闲言碎语
做爬虫的都知道canvs、font、webgl等指纹,我个人感觉【代码1】这些除了canvs、font、webgl之外没啥大用,同样安装谷歌浏览器的,你有我也有,厂商无法当作指纹唯一的标准。
前几天遇到携程这种的,连续获取你几遍画布指纹,发现收集一次你变一次,那就给你假的酒店价格,而同样的套路某数就没有(瑞数的大哥可以采纳下)。
除了指纹,我发现是鼠标键盘输入等事件在评分环节占比超级高,那么除了扣JS、pyppetter之外的方案(自动化、rpc等),就要考虑click里的属性isTrusted。
这个优势
底层改指纹canvas/webgl/webaudio/font,可以每次都不一样,也可以指定一套指纹(防止多次检测);
webdriver从底层就抹除了;
修改了isTrusted,就算你是js点击的,你也能为true。
放图
图/代码
// 系统项
var userData =[];
var attrArr = [
"ARSession",
"AudioTrackList",
"BeforeInstallPromptEvent.prototype.KEYUP",
"BlobDownloadCallback",
"CDATASection.prototype.remove",
"CSSCharsetRule",
"CSSPrimitiveValue.CSS_VH",
"CanvasRenderingContext2D.prototype.webkitGetImageDataHD",
"ClickData",
"CloseEvent.prototype.initCloseEvent",
"Components.interfaces.ICometMarksExtension",
"DeviceOrientationEvent",
"Function.prototype.bind",
"GetPerfTests",
"HTMLDocument.prototype.createTouchList",
"HTMLFormElement.prototype.requestAutocomplete",
"HTMLFrameSetElement.prototype.hasPointerCapture",
"HTMLFrameSetElement.prototype.webkitRequestFullScreen",
"Intl",
"MTT_WKSetTextSizeIndex",
"MediaController",
"MediaEncryptedEvent",
"Notification",
"Object.prototype.__defineSetter__",
"Object.seal",
"Object.setPrototypeOf",
"OffscreenCanvasRenderingContext2D",
"Path2D.prototype.addPath",
"PaymentResponse",
"PerformancePaintTiming",
"PresentationConnectionCloseEvent",
"ReaderModeArticlePage",
"SVGGraphicsElement.prototype.mozRequestPointerLock",
"SVGPatternElement.SVG_UNIT_TYPE_OBJECTBOUNDINGBOX",
"ScreenOrientation",
"SogouLoginUtils",
"SourceBuffer",
"SourceBuffer.prototype.changeType",
"SpeechSynthesisUtterance",
"TextTrackList.prototype.getTrackById",
"UCWebExt",
"WebKitFlags",
"_WXJS",
"__$_qihoo360_$__",
"__firefox__",
"__ksabCssCount",
"__opera",
"__sogou_secure_input",
"_double11_",
"chrome",
"chrome.app.InstallState",
"chrome.csi",
"console",
"defaultStatus",
"document.body.onmouseenter",
"document.body.onpage",
"document.body.style.backgroundBlendMode",
"document.body.style.lineBreak",
"document.body.style.minWidth",
"document.body.style.msTextSizeAdjust",
"document.body.style.textAlignLast",
"document.body.x-ms-acceleratorkey",
"document.defaultCharset",
"document.documentElement.onresize",
"document.fileCreatedDate",
"document.msCapsLockWarningOff",
"document.onmousemove",
"document.onselectionchange",
"document.scrollingElement.style.fontVariantNumeric",
"document.selection",
"document.selection.typeDetail",
"external",
"external.AddFavorite",
"external.IsSearchProviderInstalled",
"flyflow_wallpaper_js",
"getMatchedCSSRules",
"greentea",
"isNodeWhitespace",
"jesion",
"onerror",
"onmessage",
"onoperadetachedviewchange",
"openDatabase",
"password_manager_enabled",
"performance",
"showModalDialog",
"taobrowser_Event",
"weatherBridge",
"webkitAudioContext.prototype.close",
"webkitRequestFileSystem"
]
function attIsInWindows(attName){
return (attName in window) || window["hasOwnProperty"](attName);
}
for(i = 0; i < attrArr.length; i++) {
userData.push(attIsInWindows(attrArr[i]) ? 1 : 0);
}
console.log(userData);