Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

iframe.contentWindow evasion can leak Object.apply in stack traces #318

Closed
prescience-data opened this issue Sep 14, 2020 · 6 comments · Fixed by #365
Closed

iframe.contentWindow evasion can leak Object.apply in stack traces #318

prescience-data opened this issue Sep 14, 2020 · 6 comments · Fixed by #365
Labels
bug Something isn't working plugin: stealth ㊙️ Detection evasion related

Comments

@prescience-data
Copy link
Collaborator

prescience-data commented Sep 14, 2020
edited
Loading

Similar to #209 there is instances in the wild searching for: Object.apply (<anonymous> in thrown error stack traces.

Real browser:

Error: Failed to execute 'createElement' on 'Document': The tag name provided ([redacted]) is not a valid name.
    at test.js?660921:2

Puppeteer with Extra Stealth 2.6.1

Error: Failed to execute 'createElement' on 'Document': The tag name provided ([redacted]) is not a valid name.
    at Object.apply (<anonymous>:80:31)
    at test.js?103622:2

Second case fails the vendor detection test.
@momala454
Copy link

careful to not remove all Object.apply, which could be detected by purposely creating a stack containing Object.apply

@prescience-data prescience-data changed the title Search and replace Object.assign in stack trace Search and replace "Object.apply (<anonymous>" in stack trace Sep 14, 2020
@Niek
Copy link
Collaborator

Niek commented Sep 14, 2020

Sample test code:

try {
    document["createElement"](0);
} catch (e) {
    console.log(e.stack)
}

@prescience-data
Copy link
Collaborator Author

prescience-data commented Sep 27, 2020
edited
Loading

Sample test code:

try {
    document["createElement"](0);
} catch (e) {
    console.log(e.stack)
}

Sample code including the observed detection:

var detection;
var stack;
try {
    document.createElement(0);
} catch (err) {
    try {
        stack = err.stack.split('\n');
        detection = (stack.length >= 2) ? !!stack[1].match(/Ob[cej]{3}t\.a[lp]{3}y[\(< ]{3}an[oynm]{5}us>/) : 'Normal stack trace.';
    } catch (errOfErr) {
        detection = 'Stack trace hijacked.';
    }
}

image

@berstend
Copy link
Owner

This is leveraging the ancient/shitty iframe.contentWindow evasion, which hasn't been updated yet to use the new stealth utilities:

puppeteer-extra/packages/puppeteer-extra-plugin-stealth/evasions/iframe.contentWindow/index.js

Line 95 in 12fe3af

const createElement = {

@berstend
Copy link
Owner

berstend commented Sep 30, 2020
edited
Loading

Workaround for the time being: Disabling the iframe.contentWindow evasion

@berstend berstend mentioned this issue Sep 30, 2020
Closed
@berstend berstend changed the title Search and replace "Object.apply (<anonymous>" in stack trace iframe.contentWindow evasion can leak Object.apply in stack traces Sep 30, 2020
@berstend berstend added bug Something isn't working plugin: stealth ㊙️ Detection evasion related labels Sep 30, 2020
@berstend berstend mentioned this issue Nov 2, 2020
Merged
@berstend
Copy link
Owner

berstend commented Nov 2, 2020

Fixed in puppeteer-extra-plugin-stealth@2.6.5

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working plugin: stealth ㊙️ Detection evasion related
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix(plugin-stealth): Fix leaking stack traces in createElement berstend/puppeteer-extra
4 participants
@momala454 @Niek @berstend @prescience-data