Open strix opened 9 years ago
Any clue if this has been patched or if its detectable?
I wouldn't try it unless you want to endanger your academic career.
On Mar 15, 2018 11:56 AM, "ioozz" notifications@github.com wrote:
Any clue if this has been patched or if its detectable?
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/strix/canvas-hack/issues/3#issuecomment-373467926, or mute the thread https://github.com/notifications/unsubscribe-auth/ALDQOnPjxEJHSI1DZ8igALLTnaNvN_sqks5teqtNgaJpZM4D9B0V .
It's been a while since I've worked on this so some of the selectors might need to be updated but it should still work. Upon developing the quiz cyborg, it should be nearly impossible to detect since it would mimic human behavior.
Detecting the quiz bot would be easier because each time an answer is selected, canvas makes a HTTP call to their server to save the current answer. Since the quiz bot selects everything in one go, it would send a flood of HTTP requests which could be detected if monitored. Also if there is a test officiator looking at your screen when you run the quiz bot script, it would be suspicious seeing all answers being filled instantaneously.
Got it thanks for the reply. My instructor has one question at a time quizzes so I don't think it would matter unless the bot automatically clicks next
It would work on those types of quizzes as well but you'd have to run the script on every question individually. The answer key persists throughout so when you run printAnswerKey()
it should still be comprehensive. Also if you were to use the answer key later (see the README) then you'd have to run that line of code for every question as well
Just took the first quiz and I noticed his are one attempt only. I guess I'll keep the code bookmarked for later classes.
If there was a way to pause the canvas test time that would be even better but I'm assuming canvas keeps time on the servers.
Couldn't the questions be shoved into local or session storage in JSON format to avoid making excessive http calls?
I'm like 99% sure the start and end times are recorded remotely and the timer is purely there for the user.
Oh, I tested this in Canvas and one of the jquery selectors is off, and it throws up all over if you have any "matching" questions.
I was mistaken. You have to run the quiz-analyzer script in between quiz-bot script attempts. Is that what you’re doing? The README has instructions
This will essentially be the quiz bot but with more human behavior. Some thoughts that come to mind include: