From 7ea802a399276a83eb20e4704fc1968fdc122a4e Mon Sep 17 00:00:00 2001 From: Theodore Dubois Date: Sun, 1 Sep 2024 14:31:07 -0700 Subject: [PATCH] Bypass Enhanced Tracking Protection Load the abs.twimg.com in the sandbox which does not run into the firefox builtin blocker, i'm guessing because its js world is considered part of the twitter.com page and thus allowed to bypass the twitter.com blocker or some shit idk --- sandbox.html | 26 ++++++++++++++++++++++---- scripts/twchallenge.js | 17 ----------------- 2 files changed, 22 insertions(+), 21 deletions(-) diff --git a/sandbox.html b/sandbox.html index a9cbfc60..c31b36a4 100644 --- a/sandbox.html +++ b/sandbox.html @@ -22,6 +22,24 @@ let data = event.data; if (data.action === 'init') { try { + let url = `https://abs.twimg.com/responsive-web/client-web/ondemand.s.${data.challengeCode}a.js` + let challengeData; + try { + challengeData = await fetch(url).then(res => res.text()); + } catch(e) { + await sleep(500); + try { + challengeData = await fetch(url).then(res => res.text()); + } catch(e) { + await sleep(1000); + try { + challengeData = await fetch(url).then(res => res.text()); + } catch(e) { + throw new Error('Failed to fetch challenge data: ' + e); + } + } + } + let animsDiv = document.getElementById('anims'); for(let anim of data.anims) { animsDiv.innerHTML += `\n${anim}`; @@ -29,10 +47,10 @@ let verif = document.querySelector('meta[name="twitter-site-verification"]'); verif.content = data.verificationCode; let headerRegex = /(\d+):(.+)=>.+default:\(\)=>(\w).+,\w\(\d+\)\;/; - let headerMatch = data.code.match(headerRegex); + let headerMatch = challengeData.match(headerRegex); if(!headerMatch) { console.error('Uh oh, header not found!! Report to https://github.com/dimdenGD/OldTwitter/issues'); - event.source.postMessage({action: 'initError', error: `Header not found at ${data.challengeCode} (${String(data.code).slice(0, 500)}...)`}, event.origin); + event.source.postMessage({action: 'initError', error: `Header not found at ${data.challengeCode} (${String(challengeData).slice(0, 500)}...)`}, event.origin); initError = true; return; } @@ -41,7 +59,7 @@ // It only ever executes code from trusted Twitter domain, abs.twimg.com (specifically their script that generates security headers) // It's impossible to have it contained in extension itself, since it's generated dynamically // you can see where script is loaded in scripts/twchallenge.js - eval(data.code.replace(headerRegex, '$1:$2=>{window._CHALLENGE=()=>$3;')); + eval(challengeData.replace(headerRegex, '$1:$2=>{window._CHALLENGE=()=>$3;')); let id = headerMatch[1]; webpackChunk_twitter_responsive_web[0][1][id](); solver = window._CHALLENGE()(); @@ -85,4 +103,4 @@ }); - \ No newline at end of file + diff --git a/scripts/twchallenge.js b/scripts/twchallenge.js index 37898b8c..61f8a118 100644 --- a/scripts/twchallenge.js +++ b/scripts/twchallenge.js @@ -149,22 +149,6 @@ async function initChallenge() { let anims = Array.from(dom.querySelectorAll('svg[id^="loading-x"]')).map(svg => svg.outerHTML); let challengeCode = homepageData.match(/"ondemand.s":"(\w+)"/)[1]; - let challengeData; - try { - challengeData = await _fetch(`https://abs.twimg.com/responsive-web/client-web/ondemand.s.${challengeCode}a.js`).then(res => res.text()); - } catch(e) { - await sleep(500); - try { - challengeData = await _fetch(`https://abs.twimg.com/responsive-web/client-web/ondemand.s.${challengeCode}a.js`).then(res => res.text()); - } catch(e) { - await sleep(1000); - try { - challengeData = await _fetch(`https://abs.twimg.com/responsive-web/client-web/ondemand.s.${challengeCode}a.js`).then(res => res.text()); - } catch(e) { - throw new Error('Failed to fetch challenge data: ' + e); - } - } - } OLDTWITTER_CONFIG.verificationKey = verificationKey; @@ -173,7 +157,6 @@ async function initChallenge() { if(!solverIframe || !solverIframe.contentWindow) return setTimeout(sendInit, 50); solverIframe.contentWindow.postMessage({ action: 'init', - code: challengeData, challengeCode, anims, verificationCode: OLDTWITTER_CONFIG.verificationKey