526互联

一套最全的突破tls/ja3指纹的方案

发布时间 2023-06-13 15:51:41作者: 守护式等待

访问这个网站可以查看自己ja3信息   https://tls.browserleaks.com/json

方法一

pip install curl_cffi   # https://github.com/yifeikong/curl_cffi
from curl_cffi import requests

# 注意 impersonate 这个参数
r = requests.get("https://tls.browserleaks.com/json", impersonate="chrome101")

print(r.json())
# output: {'ja3_hash': '53ff64ddf993ca882b70e1c82af5da49'
# 指纹和目标浏览器一致

# 支持使用代理
proxies = {"https": "http://localhost:3128"}
r = requests.get("https://tls.browserleaks.com/json", impersonate="chrome101", proxies=proxies)





from curl_cffi import Curl, CurlOpt
from io import BytesIO

buffer = BytesIO()
c = Curl()
c.setopt(CurlOpt.URL, b'https://tls.browserleaks.com/json')
c.setopt(CurlOpt.WRITEDATA, buffer)

c.impersonate("chrome101")

c.perform()
c.close()
body = buffer.getvalue()
print(body.decode())  # 查看当前请求的ja3信息

方法二

pip install tls-client   # https://github.com/FlorianREGAZ/Python-Tls-Client

import tls_client

# You can also use the following as `client_identifier`:
# Chrome --> chrome_103, chrome_104, chrome_105, chrome_106, chrome_107, chrome_108, chrome109, Chrome110,
#            chrome111, chrome112
# Firefox --> firefox_102, firefox_104, firefox108, Firefox110
# Opera --> opera_89, opera_90
# Safari --> safari_15_3, safari_15_6_1, safari_16_0
# iOS --> safari_ios_15_5, safari_ios_15_6, safari_ios_16_0
# iPadOS --> safari_ios_15_6
# Android --> okhttp4_android_7, okhttp4_android_8, okhttp4_android_9, okhttp4_android_10, okhttp4_android_11,
#             okhttp4_android_12, okhttp4_android_13

session = tls_client.Session(
    client_identifier="chrome112",
    random_tls_extension_order=True
)

res = session.get(
    "https://www.example.com/",
    headers={
        "key1": "value1",
    },
    proxy="http://user:password@host:port"
)

方法三

pip install pyhttpx  # https://github.com/zero3301/pyhttpx
import pyhttpx

sess = pyhttpx.HttpSession()
r = sess.get('https://httpbin.org/get', headers={'User-Agent': '3301'}, cookies={'k': '3301'})
r = sess.post('https://httpbin.org/get',data={})
proxies = {'https': 'http://username:password@host:port'}
r = sess.post('https://httpbin.org/get',proxies=proxies)
print(r.status_code)
print(r.request.raw)

方法四

镜像有点大,不过有完整的编译环境

docker pull geekbyte1/pyantitls:v1.0

docker run -it -d geekbyte1/pyantitls:v1.0

方法五

Q佬的Dockerfile版

https://mp.weixin.qq.com/s/UZlLuzlQZrI7w82HI7zGuw

方法六

https://github.com/synodriver/pycurl/blob/master/special.markdown https://github.com/synodriver/pycurl/blob/master/special.markdown

2.git clone https://github.com/ycq0125/pycurl.git

3.cd pycurl搞定。可以把./pycurl/requests_curl 整个移动到site-package目录下,就可以全局使用了

方法七

https://pypi.org/project/requests-curl-antitls/ 内有详细步骤

另外下面这个是vmwear的镜像,已经编译好的环境,可以自己拿来玩玩

链接:https://pan.baidu.com/s/1_R02JKqvmA8Km4QNAKYfYg

提取码:curl

 方法八  使用 requests 请求网站的时候,修改 JA3指纹

import random

from requests.adapters import HTTPAdapter
from requests.packages.urllib3.util.ssl_ import create_urllib3_context

ORIGIN_CIPHERS = ('ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+HIGH:'
                  'DH+HIGH:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+HIGH:RSA+3DES')


class DESAdapter(HTTPAdapter):
    def __init__(self, *args, **kwargs):
        """
        A TransportAdapter that re-enables 3DES support in Requests.
        """
        CIPHERS = ORIGIN_CIPHERS.split(':')
        random.shuffle(CIPHERS)
        CIPHERS = ':'.join(CIPHERS)
        self.CIPHERS = CIPHERS + ':!aNULL:!eNULL:!MD5'
        super().__init__(*args, **kwargs)

    def init_poolmanager(self, *args, **kwargs):
        context = create_urllib3_context(ciphers=self.CIPHERS)
        kwargs['ssl_context'] = context
        return super(DESAdapter, self).init_poolmanager(*args, **kwargs)

    def proxy_manager_for(self, *args, **kwargs):
        context = create_urllib3_context(ciphers=self.CIPHERS)
        kwargs['ssl_context'] = context
        return super(DESAdapter, self).proxy_manager_for(*args, **kwargs)


import requests
headers = {'User-Agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67'}
s = requests.Session()
s.headers.update(headers)

for _ in range(5):
    s.mount('https://tls.browserleaks.com', DESAdapter())
    resp = s.get('https://tls.browserleaks.com/json').json()
    print(resp)  # ja3指纹一直在变

  

二:tls相关原理可以看这篇文章

python完美突破tls/ja3 # https://mp.weixin.qq.com/s/GU2AgushvIEtLHtYR7BQzg
为什么随机 IP、随机 UA 也逃不掉被反爬虫的命运 # https://mp.weixin.qq.com/s/Qx7PjnBgrTR30oCurU6CGw
Python 如何突破反爬虫指纹 JA3 # https://mp.weixin.qq.com/s/7VJHCl2ht4pjkgIdcOKc5w
JS逆向之猿人学第十九题突破ja3指纹验证 # https://mp.weixin.qq.com/s?__biz=MzU0MjUwMTA2OQ==&mid=2247484137&idx=1&sn=ccfa46a45a09e7fde284dfba281fd719&chksm=fb18f34bcc6f7a5d49ee3050887aa909708ede268cb5046bcd80d43ffdc7c9f948d428c65ec4&scene=21#wechat_redirect
深度剖析ja3指纹及突破 # https://mp.weixin.qq.com/s?__biz=MzU0MjUwMTA2OQ==&mid=2247484649&idx=1&sn=42eb5319db1ca830ca81d75218e4c0e4&chksm=fb18f54bcc6f7c5de60395d03650aa7c6a30e37407989c604c31ffa1076d071a32afcb0556c4&scene=21#wechat_redirect
ja3指纹补充说明 # https://mp.weixin.qq.com/s?__biz=MzU0MjUwMTA2OQ==&mid=2247484522&idx=1&sn=1d47898130e689413c40fecc4b0a2b39&chksm=fb18f5c8cc6f7cde416ae1c5f93555b66be6bfdc01b9d715b2b4c5662900c95f39a1036312ea&scene=21#wechat_redirect