Hacker News new | ask | show | jobs
by sometimesshit 1823 days ago
This can be detected easily using

navigator.credentials.create.toString() != "function () { [native code] }"

Another way is to hook the Fetch API and log outgoing urls that are not authenticated by Cloudflare

Welcome to the start of another catch and mouse game.
1 comments
geocar 1823 days ago
> This can be detected easily using

> navigator.credentials.create.toString() != "function () { [native code] }"

Are you sure? If I can replace navigator.credentials.create then surely I can replace its toString as well.

link
sometimesshit 1823 days ago
The author didn't do that in article. You sure can replace toString (which can be detected as-well).
link
geocar 1823 days ago
> You sure can replace toString (which can be detected as-well)

Are you sure? You can make “native code” functions with .bind(null)

    (function(){ var a=function(){};a.prototype.toString=navigator.credentials.create.toString.bind(navigator.credentials.create); return new a();})().toString()
link
sometimesshit 1823 days ago
Yes, I'm. For the record, your code can be detected easily using,

toString.name

Which results "bound toString" wheres real one results "toString"

link
geocar 1823 days ago
You can set toString.name
link
sometimesshit 1822 days ago
You can of course, but how about these?

(function(){ var a=function(){};a.prototype.toString=navigator.credentials.create.toString.bind(navigator.credentials.create); return new a();})().toString == Function.prototype.toString

yields false where

navigator.credentials.create.toString == Function.prototype.toString

yields true

link