Answer the question
In order to leave comments, you need to log in
N
N
numitus22016-05-25 17:02:15
numitus2, 2016-05-25 17:02:15
How can a server detect a bot?
I am engaged in reverse engineering of one mobile client. I wrote mitm proxy in python. The problem is that the server detects that it is not the original client that is connecting. Although, as far as I checked, the server does not request a client certificate. What other detection options can there be?
3 answer(s)
@alsopub
@Rou1997
@CityCat4
A
Alexey, 2016-05-25 @alsopub
The client can send data from a certificate (received from mitm) that the server does not match with its own. Or the client can receive some data from the server, encrypt it with the server's certificate data, and send it back. It would be nice to see the exchange (if it is at least somehow readable) until it is determined that the client is not native.
R
Rou1997, 2016-05-25 @Rou1997
Are there few of them, maybe they forgot the title, or a query parameter.
C
CityCat4, 2016-05-25 @CityCat4
Whatever. The client can transmit some kind of "magic sequence" - the key by which "friend or foe" is determined. If the exchange is encrypted - useless. If there is a decrypted original exchange, sit down and sort through the packets what is being transmitted and why.
Similar questions
E
I
R
S
T
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question