/SNI-Leak-PoC

A very simple script that sniff TLS Handshakes to parse the leaked domain in a output file thanks to the SNI Leak.

Primary LanguagePython

SNI-Leak-PoC

This is a very simple script that sniff TLS Handshakes (Client Hello) and parse the leaked domains in an output file thanks to the SNI Leak. This script is made for showing the information leak that remains in the TLS protocole and more precisly in the SNI extension.

There's 2 versions of the script:

  1. SNI_Pcap_Scanner.py -> Let you scan a .pcap file to extract the leaked domains from it. (Only CLI Output !)

  2. SNI_Sniffer.py -> Let you sniff your trafic live to extract the leaked domain directly while your browsing and parse them in the output.txt file.

Installation

  1. Install Python3 on your Device

  2. pip3 install -r requirements.txt

  3. You can edit iface="" and uncomment the lines 9 and 39 to sniff from a specific eth card. (Only if needed. Skip this step if you don't understand what it's about !)

  4. MacOS: python3 SNI_Sniffer.py Windows: py SNI_Sniffer.py

Screenshots

Capture d’écran 2023-07-10 171016 Capture d’écran 2023-07-10 171703