如今指纹检测在各大平台作为跟踪访客的技术手段,有效可控的反指纹检测是很多人的需求。指纹检测本质上是对浏览器多个(或一个)信息的纪录和校验。除了webgl图像指纹、canvas画布指纹、音频指纹、canvas字体指纹、css字体指纹等,包括user-agent、platform、CPU核心数、deviceMemory、分辨率等亦可以用于综合生成指纹信息。
以 https://gongjux.com/fingerprint/ 在线指纹检测为例,其css字体指纹生成算法(Javascript)
o = ["Arial", "Arial Black", "Bahnschrift", "Calibri", "Cambria", "Cambria Math", "Candara", "Comic Sans MS", "Consolas", "Constantia", "Corbel", "Courier New", "Ebrima", "Franklin Gothic Medium", "Gabriola", "Gadugi", "Georgia", "HoloLens MDL2 Assets", "Impact", "Ink Free", "Javanese Text", "Leelawadee UI", "Lucida Console", "Lucida Sans Unicode", "Malgun Gothic", "Marlett", "Microsoft Himalaya", "Microsoft JhengHei", "Microsoft New Tai Lue", "Microsoft PhagsPa", "Microsoft Sans Serif", "Microsoft Tai Le", "Microsoft YaHei", "Microsoft Yi Baiti", "MingLiU-ExtB", "Mongolian Baiti", "MS Gothic", "MV Boli", "Myanmar Text", "Nirmala UI", "Palatino Linotype", "Segoe MDL2 Assets", "Segoe Print", "Segoe Script", "Segoe UI", "Segoe UI Historic", "Segoe UI Emoji", "Segoe UI Symbol", "SimSun", "Sitka", "Sylfaen", "Symbol", "Tahoma", "Times New Roman", "Trebuchet MS", "Verdana", "Webdings", "Wingdings", "Yu Gothic", "Al Bayan", "Al Nile", "Al Tarikh", "American Typewriter", "American Typewriter Condensed", "Andale Mono", "Apple Braille", "Apple Braille Outline 6 Dot", "Apple Braille Outline 8 Dot", "Apple Braille Pinpoint 6 Dot", "Apple Braille Pinpoint 8 Dot", "Apple Chancery", "Apple Color Emoji", "Apple SD Gothic Neo", "Apple SD Gothic Neo Extra", "Apple Symbols", "AppleGothic", "AppleMyungjo", "Arial", "Arial Black", "Arial Hebrew", "Arial Hebrew Scholar", "Arial Narrow", "Arial Rounded MT", "Arial Unicode MS", "Avenir Black", "Avenir Book", "Avenir", "Avenir Next", "Avenir Next Condensed", "Avenir Roman", "Ayuthaya", "Baghdad", "Bangla MN", "Bangla Sangam MN", "Baskerville", "Beirut", "Big Caslon", "Bodoni 72", "Bodoni 72 Book", "Bodoni 72 Oldstyle", "Bodoni 72 Oldstyle Book", "Bodoni 72 Smallcaps Book", "Bodoni Ornaments", "Bradley Hand", "Brush Script MT", "Chalkboard", "Chalkboard SE", "Chalkduster", "Charter Black", "Charter", "Charter Roman", "Cochin", "Copperplate", "Corsiva Hebrew", "Courier", "Courier New", "DIN Alternate", "DIN Condensed", "Damascus", "Damascus Semi", "DecoType Naskh", "Devanagari MT", "Devanagari Sangam MN", "Didot", "Diwan Kufi", "Diwan Thuluth", "Euphemia UCAS", "Farah", "Farisi", "Futura", "Futura Condensed Extra", "Futura Condensed", "GB18030 Bitmap", "Galvji", "Geeza Pro", "Geneva", "Georgia", "Gill Sans", "Gujarati MT", "Gujarati Sangam MN", "Gurmukhi MN", "Gurmukhi MT", "Gurmukhi Sangam MN", "Heiti SC", "Heiti TC", "Helvetica", "Helvetica Neue", "Helvetica Neue Condensed Black", "Helvetica Neue Condensed", "Herculanum", "Hiragino Maru Gothic ProN W4", "Hiragino Mincho ProN W3", "Hiragino Mincho ProN W6", "Hiragino Sans GB W3", "Hiragino Sans GB W6", "Hiragino Sans W0", "Hiragino Sans W1", "Hiragino Sans W2", "Hiragino Sans W3", "Hiragino Sans W4", "Hiragino Sans W5", "Hiragino Sans W6", "Hiragino Sans W7", "Hiragino Sans W8", "Hiragino Sans W9", "Hoefler Text", "Hoefler Text Black", "Hoefler Text Ornaments", "ITF Devanagari", "ITF Devanagari Book", "ITF Devanagari Marathi", "ITF Devanagari Marathi Book", "Impact", "InaiMathi", "Kailasa", "Kannada MN", "Kannada Sangam MN", "Kefa", "Khmer MN", "Khmer Sangam MN", "Kohinoor Bangla", "Kohinoor Devanagari", "Kohinoor Gujarati", "Kohinoor Telugu", "Kokonor", "Krungthep", "KufiStandardGK", "Lao MN", "Lao Sangam MN", "Lucida Grande", "Luminari", "Malayalam MN", "Malayalam Sangam MN", "Marker Felt", "Marker Felt Wide", "Menlo", "Microsoft Sans Serif", "Mishafi Gold", "Mishafi", "Monaco", "Mshtakan", "MuktaMahee", "Muna Black", "Muna", "Myanmar MN", "Myanmar Sangam MN", "Nadeem", "New Peninim MT", "New Peninim MT Bold Inclined", "New Peninim MT Inclined", "Noteworthy", "Noto Nastaliq Urdu", "Noto Sans Javanese", "Noto Sans Kannada Black", "Noto Sans Kannada", "Noto Sans Kannada Extra", "Noto Sans Myanmar Black", "Noto Sans Myanmar", "Noto Sans Myanmar Extra", "Noto Sans Oriya", "Optima", "Oriya MN", "Oriya Sangam MN", "PT Mono", "PT Sans", "PT Sans Caption", "PT Sans Narrow", "PT Serif", "PT Serif Caption", "Palatino", "Papyrus", "Papyrus Condensed", "Phosphate Inline", "Phosphate Solid", "PingFang HK", "PingFang SC", "PingFang TC", "Plantagenet Cherokee", "Raanana", "Rockwell", "STIXGeneral-", "STIXIntegralsD-", "STIXIntegralsSm-", "STIXIntegralsUp-", "STIXIntegralsUpD-", "STIXIntegralsUpSm-", "STIXNonUnicode-", "STIXSizeFiveSym-", "STIXSizeFourSym-", "STIXSizeOneSym-", "STIXSizeThreeSym-", "STIXSizeTwoSym-", "STIXVariants-", "STSong", "Sana", "Sathu", "Savoye LET Plain:1.0", "Shree Devanagari 714", "SignPainter-HouseScript", "Silom", "Sinhala MN", "Sinhala Sangam MN", "Skia Black", "Skia Black Condensed", "Skia Black Extended", "Skia", "Skia Condensed", "Skia Extended", "Skia Light Condensed", "Skia Light Extended", "Snell Roundhand", "Snell Roundhand Black", "Songti SC Black", "Songti SC", "Songti TC", "Sukhumvit Set", "Sukhumvit Set Semi", "Sukhumvit Set Text", "Symbol", "Tahoma", "Tamil MN", "Tamil Sangam MN", "Telugu MN", "Telugu Sangam MN", "Thonburi", "Times", "Times New Roman", "Times Roman", "Trattatello", "Trebuchet MS", "Verdana", "Waseem", "Webdings", "Wingdings", "Wingdings 2", "Wingdings 3", "Zapf Dingbats", "Zapfino", "Droid Sans", "Droid Serif", "Droid Sans Mono", "times new", "goudy"];
const l = new class {
constructor() {
this.text = "abcdefghijklmnopqrstuvwxyz0123456789",
this.canvas = document.createElement("canvas"),
this.context = this.canvas.getContext("2d"),
this.baselineSize = this.getFontWidth(this.getFontName())
}
getFontName(e) {
return e ? "72px '" + e + "', monospace": "72px monospace"
}
getFontWidth(e) {
return this.context.font = e,
this.context.measureText(this.text).width
}
checkAndGetWidth(e) {
const t = this.getFontWidth(this.getFontName(e));
return t !== this.baselineSize ? t: null
}
};
let c = "";
o.forEach(e = >{
const t = l.checkAndGetWidth(e);
t && (c += t.toString())
}),
l.canvas = null,
l.context = null;
let s = "";
o.forEach(e = >{
s +=
function(e) {
const t = document.body,
a = document.createElement("span");
a.style.fontSize = "72px",
a.innerHTML = "Aa(!0@#[+/-])|ü₹▁₺ꜽ�₸׆ẞॿ",
a.style.fontFamily = e,
t.appendChild(a),
a.getBoundingClientRect();
const n = a.offsetWidth + "," + a.offsetHeight;
return t.removeChild(a),
n
} (e)
});
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
'
运行运行
以多种字体创建span然后获取其实际宽度和高度,最后拼接一起,再生成MD5值即为指纹。以selenium应用环境为例,修改指纹至少有两种方案:
1.修改chrome浏览器内核;
2.创建JS重写获取offsetWidth、offsetHeight属性(加干扰值),然后使用execute_cdp_cmd(python,其他语言也有该函数)载入即可;
以上为css字体指纹反检测的处理示例。像是screen屏幕分辨率等多个可能的检测要素,也可以通过类似上面的思路进行。值得一提的是第二种方案中JS重写后的代码需与原始函数、属性高度重合,如:
原始screen包含多个属性,最好别修改后属性少很多(不同平台检测可能不同,包括是否为native(原生)都可能检测)。
————————————————
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
原文链接:https://blog.csdn.net/clema/article/details/126222239
相关文章
梦导航专注于全网高质量网址及资源的搜集,为广大网民多种搜索引擎入口及简单便捷的网上导航服务,做一个有帮助的上网导航。
