Hello, during my academic research I came across one website which has very
disturbing levels of fingerprinting. It manages to detect that I come from
same device despite me hooking, randomizing and changing more then 850 >0.0
entropy values. Including using VPN connection or proxies. I found the
script that is responsible for that but the issue is that its heavily
heavily obfuscated. I believe this vendor is abusing some zero day in
Chromium to access some extremely high entropy values and I want to find
out what this is and report it. The only thing I know about this script is
that they save their collector variables inside object that has key "sigs".
They append 124 attributes to this key which are objects representing some
values. I was wondering is it possible somewhere in v8 to hook object
creation and sniff for all objects that get added to this key value and
dump them somewhere? In theory it sounds very possible, but in practice
could it be done? Pseudo code of them doing this fingerprinting is
something like this.
obj1 = {}
obj1['sigs '] = {canvas:hash... etc etc} //some important values,
var obj2 = {}
obj2['sigs '] = {......} //some important values
var obj3 = {}
obj3['sigs '] = {..........} //some important values
I tried many things on JavaScript land, but they have too many integrity
checks and it simply doesn't work. This has to be approached in my opinion
lower level, such as V8. Is it possible even to do this in runtime and dump
all objects that are using "sigs" as key value?
Best regards
--
--
v8-users mailing list
v8-users@googlegroups.com
http://groups.google.com/group/v8-users
---
You received this message because you are subscribed to the Google Groups
"v8-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to v8-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/v8-users/7075e923-aaed-478c-85fd-692c3d80d4fen%40googlegroups.com.
