Skip to content

O-X-L/haproxy-ja4h-fingerprint

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

29 Commits
.github
.github
 
 
test
test
 
 
.gitignore
.gitignore
 
 
LICENSE.txt
LICENSE.txt
 
 
README.md
README.md
 
 
ja4h.lua
ja4h.lua
 
 

Repository files navigation

HAProxy - JA4H HTTP Client-Fingerprint - Lua Plugin

You need to run HAProxy 2.9 or higher to use this plugin!

If the needed features are not yet available in your version - it will fail with the error attempt to call a nil value (method 'req_cook_names')

Test it: fingerprint.oxl.app

Intro

About JA4:

About JA3:

Browser Fingerprinting:

Usage

  • Add the LUA script ja4h.lua to your system.

Config

  • Load the LUA module with lua-load /etc/haproxy/lua/ja4h.lua
  • Execute the LUA script on HTTP requests: http-request lua.fingerprint_ja4h
  • Log the fingerprint: http-request capture var(txn.fingerprint_ja4h) len 51

License

This script is licensed under the MIT-license and thus is free to use.

But the JA4H algorithm has some usage-limitations - see: FoxIO-LLC/ja4 & JA4+ FoxIO License

Contribute

If you have:

Please read the JA4H TLS details!

Available HTTP-fetches are: HAProxy HTTP fetches

Testing

Example:

FINGERPRINT
ge20cn16enus_38f13b2c1334_1b82fc6e2b78_60837532b357

DEBUG
ge_20_c_n_16_enus_accept,accept-encoding,accept-language,cache-control,cookie,host,priority,sec-ch-ua,sec-ch-ua-mobile,sec-ch-ua-platform,sec-fetch-dest,sec-fetch-mode,sec-fetch-site,sec-fetch-user,upgrade-insecure-requests,user-agent_abc,def_abc=test,def=me

Docker

If you prefer to use Docker, the manual steps can be skipped. Run the docker container from the project root and access http://localhost:6969

docker compose -f test/docker-compose.yaml up --build --watch

--watch will automatically rebuild the container on changes

Local

WARNING: You need to run a version of HAProxy >=2.9 or master

  • Run: bash test/run.sh

  • Access the test website: http://localhost:6969/

  • Or query the API: curl -v https://localhost:6969/api

    {
  "fingerprint": "ge11nn14enus_1e32c07f0ac0_000000000000_000000000000",
  "details": "ge_11_n_n_14_enus_accept,accept-encoding,accept-language,cache-control,host,sec-ch-ua,sec-ch-ua-mobile,sec-ch-ua-platform,sec-fetch-dest,sec-fetch-mode,sec-fetch-site,sec-fetch-user,upgrade-insecure-requests,user-agent__"
}

Exit with CTRL+C

About

HAProxy (community) Lua Plugin for JA4H HTTP Client-Fingerprinting

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

4 stars

Watchers

2 watching

Forks

1 fork
Report repository

Languages