:00
parent d94cbfa088
commit 6937dbc3fa
No known key found for this signature in database
GPG key ID: 003FA3DF74C7A949
2 changed files with 11 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
CMakeLists.txt
View file

@ -5,7 +5,7 @@ set(CMAKE_VERBOSE_MAKEFILE ON)
project( project(
ssldump ssldump
VERSION 1.9 VERSION 1.8
LANGUAGES C LANGUAGES C
) )

41
README.md
View file

@ -21,7 +21,7 @@ includes a JSON output option, supports [JA3](https://github.com/salesforce/ja3)
# How to do I run ssldump? # How to do I run ssldump?
`./ssldump -j -ANH -n -i any | jq` will run ssldump on all interfaces and output the result in JSON format including ja3 hashes. `./ssldump -j -ANH -n -i any | jq` will run ssldump on all interfaces and output the result in JSON format including ja3 hashes.
For more details, check the man page. For more details, check the man page.
@ -29,7 +29,7 @@ For more details, check the man page.
This example will query ja3er.com service to display the known ja3 hashes from the TLS handshaked in the pcap. This example will query ja3er.com service to display the known ja3 hashes from the TLS handshaked in the pcap.
`ssldump -r yourcapture.pcap -j | jq -r 'select(.ja3_fp != null) | .ja3_fp' | parallel 'curl -s -X GET 'https://ja3er.com/search/{}' | jq .'` `ssldump -r yourcapture.pcap -j | jq -r 'select(.ja3_fp != null) | .ja3_fp' | parallel 'curl -s -X GET 'https://ja3er.com/search/{}' | jq .'`
# Why do you maintain this repository? # Why do you maintain this repository?
@ -55,39 +55,18 @@ other too (but this is just a collateral damage).
On Debian & Ubuntu: On Debian & Ubuntu:
``` ```
apt install build-essential autoconf libssl-dev libpcap-dev libnet1-dev libjson-c-dev apt install build-essential cmake ninja-build libssl-dev libpcap-dev libnet1-dev libjson-c-dev
./autogen.sh cmake -G Ninja -B build
./configure --prefix=/usr/local ninja -C build
make ./build/ssldump -v
(optional) make install
``` ```
On Fedora, CentOS, RHEL & Rocky: On Fedora, CentOS, RHEL & Rocky:
``` ```
dnf install autoconf automake gcc make openssl-devel libpcap-devel libnet-devel json-c-devel dnf install cmake ninja-build gcc openssl-devel libpcap-devel libnet-devel json-c-devel
./autogen.sh cmake -G Ninja -B build
./configure --prefix=/usr/local ninja -C build
make ./build/ssldump -v
(optional) make install
```
Optional configuration features (aka ./configure options):
```
--disable-optimization disable compiler optimizations (change from -O2 to -O0)
--enable-debug enable debug info (add "-g -DDEBUG" to CFLAGS)
--enable-asan enable AddressSanitizer and other checks
add "-fsanitize=address,undefined,leak -Wformat -Werror=format-security
-Werror=array-bounds" to CFLAGS
use libasan with GCC and embedded ASAN with Clang
```
Configuration examples:
```
- Use GCC with libasan, debug info and custom CFLAGS:
./configure CC=/usr/bin/gcc --enable-asan --enable-debug CFLAGS="-Wall"
- Use Clang with ASAN and no optimizations (-O0)
./configure CC=/usr/bin/clang --enable-asan --disable-optimization
``` ```
# Notes # Notes