-
Notifications
You must be signed in to change notification settings - Fork 179
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Detect web extensions #106
Comments
Firefox addons can be targeted and identified through JS and CSS behavior detection, but (as far as I know) the limit with this method is the behavior is not consistent across sites and the code is subject to change. But, with this method, it would still be easy to rate the probability of the extension being used based on known behavior. |
Source viewer: https://chrome.google.com/webstore/detail/chrome-extension-source-v/jifpbeccnghkjeaalbbjmodiffmgedin Popular: Google Translate Bitwarded (3K+ stars): |
Top categories: https://chrome.google.com/webstore/category/ext/7-productivity |
uBO filters (cosmetic) <div class="glx-teaser">glx-teaser</div>
<div class="inplayer-ad">inplayer-ad</div>
<div class="inplayer_banners">inplayer_banners</div>
<div class="in_stream_banner">in_stream_banner</div>
<div class="dbanner">dbanner</div>
<div class="preroll-blocker">preroll-blocker</div>
<div class="happy-inside-player">happy-inside-player</div>
<div>safe</div> |
This can also be used to detect Chromium vs Chrome. The official Chrome build comes with a couple of extensions such as the cast one. |
in Firefox what is shifted, or added, after here is
|
Nice. I might use that. I'm looking for a 2nd detection method to improve the current technique I'm working on in 8a8917d. Right now the section is focused on detecting resistance but it also detects extensions based on unique patterns in prototype lie details and relies on a stable set of APIs present with minimal extension settings. |
NFI why it came up as No. 2, it's actually No. 7. |
Initial concept is live at https://abrahamjuliot.github.io/creepjs/tests/extensions.html |
Detecting extensions in a chromium browser is rather candid. The
manifest.json
file can be viewed in a non-incognito window and underweb_accessible_resources
, the paths here are public, and then the list of public files can be obtained from the system folder.For example, this will detect Grammarly
Chrome Profile Path is at chrome://version/
Steps to obtain resources:
chrome-extension://chlffgpmiacpedhhbkiomidkjlcfhogd/manifest.json
web_accessible_resources
How to get webstore links
https://chrome.google.com/webstore/category/collection/wfh
[...document.querySelectorAll('.webstore-test-wall-tile a')].map(x => x.href)
Concept
The text was updated successfully, but these errors were encountered: