Cloudflare added couple new things, but I'm working on cf reversal commercialy, so I can't provide details on it 😔
Pass cloudflare turnstile challenge using patched chrome binary (Windows/Linux x64).
Tested & working also at:
Currently, with new headless mode the only thing that stops us from browsing sites behind CF waf is:
console.log(navigator.webdriver) // prints true while using CDPAnd HeadlessChrome useragent.
Trying to patch it using javascript is challenging, because it can be detected in 10000 ways.
So I made simple patches to chrome binary using my tool fabricbin which searches for code patterns and replaces it with defined in config (windows_patch.yaml or linux_patch.yaml).
- blink::Navigator::webdriver
return 0;- embedder_support::GetUserAgentInternal
-
Copy & paste chrome files to
./chrome_win_x64/or./chrome_linux_x64/directory. -
Install fabricbin
cargo install --git https://github.com/makindotcc/fabricbin- Patch
chrome(on linux) orchrome.dll(on windows) in our./chrome_linux_x64/or./chrome_win_x64/directory.
# Create original binary copy.
# change version number '118.0.5993.71' to version you own
# linux
cp chrome_linux_x64/chrome chrome_linux_x64/chrome_org
# or windows
cp chrome_win_x64/118.0.5993.71/chrome.dll chrome_win_x64/118.0.5993.71/chrome_org.dllEdit linux_patch.yaml / windows_patch.yaml with right input_file and output_file (change version number to your current
chrome version like (on windows) ./chrome_win_x64/118.0.5993.71/chrome_org.dll to ./chrome_win_x64/110.0.2993.35/chrome_org.dll)
fabricbin linux_patch.yaml
# or
fabricbin windows_patch.yaml- Done, you can browse websites behind cloudflare waf using
modified chrome build with CDP and new headless (
--headless=new).
For example usage see src/main.rs