Skip to content

Instantly share code, notes, and snippets.

@acheong08

acheong08/sample.js

Last active September 2, 2023 12:02
Show Gist options
  • Save acheong08/a05acf0895585baebaa8361ce668a548 to your computer and use it in GitHub Desktop.
Save acheong08/a05acf0895585baebaa8361ce668a548 to your computer and use it in GitHub Desktop.
Download ZIP
Bounty: Help grug brained dev with JS - Amount negotiable.
Raw
sample.js
function foo() {
let fetchCopy = window.fetch;
return function() {
return fetchCopy('http://example.com');
};
}
let boo = foo();
function bar() {
// Somehow intercept fetch call from fetchCopy.
// Conditions:
// - You cannot change foo
// - You cannot override foo (It's a function hidden deep within obfuscated JS)
// - It works in an electron app
// - You can only write in this bar function. Nothing else can change
// Why?
// This is for github.com/acheong08/rev-obsidian-sync-plugin. You can check it out if interested.
// A recent update from ObsidianMD broke the current implementation and I can't figure it out.
// I'm not a JavaScript dev.
}
bar();
boo();
@gptlang
Copy link

gptlang commented Sep 1, 2023
edited
Loading

Won't work. fetchCopy doesn't get overriden. Also, you can't run anything before let boo = foo(). You can only write in bar

@DanPen
Copy link

DanPen commented Sep 1, 2023

Ahhh you're right. Since it's electron, maybe this would work. GPT generated, untested.

app.whenReady().then(() => {
  session.defaultSession.webRequest.onBeforeRequest((details, callback) => {
    if (details.url === 'http://example.com') {
      // Modify the request here, or even cancel it
      console.log('Request to http://example.com intercepted.');
    }
    callback({});  // Continue the request as-is
  });
});

@acheong08
Copy link
Author

Didn't work

GPT generated

I've already spent a few hours trying out different solutions recommended by GPT lol

@DanPen
Copy link

DanPen commented Sep 1, 2023

haha figures.

You say you can't change or override foo, but what about boo?

@acheong08
Copy link
Author

In practice, it's encased in a few dozen layers of obfuscation, recursion, and anonymous functions

@DanPen
Copy link

DanPen commented Sep 1, 2023

gotcha. Might be overkill, but try this. It works with the toy example, but see if it will work in your real-world use case. There's a chance that it needs to be modified to use the same context (this object) of foo.

function bar() {
    const fooCode = foo.toString()

    const myFetch = (...args) => {
        console.log('intercepted', args)
        return window.fetch(...args)
    }

    const fooCodeModified = fooCode.replace('let fetchCopy = window.fetch;', 'let fetchCopy = myFetch;');

    const evalCode = `boo = (${fooCodeModified})(/* args here */)`

    eval(evalCode)
}

@acheong08
Copy link
Author

Good effort but I think the specifics of this case (extreme obfuscation & no reliable access to foo itself) makes this pretty much impossible. I've thought up another solution without having to intercept the initial login request

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment