Hi, I want to understand it and explore

HMaker / HMaker.github.io

55 stars 11 forks source link

Hi, I want to understand it and explore #1

Closed vis2021t closed 1 year ago

vis2021t commented 1 year ago

Can u explain or provide me resources or maybe guide me to the understanding of it's working

it will be great if u provide a summary of work

vis2021t commented 1 year ago

Why inside CDPRuntimeDomainTest get is being called when it's a dev tools open I'm curious

why stack gets auto called ?

HMaker commented 1 year ago

Can u explain or provide me resources or maybe guide me to the understanding of it's working

Point to the code you have questions.

why stack gets auto called ?

On the docstring of CDPRuntimeDomainTest you have a link to the chromium code which does that. Chrome buffers console messages when devtools isnt open, so the stack will be never accessed. When you open devtools chrome starts serializing all buffered messages, here stack is accessed.

The devtools console uses the Devtools Runtime domain, specifically it listens to the Runtime.consoleAPICalled events. This event is what causes the leak, console messages are serialized when dispatching this event.

Chromedriver is just a devtools wrapper, under the hood it uses CDP to automate Chrome. This is why CDPRuntimeDomainTest detects when chromedriver is in place. It also detects CDP clients like puppeteer and playwright.

kaliiiiiiiiii commented 1 year ago

@HMaker Thanks for your great repository!

Seems like I managed to bypass your detections using the following script:

from selenium_driverless import webdriver
from selenium_driverless.types.by import By
import asyncio

async def main():
    options = webdriver.Options()
    async with webdriver.Chrome(options=options) as driver:
        await driver.get('https://hmaker.github.io/selenium-detector/')
        elem = await driver.find_element(By.CSS_SELECTOR, "#chromedriver-token")
        await elem.send_keys(await driver.execute_script('return window.token'))
        elem2 = await driver.find_element(By.CSS_SELECTOR, "#chromedriver-asynctoken")
        async_token = await driver.execute_async_script('window.getAsyncToken().then(arguments[0])')
        await elem2.send_keys(async_token)
        elem3 = await driver.find_element(By.CSS_SELECTOR, "#chromedriver-test")
        await elem3.click()
        print(await driver.title)

asyncio.run(main())

note: the script uses features, which are only included in the dev-branch yet

feel free to check it out & maybe find new ways to detect it:)

HMaker commented 1 year ago

@kaliiiiiiiiii I see you used pycdp to reimplement the selenium webdriver interface. Yes that works, all my detections here are targeted towards chromedriver.