Add (kind of) support for loading a list of JA4C malicious fingerprints (#2678)

It might be usefull to be able to match traffic against a list of suspicious JA4C fingerprints Use the same code/logic/infrastructure used for JA3C (note that we are going to remove JA3C...) See: #2551
author: Ivan Nardi <12729895+IvanNardi@users.noreply.github.com> 2025-01-14 12:05:03 +0100
committer: GitHub <noreply@github.com> 2025-01-14 12:05:03 +0100
commit: 63a3547f998bfbe52c2bc8a540e0f33d37f3ad88 (patch)
tree: 782eac7281a01087a5cf374e7d0a3a76a7ebc552 /fuzz/fuzz_ndpi_reader.c
parent: 69a4f8120a3e335074fcc33f81e1d82dc0a88791 (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/fuzz/fuzz_ndpi_reader.c b/fuzz/fuzz_ndpi_reader.c
index de38f95ac..6c5be9c40 100644
--- a/fuzz/fuzz_ndpi_reader.c
+++ b/fuzz/fuzz_ndpi_reader.c
@@ -78,7 +78,7 @@ int LLVMFuzzerTestOneInput(const uint8_t *Data, size_t Size) {
     ndpi_load_protocols_file(workflow->ndpi_struct, "protos.txt");
     ndpi_load_categories_file(workflow->ndpi_struct, "categories.txt", NULL);
     ndpi_load_risk_domain_file(workflow->ndpi_struct, "risky_domains.txt");
-    ndpi_load_malicious_ja3_file(workflow->ndpi_struct, "ja3_fingerprints.csv");
+    ndpi_load_malicious_ja4_file(workflow->ndpi_struct, "ja4_fingerprints.csv");
     ndpi_load_malicious_sha1_file(workflow->ndpi_struct, "sha1_fingerprints.csv");
 
     // enable all protocols
author	Ivan Nardi <12729895+IvanNardi@users.noreply.github.com>	2025-01-14 12:05:03 +0100
committer	GitHub <noreply@github.com>	2025-01-14 12:05:03 +0100
commit	63a3547f998bfbe52c2bc8a540e0f33d37f3ad88 (patch)
tree	782eac7281a01087a5cf374e7d0a3a76a7ebc552 /fuzz/fuzz_ndpi_reader.c
parent	69a4f8120a3e335074fcc33f81e1d82dc0a88791 (diff)