This is a very simple script that sniff TLS Handshakes (Client Hello) and parse the leaked domains in an output file thanks to the SNI Leak. This script is made for showing the information leak that remains in the TLS protocole and more precisly in the SNI extension.
There's 2 versions of the script:
-
SNI_Pcap_Scanner.py-> Let you scan a .pcap file to extract the leaked domains from it. (Only CLI Output !) -
SNI_Sniffer.py-> Let you sniff your trafic live to extract the leaked domain directly while your browsing and parse them in theoutput.txtfile.
-
Install Python3 on your Device
-
pip3 install -r requirements.txt -
You can edit
iface=""and uncomment the lines 9 and 39 to sniff from a specific eth card. (Only if needed. Skip this step if you don't understand what it's about !) -
MacOS:
python3 SNI_Sniffer.pyWindows:py SNI_Sniffer.py
