Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Very easy to bypass #76

Open
doctor8296 opened this issue Nov 4, 2024 · 7 comments
Open

Very easy to bypass #76

doctor8296 opened this issue Nov 4, 2024 · 7 comments

Comments

@doctor8296
Copy link

doctor8296 commented Nov 4, 2024
edited
Loading 

console.log = () => {};
console.table = () => {};
Function.prototype.constructor = () => {};
setInterval = () => {};

for (let i=0;i <1e6; i++) {
    clearInterval(i);
}

delete Navigator.prototype.userAgent

And a lot more.
The only people likely to open the developer tools intentionally are those who know exactly what they’re doing, which might make this method less effective in practice, even if it technically works as designed.

The only case I can imagine is comical one:
@ Open devtool
@ Sees it has devtool protection
@ Nah, I am too lazy to go any further

However, I really appreciate the impressive amount of research that’s gone into ensuring compatibility across nearly all browsers. Thanks for all the hard work!
@doctor8296
Copy link
Author

By the way, here another way to stuck the browser without ability to debugg it during crash trigger:

(async function f() {f(), f()})();

@AEPKILL
Copy link
Owner

AEPKILL commented Nov 8, 2024
edited
Loading

Yes, this library merely adds a little bit of difficulty for the debuggers. If there's a higher demand for anti-debugging, you can try WebAssembly or VMP, or implement the core logic on the server side.

@doctor8296
Copy link
Author

doctor8296 commented Nov 8, 2024
edited
Loading

@AEPKILL, my focus is more on strengthening the system—using unredefinable methods and similar techniques. I’m researching this a lot and working to counter script-based attacks, which are the most common. I’ve developed anti-cheat measures for several browser games, and while I haven’t yet implemented my strongest concept, it's beyond any existing protections out there, the same can be pretty much be used by your library. Because the only purpose of it is to protect source code and prevent debugging, so I think it can be useful in this case.

Maybe I will show later some of my tricks and how they can be used to protect this library from almost any "script based attacks"

@AEPKILL
Copy link
Owner

AEPKILL commented Nov 9, 2024

@doctor8296 Your ideas are very interesting. I'm particularly intrigued by the unredefinable methods you mentioned. Can you share some more details about how they work?

@doctor8296
Copy link
Author

doctor8296 commented Nov 9, 2024
edited
Loading

@AEPKILL sure, but I'd prefer to talk privately about it, because some of protection methods are not public yet.
Where can we do that, I have plenty of options, like telegram or discord (same username) or maybe just over email

@AEPKILL
Copy link
Owner

AEPKILL commented Nov 9, 2024

@doctor8296 Sure, I understand your need for privacy. I think email would be a great way to have this discussion. Please send your thoughts and details to my email address at [[email protected]]. Looking forward to hearing from you soon!

@AEPKILL
Copy link
Owner

AEPKILL commented Nov 9, 2024

@doctor8296 It's almost 11 pm local time. I'm going to bed now. Sorry I might not reply to your emails and messages promptly.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@AEPKILL @doctor8296