Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> This can be detected easily using

> navigator.credentials.create.toString() != "function () { [native code] }"

Are you sure? If I can replace navigator.credentials.create then surely I can replace its toString as well.



The author didn't do that in article. You sure can replace toString (which can be detected as-well).


> You sure can replace toString (which can be detected as-well)

Are you sure? You can make “native code” functions with .bind(null)

    (function(){ var a=function(){};a.prototype.toString=navigator.credentials.create.toString.bind(navigator.credentials.create); return new a();})().toString()


Yes, I'm. For the record, your code can be detected easily using,

toString.name

Which results "bound toString" wheres real one results "toString"


You can set toString.name


You can of course, but how about these?

(function(){ var a=function(){};a.prototype.toString=navigator.credentials.create.toString.bind(navigator.credentials.create); return new a();})().toString == Function.prototype.toString

yields false where

navigator.credentials.create.toString == Function.prototype.toString

yields true


Of course you can "just" modify Function.prototype.toString as well. And so on.


You know what that can be detected as-well. I'm trying to prove my point that it's endless cat and mouse game.


I think we're talking past each other then.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: