search

blueclosure / BCDetect

5 stars 0 forks source link

BCDetect appears to break with Google's reCAPTCHA #36

Closed 0xdevalias closed 6 years ago

0xdevalias commented 6 years ago

A teammate passed on this issue to me today to raise with you guys.

It seems that BCDetect will break when trying to process a site using Google reCAPTCHA.

The following URL, run through BCDetect, will cause a bunch of issues:

Errors produced are similar to the following:

Error RewriteJS 0,function () { [native code] } Error: Line 1: Unexpected identifier
    at a.constructError (<__BCDetect__>0.444313674555727:7:8042)
    at a.createError (<__BCDetect__>0.444313674555727:7:8261)
    at a.unexpectedTokenError (<__BCDetect__>0.444313674555727:5:9475)
    at a.throwUnexpectedToken (<__BCDetect__>0.444313674555727:5:9679)
    at a.expect (<__BCDetect__>0.444313674555727:5:12551)
    at a.parseArrayInitializer (<__BCDetect__>0.444313674555727:5:17737)
    at a.inheritCoverGrammar (<__BCDetect__>0.444313674555727:5:14336)
    at a.parsePrimaryExpression (<__BCDetect__>0.444313674555727:5:16078)
    at a.inheritCoverGrammar (<__BCDetect__>0.444313674555727:5:14336)
    at a.parseLeftHandSideExpressionAllowCall (<__BCDetect__>0.444313674555727:5:27092)
    at a.inheritCoverGrammar (<__BCDetect__>0.444313674555727:5:14336)
    at a.parseUpdateExpression (<__BCDetect__>0.444313674555727:5:29975)
    at a.parseUnaryExpression (<__BCDetect__>0.444313674555727:5:31357)
    at a.inheritCoverGrammar (<__BCDetect__>0.444313674555727:5:14336)
    at a.parseExponentiationExpression (<__BCDetect__>0.444313674555727:5:31472)
    at a.inheritCoverGrammar (<__BCDetect__>0.444313674555727:5:14336)
    at a.parseBinaryExpression (<__BCDetect__>0.444313674555727:6:74)
    at a.inheritCoverGrammar (<__BCDetect__>0.444313674555727:5:14336)
    at a.parseConditionalExpression (<__BCDetect__>0.444313674555727:6:981)
    at a.parseAssignmentExpression (<__BCDetect__>0.444313674555727:6:3202)
    at a.isolateCoverGrammar (<__BCDetect__>0.444313674555727:5:13795)
    at a.parseExpression (<__BCDetect__>0.444313674555727:6:5506)
    at a.parseExpressionStatement (<__BCDetect__>0.444313674555727:6:12149)
    at a.parseStatement (<__BCDetect__>0.444313674555727:6:22345)
    at a.parseStatementListItem (<__BCDetect__>0.444313674555727:6:6602)
    at a.parseFunctionSourceElements (<__BCDetect__>0.444313674555727:6:23695)
    at a.parseFunctionExpression (<__BCDetect__>0.444313674555727:6:28102)
    at a.parsePrimaryExpression (<__BCDetect__>0.444313674555727:5:16831)
    at a.inheritCoverGrammar (<__BCDetect__>0.444313674555727:5:14336)
    at a.parseLeftHandSideExpressionAllowCall (<__BCDetect__>0.444313674555727:5:27092)
    at a.inheritCoverGrammar (<__BCDetect__>0.444313674555727:5:14336)
    at a.parseUpdateExpression (<__BCDetect__>0.444313674555727:5:29975)
    at a.parseUnaryExpression (<__BCDetect__>0.444313674555727:5:31357)
    at a.inheritCoverGrammar (<__BCDetect__>0.444313674555727:5:14336)
    at a.parseExponentiationExpression (<__BCDetect__>0.444313674555727:5:31472)
    at a.inheritCoverGrammar (<__BCDetect__>0.444313674555727:5:14336)
    at a.parseBinaryExpression (<__BCDetect__>0.444313674555727:6:74)
    at a.inheritCoverGrammar (<__BCDetect__>0.444313674555727:5:14336)
    at a.parseConditionalExpression (<__BCDetect__>0.444313674555727:6:981)
    at a.parseAssignmentExpression (<__BCDetect__>0.444313674555727:6:3202)
    at a.isolateCoverGrammar (<__BCDetect__>0.444313674555727:5:13795)
    at a.parseExpression (<__BCDetect__>0.444313674555727:6:5672)
    at a.parseExpressionStatement (<__BCDetect__>0.444313674555727:6:12149)
    at a.parseStatement (<__BCDetect__>0.444313674555727:6:22170)
    at a.parseStatementListItem (<__BCDetect__>0.444313674555727:6:6602)
    at a.parseScript (<__BCDetect__>0.444313674555727:7:2564)
    at Object.b [as parse] (<__BCDetect__>0.444313674555727:3:25929)
    at Object.f [as rewrite] (<__BCDetect__>0.444313674555727:11:21431)
    at rewriteJS (<__BCDetect__>____A:2:15321)
    at Object.eval_control (<__BCDetect__>____A:2:13281)
    at eval (eval at Function (:3:6053), <anonymous>:139:51)
    at eval (eval at Function (:3:6053), <anonymous>:140:14)
    at p (eval at Function (:3:6053), <anonymous>:611:214)
    at b.eval [as C] (eval at Function (:3:6053), <anonymous>:435:13)
    at J (eval at Function (:3:6053), <anonymous>:555:31)
    at m (eval at Function (:3:6053), <anonymous>:691:130)
    at t (eval at Function (:3:6053), <anonymous>:589:39)
    at P (eval at Function (:3:6053), <anonymous>:244:13)
    at new b (eval at Function (:3:6053), <anonymous>:312:13)
    at new eval (eval at Function (:3:6053), <anonymous>:732:28)
    at new eval (eval at Function (:3:6053), <anonymous>:742:257)
    at https://www.gstatic.com/recaptcha/api2/r20171115120512/recaptcha__en.js:10206:210
    at https://www.gstatic.com/recaptcha/api2/r20171115120512/recaptcha__en.js:3075:51
    at Mf (https://www.gstatic.com/recaptcha/api2/r20171115120512/recaptcha__en.js:3225:87)
    at Hf (https://www.gstatic.com/recaptcha/api2/r20171115120512/recaptcha__en.js:3215:32)
    at sf.F (https://www.gstatic.com/recaptcha/api2/r20171115120512/recaptcha__en.js:3197:13)
    at of (https://www.gstatic.com/recaptcha/api2/r20171115120512/recaptcha__en.js:2855:49)
    at <anonymous>

The above was found with BCDetect v1.1.2

wisec commented 6 years ago

Fixed in upcoming release. Thanks!