← Back to context

Comment by nullpt_rs

6 days ago

Thanks for sharing some examples! Someone shared a similar project in the other thread. I didn’t realize this at the time of writing haha.

FWIW I still think modifying the browser has some positives wrt stealth and hooking out of process frames (could be wrong on the second part, haven’t actually tested!)

Still good to know though will leave a note in the article :-)

4 comments

nullpt_rs

Reply
tbrockman  6 days ago

Yeah, there's a pretty overwhelming amount of browser APIs and functionality which isn't always (well-)documented to learn about. If I recall correctly Proxies wouldn't be detectable (seems to be supported by https://exploringjs.com/es6/ch_proxies.html#sec_detect-proxi...) so long as your injected content script runs first (otherwise other code could presumably override the Proxy constructor). You should also be able to hook any embedded frames by setting `target: { ..., allFrames: true }`.

  • 2bird3  6 days ago

    To note, there are undocumented detections to even Proxys, for example using `in` operator in v8 (such as `proxiedFunc in 1` for some proxied function). Really cool to see a project like this.

    • webstrand  6 days ago

      How do you use `in` in v8 to detect proxies? I assume its a difference in the exception, but the message and the cause were the same in both direct and proxied `x in 1`.

      1 reply →