Support for GimKit 4

[ecc521]

GimKit 4 has changed the way that the answer choices work, causing the bot to fail.

[MoonBarc]

aw snap. :( i'll try to fix but it might take a little

[ecc521]

Thats fine. Using .click() on answer choices doesnt work anymore. You probably want to go through devtools and delete listeners until it doesnt work - see what it is doing.

It could also be detecting the mouse pointer position or something - so examining the minified file (yuck) could help.

[MoonBarc]

Unfortunately I don't think you can move the mouse with javascript :/ What might be happening is they might've moved around some divs, causing the css selectors to try to click on something else (like the header), which does nothing.

[MoonBarc]

Nevermind, I think you're right. That's tricky. It has several listeners for things like mousein, mouseout, etc. Maybe you could modify the source code with code from a previous version of gimkit using the web archive, and then inject it and remove the new one. I'll see if that works.

[MoonBarc]

Alright, sorry for the 3rd comment in a row i promise this'll be the last one. I found the wayback link. But it does seem to be pretty hard to do as you'd have to run bot.js before any of the scripts load, and quickly inject the old one and remove the new one that's causing problems. idk how to do this but it's probably possible with an extension that blocks the new script from loading and uses the old script instead, maybe like an adblock that does weird things with proxies.

[ecc521]

You cant move the mouse with javascript... but you can create mouseevents and dispatch them, faking out the page.

[ecc521]

I'm quite busy right now, but Ill look at it some more once I have time.

On Sun, Oct 6, 2019, 11:30 AM Tucker Willenborg tuckerwillenborg@gmail.com wrote:

You cant move the mouse with javascript... but you can create mouseevents and dispatch them, faking out the page.

On Sun, Oct 6, 2019, 8:58 AM MoonBarc notifications@github.com wrote:

Nevermind, I think you're right. That's tricky. It has several listeners for things like mousein, mouseout, etc. Maybe you could modify the source code with code from a previous version of gimkit using the web archive, and then inject it and remove the new one. I'll see if that works.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/ecc521/gimkit-bot/issues/1?email_source=notifications&email_token=AKDVOGZMIJ2KZMVS23CB2BDQNHOI5A5CNFSM4I5OSL7KYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEAOJQBQ#issuecomment-538744838, or mute the thread https://github.com/notifications/unsubscribe-auth/AKDVOGYGGIXU4YP5524SAXDQNHOI5ANCNFSM4I5OSL7A .

[ecc521]

The best way to this would be to avoid messing with gimkits code - it may change such that the old site is incompatible with the new server side code

• but if we click on elements just like a user would, dispatching all the correct events, no change should be able to stop the bot.

On Sun, Oct 6, 2019, 11:31 AM Tucker Willenborg tuckerwillenborg@gmail.com wrote:

I'm quite busy right now, but Ill look at it some more once I have time.

On Sun, Oct 6, 2019, 11:30 AM Tucker Willenborg < tuckerwillenborg@gmail.com> wrote:

You cant move the mouse with javascript... but you can create mouseevents and dispatch them, faking out the page.

On Sun, Oct 6, 2019, 8:58 AM MoonBarc notifications@github.com wrote:

Nevermind, I think you're right. That's tricky. It has several listeners for things like mousein, mouseout, etc. Maybe you could modify the source code with code from a previous version of gimkit using the web archive, and then inject it and remove the new one. I'll see if that works.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/ecc521/gimkit-bot/issues/1?email_source=notifications&email_token=AKDVOGZMIJ2KZMVS23CB2BDQNHOI5A5CNFSM4I5OSL7KYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEAOJQBQ#issuecomment-538744838, or mute the thread https://github.com/notifications/unsubscribe-auth/AKDVOGYGGIXU4YP5524SAXDQNHOI5ANCNFSM4I5OSL7A .

[MoonBarc]

But what if it is indeed checking for a mouse position... how can we avoid that?

[ecc521]

~~We pretend the mouse is somewhere else... Just create the MouseEvent - then dispatch it.~~

If it is checking for mouse hovers, etc, we can also fake those.

UPDATED: See comment below.

[ecc521]

Ok. It's worse than I thought. Dispatching all the correct events does NOT work (I tried that out, see my js-click repo). It looks like GimKit is checked the isTrusted property - a property that can't be modified from client side JS (this is sad - in my opinion, javascript should be able to do anything that is not a security risk or heavy on the system). It looks like the only way to make this work is to play hardball and go with a chrome extension... Won't give us Firefox or Safari support, but oh well. https://developer.chrome.com/extensions/debugger

[ecc521]

The other option would be the native app based on puppeteer, electron, or something else. https://www.npmjs.com/package/puppeteer/v/1.10.0-next.1542771500097 https://electronjs.org/ I would say we should probably go with puppeteer or an extension for now.

