There are a bunch of sophisticated ways to obfuscate it, but it basically boils ... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

VWWHFSfQ on June 12, 2022 | parent | context | favorite | on: Show HN: Browser extension that spoofs your locati...

There are a bunch of sophisticated ways to obfuscate it, but it basically boils down to:

    <script>
        setInterval(function() {
            try {
                let before = new Date().getTime();

                // This will pause the program execution if debugging is enabled.
                // If debugging isn't enabled this statement is a no-op.
                debugger;

                let after = new Date().getTime();

                // Detect if the program was paused or not.
                if (after - before > 0.01) {
                    // > 10ms difference?  The program was (most likely) paused by the debugger.
                    document.body.innerHTML = "<h1>Debugging started</h1>";
                }
            } catch(e) {}
        }, 1000);
    </script>

There are some other ways to detect it by implementing various prototype methods and continually logging the object to the console. The methods are only invoked if the dev console is opened.

z0ccc on June 12, 2022 [–]

Doesn't seem like this work for detecting the extension.

VWWHFSfQ on June 12, 2022 | [–]

I'm able to get it to trigger on about ~10-20% of page reloads with your extension activated. Never when it isn't. Maybe it's just a matter of tuning the interval and detection threshold?

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact