Hi-hi! There is implementation of some algorithms for obtaining information from a browser about a computer, network and browser itself.
This scripts were written for dreamhack 3 competition in about 24 hours, so this lost some of code best practice. (check my demhack3 project)
- Base browser attributes: CPU threads, renderer, browser vendor, and much more (provided by fingerprintjs)
- Desktop app (external protocol flooding vulnerability)
- Browser extensions (browser plugin) detector
- Open ports
- Private mode (Incognito mode detection)
- Browser itself (Chrome, FireFox, Opera, etc.)
Every lib has this own func with promise, so if you need something specific, just call it
getFPJSLibDataPromise(); // Fingerprintjs data
let detectApp = newDetectApp();
detectApp.getUserApps(); // Desktop app detector
getExtensions(); // Browser extensions (browser plugin)
getOpenPorts(); // Open ports
isPrivateMode(); // Private mode
getMetrics(); // And if you want them all
consolePrintGetMetrics();
consolePrintJSONGetMetrics();
Below some information about the source of idea/code/both, that I used and adapted for my purpose, and some attributes description:
I just use fingerprintjs lib, for obtain base browser attributes. It's work, it's fine. It provides a lot of attributes, unfortunately some of them works only in some browsers, chrome for example.
Idea and idea live demo and idea live demo source code.
So the main idea found the application from defined pull. As you know browser could suggest to you open app, if it is installed on your device. For this purpose special links (deep links), like "skype://", are used. And from js we could know, when this "suggest window" open. Easy!
So, this realization just a kind of copy-paste from TypeScript realization of live demo, I adopt it for js and delete some React bindings... And it works.
Simple and powerfull)
All that you need to know, you could do js fetch for extensions pages of this are public.
My realization use defined pull of extensions id's and public pages (you should parse it from store) to detect if it is installed in browser.
Chrome browser url for fetch is:
chrome-extension://EXTENSION_ID/EXTENSION_STATIC_FILE
- Parse it from store page
- Load .crx archive with extension (I used crxextractor)
- Open archive and find manifest.json (it's not zip, so use the special arhivator), looking for static files in "web_accessible_resources"
The idea is simple, try to get something from closed port and from open port, fetching info from open port is little bit slower. But it's only idea) It not work with chrome and windows (But works with linux and firefox)
Concept and code I just added promises for integration in my main function
So I just google it and found several realization, this don't work with < Chrome 92, but works with others.
Almost full realization I found here
If you are interested in story of incognito mode detection, you could read this article. This article is not about how to do it now, but it's interesting.
It's just from StackOwerflow thread), and it not works for actual chrome.
You could check how it works with your PC with index.html