[ghost]

Hows it going guys? Any progress on this? I'd like to help out once I understand what's going on.

[ecc521]

I'm quite busy, and haven't really had any time to work on this. Basically, GimKit has started checking the isTrusted property, which allows it to detect when clicks are created through JavaScript.

The only way to fake the isTrusted property is through a modified browser, or an extension. We could also consider replacing all instances of isTrusted with true in GimKit's code, although that could cause a bit of an arms race.

[ecc521]

Something like Tampermonkey may work, however I suggest we use Puppeteer

[kaijchang]

Has anyone checked this out for Chrome? https://chromedevtools.github.io/devtools-protocol/1-2/Input

[ecc521]

That appears to be part of the DevTools API - which we can access (I believe) from either a Chrome extension or from puppeteer or another similar tool.

[ecc521]

EDIT: The commenter that I was replying to subsequently deleted all their comments. At the moment, I am not quite sure why.

What you are doing is reverse-engineering GimKit's network communication - essentially building a new bot client. That design has far more potential than this design, but is harder to implement and inherently different.

We can fake isTrusted, but only with an extension or app.

Replacing isTrusted with true in GimKit's code has potential to cause an arms race. I would rather not do that.

[ecc521]

If you can get the entire kits data, then GimKit is clearly holding important data client side - a bad design. They should expect to be horribly burned by bots then.

[ecc521]

I'm suprised that worked for you. I'd tried that, and pretty much everything else with dispatchevent and event when GimKit 4 came out. Either I somehow missed that, or they changed their design.

If it works now, you can submit a PR. While your at it, you may want to confirm that the prices are still correct.

If you do make a PR, please make a function to do the clicking. I intend to add the mouseup mousedown events etc so they can't detect the fake clicks that way.

[ecc521]

UPDATE: Upon further testing, using bubbles: true, and composed: true results in an error "Can't read property pageX of undefined". I'm not quite sure what is causing this issue, although adding fake click coordinates may fix it. (default value is 0, which is falsy. This would be a common code bug)

[floppian]

What element did you try it on?

[ecc521]

Attempting to click one of the answer choices. I tried click, mousedown, etc, with bubbles and composed like normal events

[floppian]

Without any reverse engineering I can state that the error has nothing to do with it. When researching I didn't even see that error so it might just be you. I believe it is just the .isTrusted property. Might be a dead end I might be able to help you past this point but as my deadline approaches, Ill have to wish you luck on your project

[ecc521]

The getEventListeners devtools API should allow us to fake isTrusted. It's far from ideal, but I believe this issue can be definitively fixed.

[ecc521]

As of now, the bot is functional.

[ecc521]

Just switched tabs after closing this issue... Now sitting at a measly ~$120,000,000,000+~ $1,400,000,000 and rapidly rising.

[floppian]

Im gonna estimate what the next thing thats going to happen is. Gimkit is going to update - checking for the constructor of the event data so that it is always MouseEvent. This will prevent the bot from working. I would think ahead or just not do anything. I don't know, its just my estimate from a spectator's perspective.

[ecc521]

We should be able to overwrite the MouseEvent constructor if they do that, correct? I think defeating isTrusted effectively turns this into a game of cat and mouse again. (time to send my slightly scolding email to GimKit)

[floppian]

Don't mention me.. Ive talked to Josh a little bit, he is a really cool guy, I told him my thoughts on the stuff, but I had to appreciate that it was his business, and he should feel proud to continue with it.

Also, rewriting the MouseEvent constructor is harder than you think. Back in the good o'l days ( ha ha ) when I attempted to reverse, I tried mouseevents but I found them annoying, so I resorted to a better method.

[floppian]

How fast is this bot ecc521? Like 1,000,000,000 in 10 minutes?

[ecc521]

Easily. It takes about 2 minutes to max out all upgrades (excluding initial time guessing at answers), then answers about 1 question a second constantly. Improvements should bring this down to about 500 milliseconds a question (2 per second).

1 question per second works out to around $320,000,000,000 (hundreds of times more than your stated billion) in ten minutes. Add in the snowstorm powerups 10% balance compounding (says 5, looks like it is actually 10), and you should be well over a trillion. (Though that gold theme breaks the bot when applied)

On Mon, Jan 6, 2020, 9:31 PM FloppyT notifications@github.com wrote:

How fast is this bot ecc521? Like 1,000,000,000 in 10 minutes?

— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/ecc521/gimkit-bot/issues/1?email_source=notifications&email_token=AKDVOGYX6BIDWUJKTDDOFCTQ4PSRDA5CNFSM4I5OSL7KYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEIHPHLI#issuecomment-571405229, or unsubscribe https://github.com/notifications/unsubscribe-auth/AKDVOGYBMUFJ5QQ2BYTY5FLQ4PSRDANCNFSM4I5OSL7A .

