See working/Fork/Star on Github: https://github.com/awalGarg/devtools-timing-attack
5 | 6 |Made by @awalGarg
7 | 8 |loading...11 | 12 | 13 | 14 | -------------------------------------------------------------------------------- /attack.js: -------------------------------------------------------------------------------- 1 | ff = (navigator.userAgent.indexOf('Firefox') !== -1); 2 | timeLimit = ff ? 5 : 2; 3 | varLimit = ff ? 2 : 3; 4 | iterations = 20; 5 | lastRun = null; 6 | function run() { 7 | iterations = +iterations; 8 | took = ( 9 | Array(iterations) 10 | .fill(0) 11 | .map(collect) 12 | .reduce(function(a, b) { return a+b; }, 0) 13 | ) / iterations; 14 | if (location.search.indexOf('debug') !== -1) { 15 | debug.appendChild(document.createTextNode(`\n\ntook ${took} ms on average`)); 16 | } 17 | return took; 18 | } 19 | 20 | function collect(_, i) { 21 | var start = performance.now(); 22 | heavyTask(i); 23 | var end = performance.now(); 24 | return end - start; 25 | } 26 | 27 | function heavyTask(arg) { 28 | var buffer = []; 29 | for (var i = 0; i <= arg; i++) { 30 | var el = document.createElement('script'); 31 | el.textContent = 'console.log(' + i + ')'; 32 | document.head.appendChild(el); 33 | buffer.push(el); 34 | } 35 | for (var i = 0; i <= arg; i++) { 36 | document.head.removeChild(buffer[i]); 37 | } 38 | } 39 | 40 | if (!('fill' in [])) { 41 | Array.prototype.fill = function(val) { 42 | for (var i = 0; i < this.length; i++) { 43 | this[i] = val; 44 | } 45 | return this; 46 | }; 47 | } 48 | 49 | (function check() { 50 | var val = run(); 51 | if (val > timeLimit) { 52 | res.textContent = 'Y U NO CLOSE DEVTOOLS!!'; 53 | } else { 54 | res.textContent = 'if you open devtools, I would know and this text would change :)'; 55 | } 56 | setTimeout(check, 500); 57 | })(); 58 | --------------------------------------------------------------------------------