Anonymity in Human Emulator Studio. Browser Fingerprints.

Anonymity in Human Emulator Studio. Browser Fingerprints.

Browser Fingerprint.

Earlier in articles about anonymity, we already touched on the so-called browser fingerprints. What kind of prints are these? In fact, this is a means to determine the user based on the various parameters of his system, the software installed in it, as well as information about the hardware of the computer itself. All this is determined using various JS libraries, and after processing, it is converted to a fingerprint string, after which this string is converted to a 32-bit number and this will be your identifier. With this number can be determine the repeated visit to the site or track all your actions on this site.

So in the article Anonymity in Human Emulator Studio. Managing embedded browser information we have already talked about the parameters that affect the browser fingerprint. This is the userAgent string (navigator.userAgent), as well as the parameters of the navigator object appVersion, appName, appCodeName, language (s), platform, product, productsub, information about plugins and equipment, screen size, screen color depth.

In the article Anonymity in Human Emulator Studio. The location is Timezone, Internationalization, navigator.language.

In this article, we’ll look at other parameters that affect your browser fingerprint or, to put it another way, your user identifier.

Сanvas Fingerprint.

This is a special technology with which helps text is drawn on a hidden Canvas element with effects superimposed on it. Then
this image is converted to an array of bytes, and then converted to a base64 string using canvas.toDataULR(). And this line is added to your browser fingerprint.

Moreover, due to the platform dependences of the Canvas API library, with which helps the text drawing is performed, the resulting set of bytes will be unique on almost every computer.

To substitute this parameter in Human Emulator Studio, use the object browser command set_canvas_toDataURL

From version 7.0.43, any number or line is passed as a parameter on the basis of which “noise” is created for an image with text.

php example:

The result of the set_canvas_toDataURL function.

No noise:

Using noise:

In Studio 7.0.45, the jsChangeNoise parameter was added to the set_canvas_toDataURL command. This parameter contains the algorithm for changing the picture using JS. Thus, if you want you can use your own image processing algorithms, for example:

WebGL Fingerprint.

WebGL Fingerprint this is a further development of the idea of Сanvas Fingerprint.

WebGL is a JavaScript API for visualisation interactive 3D graphics in any compatible web browser without using plugins. WebGL applications consist of control code written in JavaScript and special effects code executed on the computer’s GPU. WebGL elements can be mixed with other HTML elements and combined with other parts of the page or page background.

Using this API, 3D triangles are drawn on which various effects are superimposed. Then, as well as with Canvas Fingerprint, the resulting image is converted into an array of bytes, which will be different on different computers.

The command set_random_webgl_fingerprint has been added to the object browser. In version 7.0.43, this command has undergone changes and now it does not randomly generate a value, but creates it based on the specified parameters.

Parameters for working with the command:
enable = true – use substitution or not
noiseImage – a number from 1 to 999999 – this is the noise applied to rendering images via WebGl; the larger the number, the greater the noise.
noiseParams – a string of numbers – 50 digits long, where each digit in the string is used to create noise for the WebGl parameters used to create the WebGL Report Hash on the page browserleaks.com/webgl – the parameters themselves on the same page are below: (Max Vertex Attributes, Max Vertex Uniform Vectors, etc.)
unmaskedVendor, unmaskedRenderer, glVersion, shadingLanguageVersion, vendor, renderer are string values that can be viewed in the table at page browserleaks.com/webgl.

php example:

Before using spoofing:

After completing the work of the example, we have:

The command will act until the program is restarted or until you call it in the following form:

WebGL can simply be disabled using the browser enable_gpu_rendering object command.

php example:

Google SwiftShader.

In version 7.0.43, the option Enable Google SwiftShader for rendering is added.

What is Google SwiftShader? This is a special library that is used for high-performance rendering, which provides a graphics API implementation that runs on the CPU. It is used to display advanced 3D graphics regardless of the equipment and graphics drivers used. SwiftShader is used in Chrome to run WebGL on systems without modern GPUs or to work around problems in graphics drivers.

Why it is important for anonymity, enabling or disabling the use of Google SwiftShader in the Human Emulator Studio affects all parameters of browser fingerprint associated with rendering. Including information about the graphics driver, in particular WebGL Unmasked Renderer settings.

When Google SwiftShader is enabled, WebGL information:

With Google SwiftShader disabled:

As we see from the pictures that not just the Unmasked Renderer parameter is changing, but also the resulting lines of WebGL WebGL Report Hash and WebGL Image Hash. The same thing happens with Canvas Fingerprint, it also changes depending on whether Google SwiftShader is enabled or disabled.

This parameter changes only from the program settings and after changing it a mandatory restart of the program is required.

Font fingerprinting.

Font fingerprint(System fonts) is what fonts you have installed on your OS and how they are drawn. Based on the size measurement of HTML text elements, can be build an identifier that can be used to track the same browser over time.

Here are some options for getting your font fingerprint:

JS Fonts(unicode) — are produced by measuring the boundary fields of certain Unicode code points based on the above study.
JS Fonts (classic) — uses a CSS fallback mechanism to compare the prepared font list with common font families.
Flash Fonts — this is the simplest, Flash has a method that simply returns an array of available system fonts.

Based on all the information received, your unique identifiers are created again.

When the browser scale is changed even by 1 unit, the Font fingerprint identifiers also change.

Without zooming:

after executing the php code:

As you can see from the pictures, the definition of fonts using Flash in Human Emulator Studio is disabled by default.

Since version 7.0.43, the command set_random_bounds_fingerprint has been added to the object browser.

The command takes a parameter:

noise = -1 – noise, this is a number from -1 to 999999999. By default, noise is -1, that is, there is no noise.

Without using the command:

An example of using a command in php:

After executing the command:

You can remove the distortion using the command as follows:

ClientRect.

The getClientRects method returns a value that is a collection of DOMRect objects, one for each CSS border field associated with the element.
Depending on other parameters such as resolution, fonts, etc. makes this value unique for each computer, and accordingly, having received this value, you can be identified by it in the future.

There is no substitution for this fingerprint, but it is also affected by changes in browser scale even by 1 unit.

php example:

Without zooming:

After running the example in php:

In any case, at the moment, our development department is looking for a solution to replace ClientRect.

As the functionality associated with the fingerprints of the browser changes or supplements, this article will be supplemented or modified.

AudioContext Fingerprint.

It works similarly to other fingerprints, but instead of the Canvas API, in this case, the AudioContext API library is used, this is the Web Audio API that all modern browsers support. Using the AudioContext API to determine the AudioContext fingerprint does not collect the sound played or recorded by your device, the AudioContext fingerprint is a property of the audio stack of your device and this method of obtaining your identifier is independent of the browser.

To replace this fingerprint in version 7.0.43 to the object browser the command set_random_audio_fingerprint was added.

The command accepts the following parameters:
noiseAudio – sound noise, can be from 1 to 999999.
noiseFrequence – frequency noise, can be from 1 to 99.

Without using the value function on audiofingerprint.openwpm.com:

php command example:

After executing the example:

In order to reset to default, you just need to call the command in the form:

discuss the article on the forum

Anonymity in Human Emulator Studio. The location.

Anonymity in Human Emulator Studio. The location.

IP address (Http(s) Proxy, Socks4/5).

What is a proxy?

We will not describe in detail what proxies are and how they work, if you wish, you can easily find a huge number of articles on this topic on the network. In short, the proxy is a laying server between you and the site, and all your requests to the site go through this server. Thus, the site sees the IP proxy server, and not your real IP.

But not so simple. There are various types of proxies:

HTTP and HTTPS Proxy is a proxy server that allows you to work on the Internet using HTTP and HTTPS / FTP protocols.

They, in turn, can be:

transparent – these proxies are not anonymous. They let you know that a proxy server is being used and issue the IP address of their client.
anonymous – these proxies let you know that the proxy is being used, but they do not give out the IP address of your client.
distorting – transmit a fictitious IP address to the remote web server.
really anonymous (elite) – do not tell the remote computer your IP address and that a proxy server is being used.

SOCKS4/5 is a proxy server that works with various protocols: HTTP, FTP, POP3, etc., transmit all information from the client and do not add anything from itself and do not reveal HTTP headers, unlike HTTP proxy. The difference between SOCKS4 and SOCKS5 is that SOCKS 5 can work through the UDP network protocol, in schemes with strong authentication and supports IPv6 network addressing.

You can use any type of proxy depending on your tasks. A high-quality proxy server will not show your real IP, it will not be possible to understand through it that you are using a proxy server, it will replace other information about the provider, host, DNS and it will not be blacklisted.

Work with proxies and socks in Human Emulator Studio.

Working with proxies/socks in Human Emulator Studio is similar to working in Human Emulator. In both versions of the program, the object browser command enable_proxy is used for this.

But Human Emulator Studio, unlike Human Emulator, works with all types of proxies, including SOKS5. BUT at the moment, unfortunately, the program does not work with SOKS5 with authentication, that is, access to them is carried out by login and password. This is a feature of the Chromium engine and has not yet been fixed.

To disable the proxy, the object browser command disable_proxy is used; to get the current proxy, the command get_current_proxy is used.

php example:

Work with the proxy list.

Sometimes to solve a problem, you need not one proxy, but the use of a large number of proxies. Usually they are presented as text files in the format of one line one proxy server. To work with the proxy list, a special object proxyswitcher has been added to Human Emulator Studio. Using this object, you can organize in the script more convenient work with proxy lists from different sources, whether it be a text file or a link to a site. How to work with the object we will write separate article “Object proxyswitcher. Advanced work with proxy list.

WebRTC.

WebRTC (Real Time Communication) is a technology that allows users to transfer streaming audio and video data between mobile applications and browsers. Thanks to WebRTC, users can create video conferencing directly in browsers without any intermediaries. The biggest threat to using WebRTC is that this web technology determines your actual IP address. To create audio-video communications, the browser must work with local IP addresses.

In Human Emulator Studio, the WebRTC connection goes through a proxy. You can also disable WebRTC using the object browser command enable_web_rtc.

php example:

You can also disable WebRTC from the program settings. In version 7.0.40, Fake Media UI and Fake Media Devices settings were also added to improve fingerprint WebRTC. These settings affect WebRTC Media Devices.

Settings WebRTC.

Enabled Fake Media UI и Fake Media Devices.

Disabled Fake Media UI и Fake Media Devices.

Please note that in order to change these parameters, a restart of the program is required.

Timezone.

If you use a proxy server in a different country, which is in a different time zone than yours, then you can determine if you are using a proxy server by receiving the timezone of your real machine. To avoid this, you need to set the timezone of your local computer the same as the proxy used.

In Human Emulator Studio, the object browser command set_time_zone is used for this. Since version 7.0.41, time_zone is transmitted as GMT, that is, for example 3 = GMT + 0300, and -3 = GMT -0300.

php example:

What is internationalization?

Internationalization is a way to create applications in which they can be adapted for different audiences speaking different languages, which provides comparison of strings based on the language, number formatting and date and time formatting.

Data that can be obtained using this API:

Locale for example en-US
Calendar for example gregory
NumberingSystem for example latn
TimeZone for example UTC
Year for example numeric
Month for example numeric
Day for example numeric

more about Internationalization https://www.freecodecamp.org/news/how-to-get-started-with-internationalization-in-javascript-c09a0d2cd834/

To work with this API from version 7.0.40 in Human Emulator Studio was added to the object browser the command set_internazionalization(locale = “”, timeZone = “”, calendar = “”, numberingSystem = “”, year = “” , month = “”, day = “”).

php usage example:

Geolocation.

Geolocation is your exact location. That is, the resource will be available not only to the city, but also your coordinates. By default, receiving geo data in Human Emulator Studio is disabled. But since version 7.0.37, the set_geo command has been added to the browser object.

example of using a function in php:

php example of using all functions:

When executing the example above, whoer.net will have the following picture:

Work with real IP and system time.

In addition to all of the above, Human Emulator Studio has functionality for changing your local IP in the network, DNS, system time, changing the MAC address of a given network card.

To change the local IP and DNS (from version 7.0.42), use the object connection command set_local_ip.

php example:

Using public DNS will help prevent your real DNS from leaking. A leak occurs when the browser independently makes DNS queries, instead of a proxy server. In this case, the DNS query comes from your real IP address or the IP address of the provider and you can catch them.

To set the system’s real time, use the object windows command set_system_date.

php example:

To change the MAC address, use the object connection command set_mac_address_by_number.

php example:

We draw your attention to the fact that all these functions change the REAL values in your system, so if your the Internet is connected directly to the computer and configured by MAC address, then replacing the MAC address will cause the Internet connection to not work.

discuss the article on the forum

Anonymity in Human Emulator Studio. Cookies, cache and more.

Anonymity in Human Emulator Studio. Cookies, cache and more.

Browser cache.

What is the Browser Cache?

In fact, the cache is a bunch of temporary files downloaded from the site when you first go to it, provided that caching is enabled on it. This technology is used to speed up work with the site, that is, the included cache on the site reduces the latency of downloading and displaying content and reduces network traffic.

Anonymity and cache.

But at the same time, saving such files carries certain risks, including third-party software that can get access to these files. In addition, the sites themselves can put special files in the cache for your subsequent identification. Therefore, to maintain your anonymity, the cache must be cleaned.

Human Emulator Studio uses the object browser command clear_cache to clear the cache.

php example:

At the same time, data from local storage or local data storages are also cleaned with this function.

Web storage.

Web storage (or earlier DOM Storage) https://html.spec.whatwg.org/multipage/webstorage.html is an HTML standard that provides functionality for storing data on the client side during a session (Session Storage), or after the end of the session (Local Storage). The standard Web storage appeared when the owner of the sites stopped grabbing traditional cookies as they had significant size limitations and security problems.

DOM Storage is the name for a set of tools related to storage, first introduced in the Web Applications 1.0 specification, and now singled out as a separate W3C Web Storage specification.

Accordingly, for your anonymity, these repositories must also be cleaned. If you need to clean only Local Storage, you can use the object browser command clear_local_storage.

php example:

php example:

IndexedDB.

Another user data storage. Since version 7.0.42, it is cleaned using the object browser command clear_cookies.

And also a separate function was added to the object browser clear_indexed_db, only for cleaning this storage.

php example:

Cookies(HTTP cookies, Flash Cookies, Evercookies).

Http cookies (web cookies) – this is data from the server, which in text form stores on your computer various settings, authentications, sessions, statistics, personal preferences, etc.

Cleaned using the object browser command clear_cookies($match_name,$clear_session=false,$clear_flash=true);

match_name – a template for searching sites whose cookies need to be cleared (part of the address), if an empty string is specified – all are cleared;
clear_session – clear session cookies (true) or do not clear (false) when the command is executed. Session cookies – tracking the status of a user’s access session;
clear_flash – whether to clear (true) or not to clear (false) flash cookies.

Flash Cookies (LSO Cookies) – unlike ordinary cookies, they are common to all browsers and with their help you can store a larger amount of information. These cookies are also cleared using the object browser command clear_cookies.

This function clears all cookies, including flash cookies.

In addition to cleaning with the command clear_cookies for Flash Cookies, it is possible to delete them with the object browser command flash_cookies_delete, and also restore the saved flash cookies from the specified folder as current ones using command of the object browser flash_cookies_restore and save the current flash cookies to the specified folder using the object browser command flash_cookies_save.

php example:

Evercookie — the most stable cookies, cookies are stored in almost all available storages and if they are not cleared from everywhere, they are automatically restored from the remaining ones. To clear them, you need to close all the tabs, go to the remaining page on a blank page and clean the cookies and cache and preferably restart the program.

php example:

Saving and restoring cookies and cache.

In order to save and then reuse all cookies and cache, you can use the functions of the object browser
set_cookies_folder – set a folder for cookies. Cache folders will be created inside the specified folder with cookies.

The logic here is simple: you set a new folder and perform all the necessary actions such as navigating the site, logging into the account, downloading content, etc., then change the folder to a new one and again perform all the necessary actions under a different account. As a result, you will have several folders with cookies and cache, which can be used in the future.

php example:

Please note that when you restart the program, the folders with cookies are reset on the default path, so if you want the folder with cookies to remain the same after restarting the program, you need to use the object app command restart to restart program and in it set the desired folder with cookies. The cache folder is now always inside the cookie folder.

Deleting folders with cookies and cache at the time of starting the program.

In the program from version 7.0.25, settings have appeared for clearing cookies and cache at startup. Since it is not possible to completely delete the folders with cookies and the cache while the program is running, special settings have been added so that at the time the program starts, these folders are not already occupied by the browser processes to completely delete them. These settings are in the program settings tab “General” checkboxes “Clear cookies of the current port by start” and “Clear cache of the current port by start“.

Complete cleaning.

Complete cleaning of everything can be done using the command clear of the object app

php example:

To completely clear all cookies and cache, after clearing them, you must restart the program using the object app command restart. This command allows you to restart the program with the launch of the script, as well as set a number of settings such as port, path to the folder with cookies. In addition, when the program is completely restarted, the memory leaks will also be cleaned, and if you have the settings “Clear cookies on the current port by start” and “Clear cache on the current port by start“, the folders with cookies and cache will be completely deleted. Thus, the logic of your script should take into account all these nuances.

An example in php using the function of clearing cookies and cache:

php example using app clear functions:

discuss the article on the forum

Anonymity in Human Emulator Studio. Managing embedded browser information.

Anonymity in Human Emulator Studio. Managing embedded browser information.

Human Emulator Studio has the ability to change a wide range of settings. All browser settings and other commands for managing the browser can be found in the documentation for the object – browser. This article will talk specifically about changing those settings that contain information about the browser.

Browser sizes.

The width and height of the browser are set using the commands set_width and set_height of the object browser.

php example:

The scale of the browser.

You can set the browser scale using command set_zoom of the object browser.

php example:

Screen resolution and color depth.

Screen resolution and bit rate are set by one command of the object browser set_screen_resolution. Defines navigator: (width, height, pixelDepth) and their duplicates (availWidth, availHeight, colorDepth).

php example:

Useragent string.

To set the Useragent string or the so-called browser identifier, the object browser command set_user_agent is used. Together with the browser identifier, you must fill in the following navigator parameters (window.navigator): appVersion, appName, appCodeName, language (s), platform, product, productsub.

php example:

Information about the plugins.

Substitution of the list of plugins preinstalled in your browser is carried out using command set_plugins_info of the object browser.

Obtaining this information is included in the so-called browser fingerprints. Using this technology, the site owner can get your unique profile as a user and then determine all your subsequent visits and actions. We’ll talk about browser fingerprints in a separate article.

The list of plugins is given as a string:

«[{ name : ‘plugin name 1’, description : ‘plugin description 1’, filename : ‘plugin file 1’, version : ‘plugin version 1’ },
{ name : ‘plugin name 2’, description : ‘plugin description 2’, filename : ‘plugin file 2’, version : ‘plugin version 2’ },
{ name : ‘plugin name 3’, description : ‘plugin description 3’, filename : ‘plugin file 3’, version : ‘plugin version 3’ },
{ и т.д.}]»

From version 7.0.41, you can also specify a Mime list for plugins. Set as a string:

«[{type: ‘type’, suffixes: ‘suffixe’, description: ‘description’, __pluginName: ‘ plugin name 1′ },
{type: ‘type’, suffixes: ‘suffixe’, description: ‘description’, __pluginName: ‘ plugin name 2′ }
{type: ‘type’, suffixes: ‘suffixe’, description: ‘description’, __pluginName: ‘ plugin name 3′ }
{type: ‘type’, suffixes: ‘suffixe’, description: ‘description’, __pluginName: ‘ plugin name 3′ } ]»

php example:

You can view information on a real plug-in by installing them in the Chrome browser, and then through the Developer Tools (press F12) go to the console and there enter “navigator.plugins“. Information on the plugins appears as follows:

Hardware Information.

To set the parameters navigator hardwareConcurrency – the number of processors (threads) that are available to the browser and deviceMemory – the number of gigabytes of memory that are available to the browser using the object browser command set_hardware_info.

Also, from version 7.0.42, this command can also be used to set the devicePixelRatio parameter. DevicePixelRatio returns the ratio of resolution in physical pixels to resolution in CSS pixels for the current display device. This value can also be interpreted as the ratio of pixel sizes: the size of one CSS pixel to the size of one physical pixel. Simply put, this tells the browser how many actual pixels on the screen should be used to draw one pixel of CSS.

The parameter depends on the device: for ordinary displays it is 1, but there can be 2 and 1.5

php example:

Do Not Track (DNT).

This is the proposed HTTP header field, designed to allow Internet users to opt out of web site tracking, which includes collecting data about user activity in several different contexts, as well as storing, using or sharing data received from this activity outside the context in which it occurred.

To set this flag, use the object browser command set_do_not_track.

php example:

Touch screen.

You can set data about the used touch screen using the object browser command set_touch_info. The command changes the parameters of navigator.maxTouchPoints – the maximum number of simultaneous touch contacts and window.ontouchstart – whether touch events are enabled.

php example:

discuss the article on the forum