Automation framework detected by pixelscan

[Somberor]

hey guys ,
any idea how can pixelscan.net detect my puppeteer even with stealth on?
http://prntscr.com/uhs1aq

This is a sample of the code:
`const puppeteer = require('puppeteer-extra');

const pluginStealth = require('puppeteer-extra-plugin-stealth');

puppeteer.use(pluginStealth());

let isheadless = false;
let browser2 = await puppeteer.launch({
    headless: isheadless,
    //ignoreHTTPSErrors: true,
    //executablePath: 'C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe',
    args: []
});
let page2 = (await browser2.pages())[0];`

Is it possible to add/modify more variables manually to make the browser even less detectable?
thank you!

[prescience-data]

@trnj I haven't looked at it myself, but I'm assuming they check the pixel overhang on this right?

Real Browser

Puppeteer Extra Stealth 2.6.1

(Available screen size +40 pixels)

@berstend @Niek I think this would be a good addition to default evasions, eg correcting the overhang automatically?

[Niek]

@prescience-data yes that would be a good one to add. Although I'm not sure it's causing it in this case.

[Niek]

There is a bug in 2.6.1... so wait for the next release or downgrade to 2.6.0.

Can you elaborate what bug you are referring to @trnj? Is it the plugins detection (must be since that's the only thing that changed between 2.6.0 and 2.6.1)?

Can you check if it's fixed with my PR applied? #312

[vladtreny]

Ok, I've finally found the reason.

If I disable 'iframe.contentWindow' on 2.6.0, this test fails.
Btw, I disable it because of the iframe redirect problem described here #202 (comment)
Has it been resolved yet?

Web gl is related to another issue, not pixel scan.

TS probably uses 2.6.1 which fails due to the bug. I think you can close this issue since 2.6.0 passes the test.

[Niek]

@trnj can you check my previous comment and see if it works with 2.6.1 + my PR applied?

[vladtreny]

Still the same on 2.6.1, even with proposed fix. Without iframe.contentWindow passes the test.

[Niek]

Looking forward to see the PR with the fix @trnj

[vladtreny]

Looking forward to see the PR with the fix @trnj

Just add here
https://github.com/berstend/puppeteer-extra/blob/master/packages/puppeteer-extra-plugin-stealth/evasions/iframe.contentWindow/index.js

The following

          const contentWindowProxy = {
            get(target, key) {
              // Now to the interesting part:
              // We actually make this thing behave like a regular iframe window,
              // by intercepting calls to e.g. `.self` and redirect it to the correct thing. :)
              // That makes it possible for these assertions to be correct:
              // iframe.contentWindow.self === window.top // must be false
              if (key === 'self') {
                return this
              }

          // ++++++++ Added these 2 lines +++++++++++
          if (key === 'document') 
              return iframe.contentDocument || iframe.contentWindow.document;
 
              // iframe.contentWindow.frameElement === iframe // must be true
              if (key === 'frameElement') {
                return iframe
              }
              return Reflect.get(target, key)
            }
          }

This would fix the problem with iframe redirect and the plugin will pass this test out of the box.

[brunogaspar]

You can add it yourself through a pull request :)

[Niek]

PR @ #327, closing this

[Niek]

New PR: #341