Comments (14)
It used to patch the chrome.dll file in the installation directory, but because of Widevine restrictions (used by Netflix for instance), it is now actually a DLL injector. A DLL that patches the chrome.dll during runtime is now injected.
Thus, the injector remains installed when there is a new update, but sometimes the patterns become outdated, so that the injector has to be reinstalled.
from chrome-developer-mode-extension-warning-patcher.
Thanks for the fast response. Now I understand how it's supposed to work.
Great work. Keep it up 👍
from chrome-developer-mode-extension-warning-patcher.
I've read a little bit about Widevine and I am a little bit curios about its restrictions that had an impact on the program's previous patching method (permanent patching).
So does permanently patching the DLL now makes the browser crash or is it just ineffective?
from chrome-developer-mode-extension-warning-patcher.
Widevine apparently detects that the digital signature or hash of the dll file is incorrect, because something has changed. This results in the browser not being able to play Widevine protected videos.
from chrome-developer-mode-extension-warning-patcher.
I'm trying to make another workaround which consists of modifying the process memory and patching the bytes so it doesn't require dll injection.
The approach is like this
For each browser process :
- OpenProcess()
- Find the module
- Search for sig pattern and get its address
- ChangeProtection() to ExecuteReadWrite
- WriteProcessMemory() (patch original value from 0x04 to 0xFF)
- ChangeProtection() to old protection
However, doing bytes comparison before/after patching shows that processes seems to be reverting back to original values for some reason. And some of the processes stop changing back after the "Disable developer mode extenstion" dialog appears.
Do you have any idea about this issue? Or why it's not working?
from chrome-developer-mode-extension-warning-patcher.
You're probably doing something wrong. The code in memory should be read-only protected and it doesn't just change it back to its old values.
Also, modifying it externally is probably even slower or isn't it?
from chrome-developer-mode-extension-warning-patcher.
I'm using Memory.dll project (mostly used for game cheats) to modify process memory values.
Yes, the memory is read-only protected but the protection can be changed to read-write-execute. Thus make it possible to alter the values and patch them.
Well, I didn't benchmark it yet, but i think patching bytes in memory is easier than working with DLLs and injectors (less code to care about).
The reverting back issue is now fixed (seems like it was caused by FreezeValue() method in Memory.dll). Now using WriteProcessMemory() directly.
The logs shows the following :
Each found process :
[+] Found Process 9284
[+] Module Address (msedge.dll) : 0x7FFFC2D50000
[+] Pattern address 0x7FFFC9AB6F00
[+] BEFORE : 56 48 83 EC 20 48 89 D6 48 89 D1 E8 D0 21 4F F9 83 F8 (4) 74
[+] AFTER : 56 48 83 EC 20 48 89 D6 48 89 D1 E8 D0 21 4F F9 83 F8 (FF) 74
Hitting the process again (after patching) shows :
[+] Found Process 9284
[+] Module Address (msedge.dll) : 0x7FFFC2D50000
[+] Pattern address 0x7FFFC9AB6F00
[+] Pattern already edited
56 48 83 EC 20 48 89 D6 48 89 D1 E8 D0 21 4F F9 83 F8 (FF) 74
Above logs clearly shows that the patch has been applied by changing the 0x04 to 0xFF. However the dialog still appears for some reason! Do you have any idea why that is happening?
from chrome-developer-mode-extension-warning-patcher.
I think you might like https://github.com/DarthTon/Blackbone
Are you patching it fast enough? It needs to be patched before the function is executed, of course. Debug it and set a breakpoint to test this
from chrome-developer-mode-extension-warning-patcher.
Oh, I didn't know that the patch has to be applied before the function is executed.
Right now I'm listening for processes spawn using TraceEventSession, suspending the browser processes threads when it's detected, patching it then resuming the threads. But it seems like it doesn't get suspended fast enough because the dialog still appears. At least now I know that the issue is not patching fast enough.
I tried to patch the DLL file directly (msedge.dll), started the browser, dumped the process memory and made sure the DLL is loaded patched and it was (the bytes where loaded patched), but the dialog didn't disappear.
Do you have any idea about this issue?
from chrome-developer-mode-extension-warning-patcher.
No, try debugging it as I have suggested. Also, my patcher doesn't seem to be working anymore for Edge, which I haven't noticed until now (looks like it's not because of invalid patterns). I'm fixing it now, maybe then you can figure it out
from chrome-developer-mode-extension-warning-patcher.
I'm losing my mind. I loaded an external (non webstore) extension with --load-extension flag in Google Chrome, Brave and Opera and no warning dialog appeared at all!
I suspected that something is wrong with my browsers so I started a clean Windows 10 VM then installed Chrome, Brave and Opera and the same happened. No dialog was shown at all! Which is very very weird!
Can you confirm this behavior with the latest browsers versions?
- Chrome version 87.0.4280.88 (Official Build) (64-bit)
- Opera version:73.0.3856.284 (Official Build) (64-bit)
- Brave 1.18.77 Chromium: 87.0.4280.101 (Official Build) (64-bit)
from chrome-developer-mode-extension-warning-patcher.
No, I'm not customer support for your projects, but I load external extensions with developer mode in chrome://extensions
and there you can add an unpacked extension.
from chrome-developer-mode-extension-warning-patcher.
Well, sorry about the amount of questions I asked if they bothered you, I know, some of them are not related to the issue itself.
I'm just trying to understand the patching process and why it's done like this since I have no experience with Chromium or how it works and why the current patching process makes it possible to disable/enable features.
Reading the code wasn't enough to understand the concept (since no information about the patching process is documented), that's why I asked for some clarifications.
However, the last question I asked impacts your project if the statement is true because these browsers used to show a warning dialog and now they don't, thus making the feature to disable the dialog in your program for mentioned browsers useless. That's why I added a comment about it.
The issue will be marked as closed as no further clarifications are needed.
Thanks for the clarifications and happy new year 🌟.
from chrome-developer-mode-extension-warning-patcher.
Thanks!
You can post code of what you are trying to do and maybe I will look at it, if you want to.
from chrome-developer-mode-extension-warning-patcher.
Related Issues (20)
- Patcher not working on MS Edge HOT 2
- Feature Request: Support Patching Unsupported Flag Ticker HOT 14
- How do I disable/uninstall this??????? HOT 1
- Could it support generic patching? HOT 4
- Enable the blocking version of the webRequest API for all extensions on Manifest V3. HOT 9
- Bug Report: The executable not launching in win 11 HOT 2
- Support removing "Send to your devices" and "Create QR code for this page" on Edge
- Removing 1 more extension warning HOT 12
- Enable webRequestBlocking for MV3 not working in Chrome or Edge HOT 5
- Enable webRequestBlocking for MV3 not working in latest Chrome HOT 3
- Bug Report: Unable to run offline HOT 2
- Bug Report: Unable to run with .NET Runtime 6.0 HOT 3
- Feature Request: declarativeNetRequest regular-expression length limit warning
- Bug Report: Patcher wouldn't run HOT 2
- Bug Report: "Enable webRequestBlocking extension API for Manifest V3 extensions" is not working HOT 1
- Bug Report: Extension warnings reappearing in Edge HOT 18
- Question: repatching necessary for every browser update? HOT 2
- Bug Report: Send to self is breaking other Extension HOT 3
- Outdated patterns for Edge Version 120.0.2210.91 (Offizielles Build) (64-Bit) HOT 2
- Doesn't work in Yandex browser HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from chrome-developer-mode-extension-warning-patcher.