How to bypass TLS Fingerprinting using Delphi Synapse.
There is no info anywhere.
Problem is that Google chrome sends to server this packet
grease (0xcaca) empty
server_name google.com
extended_master_secret empty
renegotiation_info 00
supported_groups grease [0x9a9a], x25519 [0x1d], secp256r1 [0x17], secp384r1 [0x18]
ec_point_formats uncompressed [0x0]
SessionTicket empty
ALPN h2, http/1.1
status_request OCSP - Implicit Responder
signature_algs ecdsa_secp256r1_sha256, rsa_pss_rsae_sha256, rsa_pkcs1_sha256, ecdsa_secp384r1_sha384, rsa_pss_rsae_sha384, rsa_pkcs1_sha384, rsa_pss_rsae_sha512, rsa_pkcs1_sha512
SignedCertTimestamp (RFC6962) empty
key_share 00 29 9A 9A 00 01 00 00 1D 00 20 81 56 BA FB 80 8D D2 A8 FC 0C E0 E3 D1 A6 F9 23 CF 8B 32 9C F5 F6 75 B9 B4 96 E8 9D 1D 13 B0 3B
psk_key_exchange_modes 01 01
supported_versions grease [0x9a9a], Tls1.3, Tls1.2
0x001b 02 00 02
0x4469 00 03 02 68 32
grease (0x8a8a) 00
padding 205 null bytes
And synapse sends
server_name www.google.com
ec_point_formats uncompressed [0x0], ansiX962_compressed_prime [0x1], ansiX962_compressed_char2 [0x2]
supported_groups x25519 [0x1d], secp256r1 [0x17], x448 [0x1e], secp521r1 [0x19], secp384r1 [0x18], ffdhe2048 [0x0100], ffdhe3072 [0x0101], ffdhe4096 [0x0102], ffdhe6144 [0x0103], ffdhe8192 [0x0104]
SessionTicket empty
encrypt_then_mac (RFC7366) empty
extended_master_secret empty
signature_algs ecdsa_secp256r1_sha256, ecdsa_secp384r1_sha384, ecdsa_secp521r1_sha512, ed25519, ed448, rsa_pss_pss_sha256, rsa_pss_pss_sha384, rsa_pss_pss_sha512, rsa_pss_rsae_sha256, rsa_pss_rsae_sha384, rsa_pss_rsae_sha512, rsa_pkcs1_sha256, rsa_pkcs1_sha384, rsa_pkcs1_sha512, ecdsa_sha224, rsa_sha224, dsa_sha224, dsa_sha256, dsa_sha384, dsa_sha512
supported_versions Tls1.3, Tls1.2, Tls1.1, Tls1.0
psk_key_exchange_modes 01 01
key_share 00 24 00 1D 00 20 23 0D 69 2C 38 00 E8 FF 0C F5 F1 63 1E 44 F9 09 AE 56 AA 90 43 7C F5 D2 3F 9C EA 0B AC 23 18 3C
So how to send same packets as Chrome using Synapse? Or maybe there is way how to do it without Synapse? Also is there way to use synapse with BoringSSL instead of OpenSSL?
