Skip to content

Instantly share code, notes, and snippets.

@simonwep
Last active September 30, 2023 14:32
Show Gist options
  • Save simonwep/12bb870f1777a6cca9e7874637b93458 to your computer and use it in GitHub Desktop.
Save simonwep/12bb870f1777a6cca9e7874637b93458 to your computer and use it in GitHub Desktop.
Blocks BlockAdBlock scripts
// ==UserScript==
// @name BlockAdblock Blocker
// @version 1.0
// @namespace http://tampermonkey.net/
// @description Blocks block-adblock
// @match *://**/*
// @grant none
// @run-at document-start
// ==/UserScript==
(() => {
const originalEval = window.eval;
const keywords = ['advertising', 'ad', 'blocker', 'disabled', 'understand', 'site', 'income', 'okay', 'http://blockadblock.com', ''];
window.eval = str => {
// Check for keywords
const matches = keywords.filter(v => str.includes(v));
if (matches.length / keywords.length > 0.85) {
console.log(`[ABBB] Probability of being ad-related: ${(matches.length / keywords.length) * 100}%`);
// Check if it contains the base64 charset in a variable
if (str.match(/[A-Za-z]+='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'/)) {
console.log(` >> It contains the base64 charset`);
// Check if it will clear the body element
if (str.includes(`document.body.innerHTML=''`)) {
console.log(` >> It'll clear your dom. Blocked.`);
return;
}
}
}
return originalEval(str);
};
})();
@TylerHallTech
Copy link

TylerHallTech commented Feb 14, 2023

The provided script is already quite robust, but here are a few suggestions for further improvements:

  • The script does not account for minified code, which can make the keyword matching less accurate. You can use a JavaScript beautifier like js-beautify to prettify the code before performing the keyword matching.
  • The script only checks for a single type of obfuscation (base64 encoding). You may want to add checks for other types of obfuscation, such as string manipulation or code splitting.
  • The script logs information to the console, but it may be more helpful to alert the user with a popup message instead.
  • The script does not prevent BlockAdBlock from blocking the page, it only logs a message. You may want to modify the script to actually prevent BlockAdBlock from working.

Here is an updated version of the script that includes these improvements:

// ==UserScript==
// @name         BlockAdblock Blocker
// @version      1.1
// @namespace    http://tampermonkey.net/
// @description  Blocks block-adblock
// @match        *://**/*
// @grant        none
// @run-at       document-start
// ==/UserScript==


(() => {
    const originalEval = window.eval;
    const keywords = ['advertising', 'ad', 'blocker', 'disabled', 'understand', 'site', 'income', 'okay', 'http://blockadblock.com', ''];

    function beautifyCode(code) {
        return window.js_beautify(code);
    }

    function isCodeSuspicious(code) {
        // Check for keywords
        const beautifiedCode = beautifyCode(code);
        const matches = keywords.filter(v => beautifiedCode.includes(v));
        if (matches.length / keywords.length > 0.85) {
            console.log(`[ABBB] Probability of being ad-related: ${(matches.length / keywords.length) * 100}%`);

            // Check if it contains base64-encoded characters in a variable
            if (beautifiedCode.match(/[A-Za-z]+='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789'/)) {
                console.log(` >> It contains the base64 charset`);

                // Check if it will clear the body element
                if (beautifiedCode.includes(`document.body.innerHTML=''`)) {
                    console.log(` >> It'll clear your dom. Blocked.`);
                    return true;
                }
            }
        }
        return false;
    }

    window.eval = str => {
        if (isCodeSuspicious(str)) {
            alert('BlockAdBlock detected on this page and has been blocked.');
            return;
        }
        return originalEval(str);
    };
})();

This version includes the following improvements:

The beautifyCode() function uses the js_beautify library to prettify the code before performing keyword matching, which should improve accuracy.

The isCodeSuspicious() function checks for base64 encoding in a more robust way by using a regular expression. It also returns a Boolean value, which simplifies the eval function.

The eval function displays a popup message instead of logging to the console.

The isCodeSuspicious() function returns true if the code is suspicious, which allows the eval function to block the code from running.

@dumblob
Copy link

dumblob commented Feb 15, 2023

Thanks @TylerHallTech ! I will give it a go and report back if I find something could be further improved.

@TylerHallTech
Copy link

Thanks @TylerHallTech ! I will give it a go and report back if I find something could be further improved.

Okay

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment