From ca92660d981da0dcea9597d7ad560af0a6e21774 Mon Sep 17 00:00:00 2001 From: Luca Deri Date: Thu, 13 May 2021 20:51:11 +0200 Subject: Converted some test .pcapng files to pcap format --- tests/pcap/chrome.pcap | Bin 0 -> 5075309 bytes tests/pcap/chrome.pcapng | Bin 5176812 -> 0 bytes tests/pcap/safari.pcap | Bin 0 -> 5666637 bytes tests/pcap/safari.pcapng | Bin 5775152 -> 0 bytes tests/result/chrome.pcap.out | 13 +++++++++++++ tests/result/chrome.pcapng.out | 13 ------------- tests/result/safari.pcap.out | 14 ++++++++++++++ tests/result/safari.pcapng.out | 14 -------------- 8 files changed, 27 insertions(+), 27 deletions(-) create mode 100644 tests/pcap/chrome.pcap delete mode 100644 tests/pcap/chrome.pcapng create mode 100644 tests/pcap/safari.pcap delete mode 100644 tests/pcap/safari.pcapng create mode 100644 tests/result/chrome.pcap.out delete mode 100644 tests/result/chrome.pcapng.out create mode 100644 tests/result/safari.pcap.out delete mode 100644 tests/result/safari.pcapng.out diff --git a/tests/pcap/chrome.pcap b/tests/pcap/chrome.pcap new file mode 100644 index 000000000..dbaeca935 Binary files /dev/null and b/tests/pcap/chrome.pcap differ diff --git a/tests/pcap/chrome.pcapng b/tests/pcap/chrome.pcapng deleted file mode 100644 index 9597fc940..000000000 Binary files a/tests/pcap/chrome.pcapng and /dev/null differ diff --git a/tests/pcap/safari.pcap b/tests/pcap/safari.pcap new file mode 100644 index 000000000..cda741417 Binary files /dev/null and b/tests/pcap/safari.pcap differ diff --git a/tests/pcap/safari.pcapng b/tests/pcap/safari.pcapng deleted file mode 100644 index 279214c22..000000000 Binary files a/tests/pcap/safari.pcapng and /dev/null differ diff --git a/tests/result/chrome.pcap.out b/tests/result/chrome.pcap.out new file mode 100644 index 000000000..4ba243af9 --- /dev/null +++ b/tests/result/chrome.pcap.out @@ -0,0 +1,13 @@ +TLS 5633 4985157 6 + +JA3 Host Stats: + IP Address # JA3C + 1 192.168.1.178 2 + + + 1 TCP 192.168.1.178:64411 <-> 146.48.58.18:443 [proto: 91/TLS][cat: Web/5][472 pkts/36714 bytes <-> 727 pkts/1052310 bytes][Goodput ratio: 15/95][5.77 sec][ALPN: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.933 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 16/9 4993/4997 266/203][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 78/1447 820/1506 89/249][TLSv1.3][Client: www.iit.cnr.it][JA3C: aa50c12a5dfa717d9d6ab34e97de79d5][JA3S: 15af977ce25de452b96affa2addb1036][Chrome][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,97,0,0] + 2 TCP 192.168.1.178:64394 <-> 146.48.58.18:443 [proto: 91/TLS][cat: Web/5][472 pkts/37585 bytes <-> 662 pkts/967394 bytes][Goodput ratio: 17/95][6.30 sec][ALPN: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.925 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3/1 441/54 24/5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 80/1461 792/1506 96/216][TLSv1.3][Client: www.iit.cnr.it][JA3C: 1b73862eae8f1711440a446b1ef357fd][JA3S: 2253c82f03b621c5144709b393fde2c9][Chrome][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,3,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,92,0,0] + 3 TCP 192.168.1.178:64410 <-> 146.48.58.18:443 [proto: 91/TLS][cat: Web/5][456 pkts/34246 bytes <-> 650 pkts/953061 bytes][Goodput ratio: 12/95][5.77 sec][ALPN: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.931 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 16/1 4982/65 268/6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 75/1466 777/1506 78/210][TLSv1.3][Client: www.iit.cnr.it][JA3C: aa50c12a5dfa717d9d6ab34e97de79d5][JA3S: 15af977ce25de452b96affa2addb1036][Chrome][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,95,0,0] + 4 TCP 192.168.1.178:64409 <-> 146.48.58.18:443 [proto: 91/TLS][cat: Web/5][409 pkts/32019 bytes <-> 547 pkts/804381 bytes][Goodput ratio: 16/96][5.75 sec][ALPN: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.923 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 18/12 5000/5000 282/235][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 78/1471 804/1506 92/209][TLSv1.3][Client: www.iit.cnr.it][JA3C: 1b73862eae8f1711440a446b1ef357fd][JA3S: 2253c82f03b621c5144709b393fde2c9][Chrome][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,98,0,0] + 5 TCP 192.168.1.178:64393 <-> 146.48.58.18:443 [proto: 91/TLS][cat: Web/5][374 pkts/31581 bytes <-> 488 pkts/713304 bytes][Goodput ratio: 22/95][6.76 sec][ALPN: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.915 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 19/15 4594/4748 271/239][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 84/1462 816/1506 110/230][TLSv1.3][Client: www.iit.cnr.it][JA3C: aa50c12a5dfa717d9d6ab34e97de79d5][JA3S: 15af977ce25de452b96affa2addb1036][Chrome][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,1,3,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,91,0,0] + 6 TCP 192.168.1.178:64408 <-> 146.48.58.18:443 [proto: 91/TLS][cat: Web/5][161 pkts/16303 bytes <-> 215 pkts/306259 bytes][Goodput ratio: 35/95][5.78 sec][ALPN: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.899 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 45/2 4995/60 448/10][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 101/1424 777/1506 152/300][TLSv1.3][Client: www.iit.cnr.it][JA3C: 1b73862eae8f1711440a446b1ef357fd][JA3S: 2253c82f03b621c5144709b393fde2c9][Chrome][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,95,0,0] diff --git a/tests/result/chrome.pcapng.out b/tests/result/chrome.pcapng.out deleted file mode 100644 index 4ba243af9..000000000 --- a/tests/result/chrome.pcapng.out +++ /dev/null @@ -1,13 +0,0 @@ -TLS 5633 4985157 6 - -JA3 Host Stats: - IP Address # JA3C - 1 192.168.1.178 2 - - - 1 TCP 192.168.1.178:64411 <-> 146.48.58.18:443 [proto: 91/TLS][cat: Web/5][472 pkts/36714 bytes <-> 727 pkts/1052310 bytes][Goodput ratio: 15/95][5.77 sec][ALPN: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.933 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 16/9 4993/4997 266/203][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 78/1447 820/1506 89/249][TLSv1.3][Client: www.iit.cnr.it][JA3C: aa50c12a5dfa717d9d6ab34e97de79d5][JA3S: 15af977ce25de452b96affa2addb1036][Chrome][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,97,0,0] - 2 TCP 192.168.1.178:64394 <-> 146.48.58.18:443 [proto: 91/TLS][cat: Web/5][472 pkts/37585 bytes <-> 662 pkts/967394 bytes][Goodput ratio: 17/95][6.30 sec][ALPN: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.925 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3/1 441/54 24/5][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 80/1461 792/1506 96/216][TLSv1.3][Client: www.iit.cnr.it][JA3C: 1b73862eae8f1711440a446b1ef357fd][JA3S: 2253c82f03b621c5144709b393fde2c9][Chrome][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,1,0,0,0,0,3,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,92,0,0] - 3 TCP 192.168.1.178:64410 <-> 146.48.58.18:443 [proto: 91/TLS][cat: Web/5][456 pkts/34246 bytes <-> 650 pkts/953061 bytes][Goodput ratio: 12/95][5.77 sec][ALPN: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.931 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 16/1 4982/65 268/6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 75/1466 777/1506 78/210][TLSv1.3][Client: www.iit.cnr.it][JA3C: aa50c12a5dfa717d9d6ab34e97de79d5][JA3S: 15af977ce25de452b96affa2addb1036][Chrome][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,0,1,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,95,0,0] - 4 TCP 192.168.1.178:64409 <-> 146.48.58.18:443 [proto: 91/TLS][cat: Web/5][409 pkts/32019 bytes <-> 547 pkts/804381 bytes][Goodput ratio: 16/96][5.75 sec][ALPN: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.923 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 18/12 5000/5000 282/235][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 78/1471 804/1506 92/209][TLSv1.3][Client: www.iit.cnr.it][JA3C: 1b73862eae8f1711440a446b1ef357fd][JA3S: 2253c82f03b621c5144709b393fde2c9][Chrome][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,98,0,0] - 5 TCP 192.168.1.178:64393 <-> 146.48.58.18:443 [proto: 91/TLS][cat: Web/5][374 pkts/31581 bytes <-> 488 pkts/713304 bytes][Goodput ratio: 22/95][6.76 sec][ALPN: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.915 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 19/15 4594/4748 271/239][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 84/1462 816/1506 110/230][TLSv1.3][Client: www.iit.cnr.it][JA3C: aa50c12a5dfa717d9d6ab34e97de79d5][JA3S: 15af977ce25de452b96affa2addb1036][Chrome][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 1,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,1,3,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,91,0,0] - 6 TCP 192.168.1.178:64408 <-> 146.48.58.18:443 [proto: 91/TLS][cat: Web/5][161 pkts/16303 bytes <-> 215 pkts/306259 bytes][Goodput ratio: 35/95][5.78 sec][ALPN: h2;http/1.1][TLS Supported Versions: GREASE;TLSv1.3;TLSv1.2;TLSv1.1;TLSv1][bytes ratio: -0.899 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 45/2 4995/60 448/10][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 101/1424 777/1506 152/300][TLSv1.3][Client: www.iit.cnr.it][JA3C: 1b73862eae8f1711440a446b1ef357fd][JA3S: 2253c82f03b621c5144709b393fde2c9][Chrome][Cipher: TLS_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,3,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,95,0,0] diff --git a/tests/result/safari.pcap.out b/tests/result/safari.pcap.out new file mode 100644 index 000000000..960aa7ecb --- /dev/null +++ b/tests/result/safari.pcap.out @@ -0,0 +1,14 @@ +TLS 6019 5570309 7 + +JA3 Host Stats: + IP Address # JA3C + 1 192.168.1.178 2 + + + 1 TCP 192.168.1.178:55262 <-> 146.48.58.18:443 [proto: 91/TLS][cat: Web/5][770 pkts/55268 bytes <-> 1313 pkts/1959863 bytes][Goodput ratio: 8/96][5.92 sec][ALPN: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.945 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 9/5 3388/3416 146/105][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 72/1493 514/1506 47/126][TLSv1.2][Client: www.iit.cnr.it][JA3C: a69708a64f853c3bcc214c2c5faf84f3][ServerNames: www.iit.cnr.it][JA3S: 263c859c5391203d774bc0599793d915][Issuer: C=NL, ST=Noord-Holland, L=Amsterdam, O=TERENA, CN=TERENA SSL CA 3][Subject: C=IT, ST=Lazio, L=Roma, O=Consiglio Nazionale delle Ricerche, OU=IIT, CN=www.iit.cnr.it][Certificate SHA-1: C4:F6:98:75:7E:20:5C:B6:33:14:59:3F:CF:26:96:38:D0:4B:73:69][Safari][Validity: 2019-12-10 00:00:00 - 2022-01-05 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,97,0,0] + 2 TCP 192.168.1.178:55267 <-> 146.48.58.18:443 [proto: 91/TLS][cat: Web/5][356 pkts/26392 bytes <-> 571 pkts/841944 bytes][Goodput ratio: 11/96][0.97 sec][bytes ratio: -0.939 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2/1 84/77 9/6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 74/1475 517/1506 57/196][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: www.iit.cnr.it][JA3C: ee4ced3f2d15de4b5cb6fb0a894fec9f][JA3S: fd4bc6cea4877646ccd62f0792ec0b62][Safari][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,97,0,0] + 3 TCP 192.168.1.178:55268 <-> 146.48.58.18:443 [proto: 91/TLS][cat: Web/5][323 pkts/24626 bytes <-> 477 pkts/704321 bytes][Goodput ratio: 13/96][0.91 sec][bytes ratio: -0.932 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3/1 116/146 12/11][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 76/1477 511/1506 64/189][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: www.iit.cnr.it][JA3C: ee4ced3f2d15de4b5cb6fb0a894fec9f][JA3S: fd4bc6cea4877646ccd62f0792ec0b62][Safari][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,97,0,0] + 4 TCP 192.168.1.178:55265 <-> 146.48.58.18:443 [proto: 91/TLS][cat: Web/5][343 pkts/25933 bytes <-> 458 pkts/675289 bytes][Goodput ratio: 13/96][0.98 sec][bytes ratio: -0.926 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2/1 103/78 10/7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 76/1474 515/1506 62/190][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: www.iit.cnr.it][JA3C: ee4ced3f2d15de4b5cb6fb0a894fec9f][JA3S: fd4bc6cea4877646ccd62f0792ec0b62][Safari][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,98,0,0] + 5 TCP 192.168.1.178:55269 <-> 146.48.58.18:443 [proto: 91/TLS][cat: Web/5][307 pkts/22856 bytes <-> 462 pkts/676638 bytes][Goodput ratio: 9/95][0.89 sec][bytes ratio: -0.935 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3/2 105/147 10/10][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 74/1465 508/1506 51/220][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: www.iit.cnr.it][JA3C: ee4ced3f2d15de4b5cb6fb0a894fec9f][JA3S: fd4bc6cea4877646ccd62f0792ec0b62][Safari][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,96,0,0] + 6 TCP 192.168.1.178:55266 <-> 146.48.58.18:443 [proto: 91/TLS][cat: Web/5][250 pkts/20232 bytes <-> 371 pkts/530337 bytes][Goodput ratio: 18/95][0.85 sec][bytes ratio: -0.927 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3/1 106/77 11/7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 81/1429 503/1506 77/274][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: www.iit.cnr.it][JA3C: ee4ced3f2d15de4b5cb6fb0a894fec9f][JA3S: fd4bc6cea4877646ccd62f0792ec0b62][Safari][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,0,0,1,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,95,0,0] + 7 TCP 192.168.1.178:55285 <-> 146.48.58.18:443 [proto: 91/TLS][cat: Web/5][9 pkts/1312 bytes <-> 9 pkts/5298 bytes][Goodput ratio: 54/89][0.13 sec][ALPN: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.603 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 17/9 33/28 14/12][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 146/589 444/1506 129/618][TLSv1.2][Client: www.iit.cnr.it][JA3C: a69708a64f853c3bcc214c2c5faf84f3][ServerNames: www.iit.cnr.it][JA3S: 263c859c5391203d774bc0599793d915][Issuer: C=NL, ST=Noord-Holland, L=Amsterdam, O=TERENA, CN=TERENA SSL CA 3][Subject: C=IT, ST=Lazio, L=Roma, O=Consiglio Nazionale delle Ricerche, OU=IIT, CN=www.iit.cnr.it][Certificate SHA-1: C4:F6:98:75:7E:20:5C:B6:33:14:59:3F:CF:26:96:38:D0:4B:73:69][Safari][Validity: 2019-12-10 00:00:00 - 2022-01-05 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,12,12,0,0,0,0,12,0,0,0,12,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,25,0,0] diff --git a/tests/result/safari.pcapng.out b/tests/result/safari.pcapng.out deleted file mode 100644 index 960aa7ecb..000000000 --- a/tests/result/safari.pcapng.out +++ /dev/null @@ -1,14 +0,0 @@ -TLS 6019 5570309 7 - -JA3 Host Stats: - IP Address # JA3C - 1 192.168.1.178 2 - - - 1 TCP 192.168.1.178:55262 <-> 146.48.58.18:443 [proto: 91/TLS][cat: Web/5][770 pkts/55268 bytes <-> 1313 pkts/1959863 bytes][Goodput ratio: 8/96][5.92 sec][ALPN: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.945 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 9/5 3388/3416 146/105][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 72/1493 514/1506 47/126][TLSv1.2][Client: www.iit.cnr.it][JA3C: a69708a64f853c3bcc214c2c5faf84f3][ServerNames: www.iit.cnr.it][JA3S: 263c859c5391203d774bc0599793d915][Issuer: C=NL, ST=Noord-Holland, L=Amsterdam, O=TERENA, CN=TERENA SSL CA 3][Subject: C=IT, ST=Lazio, L=Roma, O=Consiglio Nazionale delle Ricerche, OU=IIT, CN=www.iit.cnr.it][Certificate SHA-1: C4:F6:98:75:7E:20:5C:B6:33:14:59:3F:CF:26:96:38:D0:4B:73:69][Safari][Validity: 2019-12-10 00:00:00 - 2022-01-05 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,1,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,97,0,0] - 2 TCP 192.168.1.178:55267 <-> 146.48.58.18:443 [proto: 91/TLS][cat: Web/5][356 pkts/26392 bytes <-> 571 pkts/841944 bytes][Goodput ratio: 11/96][0.97 sec][bytes ratio: -0.939 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2/1 84/77 9/6][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 74/1475 517/1506 57/196][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: www.iit.cnr.it][JA3C: ee4ced3f2d15de4b5cb6fb0a894fec9f][JA3S: fd4bc6cea4877646ccd62f0792ec0b62][Safari][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,97,0,0] - 3 TCP 192.168.1.178:55268 <-> 146.48.58.18:443 [proto: 91/TLS][cat: Web/5][323 pkts/24626 bytes <-> 477 pkts/704321 bytes][Goodput ratio: 13/96][0.91 sec][bytes ratio: -0.932 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3/1 116/146 12/11][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 76/1477 511/1506 64/189][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: www.iit.cnr.it][JA3C: ee4ced3f2d15de4b5cb6fb0a894fec9f][JA3S: fd4bc6cea4877646ccd62f0792ec0b62][Safari][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,97,0,0] - 4 TCP 192.168.1.178:55265 <-> 146.48.58.18:443 [proto: 91/TLS][cat: Web/5][343 pkts/25933 bytes <-> 458 pkts/675289 bytes][Goodput ratio: 13/96][0.98 sec][bytes ratio: -0.926 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 2/1 103/78 10/7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 76/1474 515/1506 62/190][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: www.iit.cnr.it][JA3C: ee4ced3f2d15de4b5cb6fb0a894fec9f][JA3S: fd4bc6cea4877646ccd62f0792ec0b62][Safari][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,98,0,0] - 5 TCP 192.168.1.178:55269 <-> 146.48.58.18:443 [proto: 91/TLS][cat: Web/5][307 pkts/22856 bytes <-> 462 pkts/676638 bytes][Goodput ratio: 9/95][0.89 sec][bytes ratio: -0.935 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3/2 105/147 10/10][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 74/1465 508/1506 51/220][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: www.iit.cnr.it][JA3C: ee4ced3f2d15de4b5cb6fb0a894fec9f][JA3S: fd4bc6cea4877646ccd62f0792ec0b62][Safari][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,0,0,0,0,0,0,0,0,0,0,0,0,2,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,96,0,0] - 6 TCP 192.168.1.178:55266 <-> 146.48.58.18:443 [proto: 91/TLS][cat: Web/5][250 pkts/20232 bytes <-> 371 pkts/530337 bytes][Goodput ratio: 18/95][0.85 sec][bytes ratio: -0.927 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 3/1 106/77 11/7][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 81/1429 503/1506 77/274][Risk: ** TLS (probably) not carrying HTTPS **][TLSv1.2][Client: www.iit.cnr.it][JA3C: ee4ced3f2d15de4b5cb6fb0a894fec9f][JA3S: fd4bc6cea4877646ccd62f0792ec0b62][Safari][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,0,0,1,0,0,0,0,0,0,0,0,0,2,0,0,0,0,0,0,0,0,0,0,0,0,0,1,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,95,0,0] - 7 TCP 192.168.1.178:55285 <-> 146.48.58.18:443 [proto: 91/TLS][cat: Web/5][9 pkts/1312 bytes <-> 9 pkts/5298 bytes][Goodput ratio: 54/89][0.13 sec][ALPN: h2;h2-16;h2-15;h2-14;spdy/3.1;spdy/3;http/1.1][bytes ratio: -0.603 (Download)][IAT c2s/s2c min/avg/max/stddev: 0/0 17/9 33/28 14/12][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 146/589 444/1506 129/618][TLSv1.2][Client: www.iit.cnr.it][JA3C: a69708a64f853c3bcc214c2c5faf84f3][ServerNames: www.iit.cnr.it][JA3S: 263c859c5391203d774bc0599793d915][Issuer: C=NL, ST=Noord-Holland, L=Amsterdam, O=TERENA, CN=TERENA SSL CA 3][Subject: C=IT, ST=Lazio, L=Roma, O=Consiglio Nazionale delle Ricerche, OU=IIT, CN=www.iit.cnr.it][Certificate SHA-1: C4:F6:98:75:7E:20:5C:B6:33:14:59:3F:CF:26:96:38:D0:4B:73:69][Safari][Validity: 2019-12-10 00:00:00 - 2022-01-05 12:00:00][Cipher: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384][Plen Bins: 0,12,12,0,0,0,0,12,0,0,0,12,0,0,0,0,0,12,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,12,0,0,0,0,0,0,0,25,0,0] -- cgit v1.2.3