adulau/ssldump
1
0
Fork 0
mirror of https://github.com/adulau/ssldump.git synced 2024-09-18 08:46:25 +00:00
Code Issues Projects Releases Packages Wiki Activity

Update README & fix version

Browse source
This commit is contained in:
William Robinet 2023-08-10 11:40:34 +02:00
parent d94cbfa088
commit 6937dbc3fa
No known key found for this signature in database
GPG key ID: 003FA3DF74C7A949
2 changed files with 11 additions and 32 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
CMakeLists.txt
View file

@ -5,7 +5,7 @@ set(CMAKE_VERBOSE_MAKEFILE ON)
project(
ssldump
VERSION 1.9
VERSION 1.8
LANGUAGES C
)

41
README.md
View file

@ -21,7 +21,7 @@ includes a JSON output option, supports [JA3](https://github.com/salesforce/ja3)
# How to do I run ssldump?
`./ssldump -j -ANH -n -i any | jq` will run ssldump on all interfaces and output the result in JSON format including ja3 hashes.
`./ssldump -j -ANH -n -i any | jq` will run ssldump on all interfaces and output the result in JSON format including ja3 hashes.
For more details, check the man page.
@ -29,7 +29,7 @@ For more details, check the man page.
This example will query ja3er.com service to display the known ja3 hashes from the TLS handshaked in the pcap.
`ssldump -r yourcapture.pcap -j | jq -r 'select(.ja3_fp != null) | .ja3_fp' | parallel 'curl -s -X GET 'https://ja3er.com/search/{}' | jq .'`
`ssldump -r yourcapture.pcap -j | jq -r 'select(.ja3_fp != null) | .ja3_fp' | parallel 'curl -s -X GET 'https://ja3er.com/search/{}' | jq .'`
# Why do you maintain this repository?
@ -55,39 +55,18 @@ other too (but this is just a collateral damage).
On Debian & Ubuntu:
```
apt install build-essential autoconf libssl-dev libpcap-dev libnet1-dev libjson-c-dev
./autogen.sh
./configure --prefix=/usr/local
make
(optional) make install
apt install build-essential cmake ninja-build libssl-dev libpcap-dev libnet1-dev libjson-c-dev
cmake -G Ninja -B build
ninja -C build
./build/ssldump -v
```
On Fedora, CentOS, RHEL & Rocky:
```
dnf install autoconf automake gcc make openssl-devel libpcap-devel libnet-devel json-c-devel
./autogen.sh
./configure --prefix=/usr/local
make
(optional) make install
```
Optional configuration features (aka ./configure options):
```
--disable-optimization disable compiler optimizations (change from -O2 to -O0)
--enable-debug enable debug info (add "-g -DDEBUG" to CFLAGS)
--enable-asan enable AddressSanitizer and other checks
add "-fsanitize=address,undefined,leak -Wformat -Werror=format-security
-Werror=array-bounds" to CFLAGS
use libasan with GCC and embedded ASAN with Clang
```
Configuration examples:
```
- Use GCC with libasan, debug info and custom CFLAGS:
./configure CC=/usr/bin/gcc --enable-asan --enable-debug CFLAGS="-Wall"
- Use Clang with ASAN and no optimizations (-O0)
./configure CC=/usr/bin/clang --enable-asan --disable-optimization
dnf install cmake ninja-build gcc openssl-devel libpcap-devel libnet-devel json-c-devel
cmake -G Ninja -B build
ninja -C build
./build/ssldump -v
```
# Notes