[floppian]

Thats okay. The snowstorm probably won't come back for a while sadly ( that was my favorite one ). All the themes are (re)defined by the client

[MoonBarc]

Gimkit seems to be at it again. Sorry I didn't snatch a screenshot, but it managed to detect the bot, and kick me from the game. It said something along the lines of, "Injected client script detected. Please join a different game", or something like that. I'm wondering what the causes are, and if we might be able to fix it.

[floppian]

Its server side, I wouldn't recommend trying to avoid or "fix" it. Also, I believe Gimkit is tracking people using scripts.. so it is a sort of warning

[ecc521]

Probably detecting the global variable. That can be encapsulated.

On Wed, Jan 8, 2020, 5:33 PM MoonBarc notifications@github.com wrote:

Gimkit seems to be at it again. Sorry I didn't snatch a screenshot, but it managed to detect the bot, and kick me from the game. It said something along the lines of, "Injected client script detected. Please join a different game", or something like that. I'm wondering what the causes are, and if we might be able to fix it.

— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/ecc521/gimkit-bot/issues/1?email_source=notifications&email_token=AKDVOG2CQHGZRCU2NK5EDCTQ4ZIEPA5CNFSM4I5OSL7KYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEIOHLTI#issuecomment-572290509, or unsubscribe https://github.com/notifications/unsubscribe-auth/AKDVOG55YZE4T6EWLNCT4PLQ4ZIEPANCNFSM4I5OSL7A .

[ecc521]

Acts targeted though. Makes me consider obfuscating the code and not providing the source.

On Wed, Jan 8, 2020, 7:01 PM Tucker Willenborg tuckerwillenborg@gmail.com wrote:

Probably detecting the global variable. That can be encapsulated.

On Wed, Jan 8, 2020, 5:33 PM MoonBarc notifications@github.com wrote:

Gimkit seems to be at it again. Sorry I didn't snatch a screenshot, but it managed to detect the bot, and kick me from the game. It said something along the lines of, "Injected client script detected. Please join a different game", or something like that. I'm wondering what the causes are, and if we might be able to fix it.

— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/ecc521/gimkit-bot/issues/1?email_source=notifications&email_token=AKDVOG2CQHGZRCU2NK5EDCTQ4ZIEPA5CNFSM4I5OSL7KYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEIOHLTI#issuecomment-572290509, or unsubscribe https://github.com/notifications/unsubscribe-auth/AKDVOG55YZE4T6EWLNCT4PLQ4ZIEPANCNFSM4I5OSL7A .

[floppian]

No, it is checking how fast you are answering. Make this bot less op, its unfair.

[ecc521]

I told them that they would have to do that.... so they finally put an actual blocker in. May catch some people too though.

Try increasing the milliseconds in calls to sleep. Does that work?

On Wed, Jan 8, 2020, 7:09 PM FloppyT notifications@github.com wrote:

No, it is checking how fast you are answering. Make this bot less op, its unfair.

— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/ecc521/gimkit-bot/issues/1?email_source=notifications&email_token=AKDVOG3W2DZKDUE5UE427FTQ4ZTNJA5CNFSM4I5OSL7KYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEIOOIRY#issuecomment-572318791, or unsubscribe https://github.com/notifications/unsubscribe-auth/AKDVOG3RWY3KXLEUICUCGGTQ4ZTNJANCNFSM4I5OSL7A .

[floppian]

I have a ranking of all Gimkit hacks made, this kind of bot is #6 ( middle ). What we all know is that this bot will have to get slower... #7. You'll probably have to make it slow enough so that it is just as fast as the fastest player, making it more fair.

[ecc521]

The fastest players fastest answers - and the fastest player can miss questions, plus is effectively guaranteed to answer slower than their fastest speed. Longer questions increase the bots advantage too.

It should still be over twice as fast as the fastest player after that is all factored in.

On Wed, Jan 8, 2020, 7:14 PM FloppyT notifications@github.com wrote:

I have a ranking of all Gimkit hacks made, this kind of bot is #6 ( middle ). What we all know is that this bot will have to get slower... #7. You'll probably have to make it slow enough so that it is just as fast as the fastest player, making it more fair.

— You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub https://github.com/ecc521/gimkit-bot/issues/1?email_source=notifications&email_token=AKDVOG7FMUCVOYMNEWMQ7U3Q4ZT7NA5CNFSM4I5OSL7KYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEIOOSPI#issuecomment-572320061, or unsubscribe https://github.com/notifications/unsubscribe-auth/AKDVOGZLTDQUENY7GRIJGATQ4ZT7NANCNFSM4I5OSL7A .