ultrafunkamsterdam / undetected-chromedriver

Custom Selenium Chromedriver | Zero-Config | Passes ALL bot mitigation systems (like Distil / Imperva/ Datadadome / CloudFlare IUAM)
https://github.com/UltrafunkAmsterdam/undetected-chromedriver
GNU General Public License v3.0
10.14k stars 1.17k forks source link

Detection on ChatGPT #1223

Open 500-username-error opened 1 year ago

500-username-error commented 1 year ago

There seems to be a rather interesting change on ChatGPT that is not the typical Selenium detection issue. It gets through the initial CloudFlare detection just fine and is able to login, etc, but it doesn't fully login. You only have a spinning wheel at the top and behind the scenes an ajax call return an error for the session authorization and it's not really usable.

I have tested it with undetected-chromedriver in place, and the same error happens (when it gets by CF) so it is Selenium-related, or more likely detection of Selenium. I have tested it both in linux and windows with chrome versions 110 and 112.

I have tested it with Selenium from version 4 up to 4.9 with no changes. I thought I saw at one point it looking for a window.crc fingerprint in an error although I was able to verify through tools it wasn't set.

One other thing I noticed is that in the dev tools console i see 'undetected chromedriver 1337!' and if i reload the page (already signed in) that it display it again. I see that same message within patcher.py but don't yet see how that translates to seeing it in the console.

It seems to be roughly related to the bet365 issue people were seeing although trying similar things in the discussions ( https://github.com/ultrafunkamsterdam/undetected-chromedriver/discussions/1078 ).

I'll try an older chrome version next in linux to see what that does. It does not appear to be detected that this module is in use, only that it is doing something new to detect selenium. Without using selenium everything works as expected.

I did test it with a minimum uc, and with a chrome profile setup much as suggested in the other discussion linked above. Using a chrome user profile in fact that I first logged into by hand, when using selenium/uc and bringing up the page and already being logged in, the same end result of having a fully authorized session is still there.

Anyone have any other ideas or need any other information I may see (though it appears to be very reproducible and not plugin-related)?

500-username-error commented 1 year ago

It appears the only difference is that the call to https://chat.openai.com/api/auth/session gets a 429 instead of a 200. The difference appears to be in the cookies that are sent. The version that works in a normal browser's request headers have cookies for cf_clearance, _puid, __cf_bm.