tlsx icon indicating copy to clipboard operation
tlsx copied to clipboard
verified publisher icon projectdiscovery

Fallback mechanism for SNI value to use in case of IP input

Open ehsandeep opened this issue 3 years ago • 0 comments

tlsx version:

dev/main

Please describe your feature request:

Different server behaves differently depending on requirement when it comes to SNI value to use with tls connection when connecting to IP directly.

echo 45.60.13.153 | go run  . -json -tps | jq . # requires empty SNI
echo 142.251.42.110 | go run  . -json -tps | jq . # requires random SNI

As of https://github.com/projectdiscovery/tlsx/pull/123, empty SNI is used when connecting to IP and random SNI can be passed using -random-sni option following the default behavior of curl when it comes to TLS connection with IP input.

As the purpose of tlsx to connect all possible hosts as possible, we need to implement a fallback mechanism to use appreciated SNI value which requires further research to collect all the possible errors to implement the fallback mechanism effectively.

ehsandeep avatar Nov 29 '22 11:11 ehsandeep