Browser Automation Studio is undetected

[LessThanGreaterThan]

Hey, it seems like BAS ( https://bablosoft.com/shop/BrowserAutomationStudio ) is currently undetected,
from the looks of it they use a custom compiled chrome version.

[abrahamjuliot]

It appears that the fingerprint feature is a paid service. There is a lot of cool stealthy software out there.

We mostly give attention to FOSS-privacy tools. I will take a look, but will probably not make modifications to show it can be detected.

[LessThanGreaterThan]

It appears that the fingerprint feature is a paid service. There is a lot of cool stealthy software out there.

We mostly give attention to FOSS-privacy tools. I will take a look, but will probably not make modifications to show it can be detected.

Hey abraham, even the free version passes it.

[abrahamjuliot]

Nice. I will definitely check it out.

In the future, I may introduce some concepts showing that fingerprint and score are of little value compared to server-side fingerprints.

Everything that does not blend-in with normal traffic on the site can be detected. For example, you could generate 200 – 1000 requests in 24 hours, and usually, it can be traced. If you would like to try this out for fun, I can try to tag and name your browser in the analysis section. Make sure to generate many requests.

[LessThanGreaterThan]

Nice. I will definitely check it out.

In the future, I may introduce some concepts showing that fingerprint and score are of little value compared to server-side fingerprints.

Everything that does not blend-in with normal traffic on the site can be detected. For example, you could generate 200 – 1000 requests in 24 hours, and usually, it can be traced. If you would like to try this out for fun, I can try to tag and name your browser in the analysis section. Make sure to generate many requests.

should every regist be signed or just the first ?

[LessThanGreaterThan]

No need to sign, and randomizing fingerprints is optional, but not needed.

around 400 executions have been done.

[abrahamjuliot]

Okay, try now. In the analysis section, you see “bad” for the hidden fingerprint, but let me know if I missed the target. If you open a different or clean browser, it should go away.

[abrahamjuliot]

I'm just looking at last 2 hrs today, but can pick a different date.

[LessThanGreaterThan]

Okay, try now. In the analysis section, you see “bad” for the hidden fingerprint, but let me know if I missed the target. If you open a different or clean browser, it should go away.

Looks good now, also seems to be flagged with a changed fingerprint.

[LessThanGreaterThan]

also noticed that console.log() is not possible inside the custom chrome, it will only print "undefined"

[vxuv]

Could probably hook console.log and check the console outputs. Depending on how BAS has tampered with the function you might be able to detect it with the given types.

(function () {
    const _console = console.log.bind(console);
    let log_history = [];
    console.log = function () {
        log_history.push(arguments);
        _console.apply(this, arguments);
    }
    console.log("Hello World");
    for (let i = 0; i < log_history.length; i++) {
        if (log_history[i][0] !== "Hello World") {
            return false;
        }
    }
    //restore the hook
    console.log = _console;
    return true;
})();

[LessThanGreaterThan]

Could probably hook console.log and check the console outputs. Depending on how BAS has tampered with the function you might be able to detect it with the given types.

(function () {
    const _console = console.log.bind(console);
    let log_history = [];
    console.log = function () {
        log_history.push(arguments);
        _console.apply(this, arguments);
    }
    console.log("Hello World");
    for (let i = 0; i < log_history.length; i++) {
        if (log_history[i][0] !== "Hello World") {
            return false;
        }
    }
    //restore the hook
    console.log = _console;
    return true;
})();

sadly doesn't seem to work. thank you non the less.

[vxuv]

Do you have a copy of the BAS chromium binary? Want to try something.

[LessThanGreaterThan]

Do you have a copy of the BAS chromium binary? Want to try something.

Yes i do. want me to upload it or anything?

[vxuv]

Do you have a copy of the BAS chromium binary? Want to try something.

Yes i do. want me to upload it or anything?

Yeah that would be great

[LessThanGreaterThan]

Do you have a copy of the BAS chromium binary? Want to try something.

Yes i do. want me to upload it or anything?

Yeah that would be great

Hey, you can either download the free version from BAS here: https://bablosoft.com/shop/BrowserAutomationStudio#download
or if you just want the custom compiled chrome: https://www.sendspace.com/file/5bha3p

[vxuv]

Doesn't appear to run, can you check if there are any run parameters specified on the binary? Tried to get it running through selenium and puppeteer but neither worked. I assume its the worker.exe file?

https://superuser.com/questions/415360/how-do-i-find-out-command-line-arguments-of-a-running-program

[LessThanGreaterThan]

Doesn't appear to run, can you check if there are any run parameters specified on the binary? Tried to get it running through selenium and puppeteer but neither worked. I assume its the worker.exe file?

https://superuser.com/questions/415360/how-do-i-find-out-command-line-arguments-of-a-running-program

yes its worker.exe

full cli

"C:\Users\LTGT\AppData\Roaming\BrowserAutomationStudio\apps\25.4.1\Worker\chrome\worker.exe" --remote-debugging-port=16668 --unique-process-id=0pMhvMU2 --parent-process-id=25524 --no-proxy-server --no-sandbox --force-device-scale-factor=1 --noerrdialogs --window-position=0,0 --disable-smooth-scrolling --disable-auto-reload --disable-component-update --disable-features=GpuProcessHighPriorityWin,GpuUseDisplayThreadPriority --disable-gpu-program-cache --disable-gpu-shader-disk-cache --disk-cache-size=1 --enable-features=ViewportHeightClientHintHeader --lang=en --reduce-user-agent-minor-version --window-size=1040,688 --user-data-dir="C:\\Users\\LTGT\\AppData\\Roaming\\BrowserAutomationStudio\\apps\\25.4.1\\prof/kUjSYtdK" about:blank

[NCLnclNCL]

Doesn't appear to run, can you check if there are any run parameters specified on the binary? Tried to get it running through selenium and puppeteer but neither worked. I assume its the worker.exe file?
https://superuser.com/questions/415360/how-do-i-find-out-command-line-arguments-of-a-running-program

yes its worker.exe

full cli

"C:\Users\LTGT\AppData\Roaming\BrowserAutomationStudio\apps\25.4.1\Worker\chrome\worker.exe" --remote-debugging-port=16668 --unique-process-id=0pMhvMU2 --parent-process-id=25524 --no-proxy-server --no-sandbox --force-device-scale-factor=1 --noerrdialogs --window-position=0,0 --disable-smooth-scrolling --disable-auto-reload --disable-component-update --disable-features=GpuProcessHighPriorityWin,GpuUseDisplayThreadPriority --disable-gpu-program-cache --disable-gpu-shader-disk-cache --disk-cache-size=1 --enable-features=ViewportHeightClientHintHeader --lang=en --reduce-user-agent-minor-version --window-size=1040,688 --user-data-dir="C:\\Users\\LTGT\\AppData\\Roaming\\BrowserAutomationStudio\\apps\\25.4.1\\prof/kUjSYtdK" about:blank

It using JavaScript to fake fingerprint and it can detected and heavy