Skip to content

A very simple script that sniff TLS Handshakes to parse the leaked domain in a output file thanks to the SNI Leak.

Notifications You must be signed in to change notification settings

xHaash/SNI-Leak-PoC

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

SNI-Leak-PoC

This is a very simple script that sniff TLS Handshakes (Client Hello) and parse the leaked domains in an output file thanks to the SNI Leak. This script is made for showing the information leak that remains in the TLS protocole and more precisly in the SNI extension.

There's 2 versions of the script:

  1. SNI_Pcap_Scanner.py -> Let you scan a .pcap file to extract the leaked domains from it. (Only CLI Output !)

  2. SNI_Sniffer.py -> Let you sniff your trafic live to extract the leaked domain directly while your browsing and parse them in the output.txt file.

Installation

  1. Install Python3 on your Device

  2. pip3 install -r requirements.txt

  3. You can edit iface="" and uncomment the lines 9 and 39 to sniff from a specific eth card. (Only if needed. Skip this step if you don't understand what it's about !)

  4. MacOS: python3 SNI_Sniffer.py Windows: py SNI_Sniffer.py

Screenshots

Capture d’écran 2023-07-10 171016 Capture d’écran 2023-07-10 171703

About

A very simple script that sniff TLS Handshakes to parse the leaked domain in a output file thanks to the SNI Leak.

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages