Skip to content
Advertisement

Remove Bot-Identyfing Features from Firefox WebDriver Source Code?

One of the ways WebDriver identifies itself as a bot to external websites is by setting the webdriver-active flag to true.

enter image description here

A user on SO suggested that it is possible modify Chrome Driver source code to remove all bot-identifying attributes (see this and this response).

Is it possible to achieve a similar outcome w/ Firefox by modifying the source code of Geckodriver, Firefox WebDriver or perhaps both? I’m asking because there is currently no way to conceal WebDriver using Firefox Options without source code modification.

If we can somehow remove bot identifying features from the source code, we can prevent WebDriver from being identified as a bot without needing to bundle TOR with Firefox.

While there’s no getting around the fact that Selenium (in its present state) identifies itself, surely we can modify source code to remove all identification similar to how it’s achieved in Chrome Driver?

Answer

In the discussion Can a website detect when you are using Selenium with chromedriver? as suggested by different users to open the ChromeDriver in a Hex Editor and edit the document variables replacing the cdc_ and $wdc_ string might be possible, but achiving the same with GeckoDriver may not be possible.

Moreover, the commands like execute_cdp_cmd() and Python libraries like selenium-stealth may not be currently supported by GeckoDriver.


The GeckoDriver source code can be easily downloaded from mozilla / geckodriver page both in zip and tar.gz format. If you are on system you can unzip the downloaded file and find the the source code of different modules in the ...geckodriver-0.30.0src directory:

geckodriver_source_code


Additionally, geckodriver is made available under the Mozilla Public License. GeckoDriver source code can also be found in mozilla-central under testing/geckodriver.

mozilla-central-files


WebDriver Specifications

Now as per WebDriver W3C Editor’s Draft:

The webdriver-active flag is set to true when the user agent is under remote control. It is initially false.

boolean_webdriver

So there can be two possible ways to keep webdriver flag as false as:

  • Remove the readonly attribute, so can be edited runtime. (as discussed in this answer)
  • Strangle the WebDriver from emitting the signals that the user agent is under remote control.

To me the second option looks pretty much viable as the most frequently updated tier is the second tier (Selenium WebDriver.dll and WebDriver.Support.dll modules). Since App Studio uses C# and .Net version 4.0 (before Selenium 4.1.0 (November 22, 2021)) to communicate with Selenium, you need to download the .Net 4.0 version of the Selenium modules. The current stable version being 4.1.0. Once the zip file is downloaded, extract the content to a folder and navigate to the net40 subfolder.

net40

Now, you can copy the WebDriver.dll and WebDriver.Support.dll files to the bin folder of the App Studio installation. e.g, C:ibiAppStudio82bin and make the required changes.

As an alternative, you can also download the NuGet, copy the .Net 4.0 content of the NuGet package into the bin folder of the App Studio installation and make the required changes.


tl; dr

Advertisement