@fanboynz/network-scanner 2.0.54 → 2.0.55

package/lib/browserexit.js

@@ -15,7 +15,7 @@ const CHROME_TEMP_PATHS = [
 ];
 
 const CHROME_TEMP_PATTERNS = [
-  '.com.google.Chrome.*',        // Google Chrome temp files
+  'com.google.Chrome.*',         // Google Chrome temp files (no leading dot)
   '.org.chromium.Chromium.*',
   'puppeteer-*'
 ];
@@ -39,6 +39,7 @@ async function cleanupChromeTempFiles(options = {}) {
 
     // Base cleanup commands for standard temp directories
     const cleanupCommands = [
+      'rm -rf /tmp/com.google.Chrome.* 2>/dev/null || true',
       'rm -rf /tmp/.com.google.Chrome.* 2>/dev/null || true',
       'rm -rf /tmp/.org.chromium.Chromium.* 2>/dev/null || true',
       'rm -rf /tmp/puppeteer-* 2>/dev/null || true',
@@ -48,6 +49,7 @@ async function cleanupChromeTempFiles(options = {}) {
 
     // Add snap-specific cleanup if requested
     if (includeSnapTemp || comprehensive) {
+      cleanupCommands.push('rm -rf /dev/shm/com.google.Chrome.* 2>/dev/null || true');
       cleanupCommands.push(
         'rm -rf /tmp/snap-private-tmp/snap.chromium/tmp/.org.chromium.Chromium.* 2>/dev/null || true',
         'rm -rf /tmp/snap-private-tmp/snap.chromium/tmp/puppeteer-* 2>/dev/null || true'

package/lib/fingerprint.js

@@ -24,28 +24,6 @@ function seededRandom(seed) {
 const _fingerprintCache = new Map();
 
 // Type-specific property spoofing functions for monomorphic optimization
-function spoofNavigatorProperties(navigator, properties, options = {}) {
-  if (!navigator || typeof navigator !== 'object') return false;
-  
-  for (const [prop, descriptor] of Object.entries(properties)) {
-    if (!safeDefineProperty(navigator, prop, descriptor, options)) {
-      if (options.debug) console.log(`[fingerprint] Failed to spoof navigator.${prop}`);
-    }
-  }
-  return true;
-}
-
-function spoofScreenProperties(screen, properties, options = {}) {
-  if (!screen || typeof screen !== 'object') return false;
-  
-  for (const [prop, descriptor] of Object.entries(properties)) {
-    if (!safeDefineProperty(screen, prop, descriptor, options)) {
-      if (options.debug) console.log(`[fingerprint] Failed to spoof screen.${prop}`);
-    }
-  }
-  return true;
-}
-
 // Built-in properties that should not be modified
 const BUILT_IN_PROPERTIES = new Set([
   'href', 'origin', 'protocol', 'host', 'hostname', 'port', 'pathname', 'search', 'hash',
@@ -379,6 +357,27 @@ async function applyUserAgentSpoofing(page, siteConfig, forceDebug, currentUrl)
             return false;
           };
         })();
+
+        // Function.prototype.toString protection — make spoofed functions appear native
+        // Must be installed BEFORE any property overrides so all spoofs are protected
+        const nativeFunctionStore = new WeakMap();
+        const originalToString = Function.prototype.toString;
+        
+        function maskAsNative(fn, nativeName) {
+          if (typeof fn === 'function') {
+            nativeFunctionStore.set(fn, nativeName || fn.name || '');
+          }
+          return fn;
+        }
+        
+        Function.prototype.toString = function() {
+          if (nativeFunctionStore.has(this)) {
+            return `function ${nativeFunctionStore.get(this)}() { [native code] }`;
+          }
+          return originalToString.call(this);
+        };
+        // Protect the toString override itself
+        nativeFunctionStore.set(Function.prototype.toString, 'toString');
         
         // Create safe property definition helper
         function safeDefinePropertyLocal(target, property, descriptor) {
@@ -439,10 +438,14 @@ async function applyUserAgentSpoofing(page, siteConfig, forceDebug, currentUrl)
         // Remove webdriver properties
         //
         safeExecute(() => {
-          try {
-            delete navigator.webdriver;
-          } catch (e) {}
-          safeDefinePropertyLocal(navigator, 'webdriver', { get: () => false });
+          // In real Chrome, webdriver lives on Navigator.prototype, not the instance.
+          // Override it there so Object.getOwnPropertyDescriptor(navigator, 'webdriver') returns undefined.
+          try { delete navigator.webdriver; } catch (e) {}
+          Object.defineProperty(Navigator.prototype, 'webdriver', {
+            get: () => false,
+            configurable: true,
+            enumerable: true
+          });
         }, 'webdriver removal');
 
         // Remove automation properties
@@ -861,6 +864,8 @@ async function applyUserAgentSpoofing(page, siteConfig, forceDebug, currentUrl)
                 if (typeof originalStack === 'string') {
                   return originalStack
                     .replace(/.*puppeteer.*\n?/gi, '')
+                    .replace(/.*__puppeteer_evaluation_script__.*\n?/gi, '')
+                    .replace(/.*evaluateOnNewDocument.*\n?/gi, '')
                     .replace(/.*chrome-devtools.*\n?/gi, '')
                     .replace(/.*webdriver.*\n?/gi, '')
                     .replace(/.*automation.*\n?/gi, '')
@@ -1635,6 +1640,55 @@ async function applyUserAgentSpoofing(page, siteConfig, forceDebug, currentUrl)
           });
         }, 'location URL masking');
 
+        // Bulk-mask all spoofed prototype methods so toString() returns "[native code]"
+        // Must run AFTER all overrides are applied
+        safeExecute(() => {
+          const protoMasks = [
+            [WebGLRenderingContext.prototype, ['getParameter', 'getExtension', 'getSupportedExtensions']],
+            [HTMLCanvasElement.prototype, ['getContext', 'toDataURL', 'toBlob']],
+            [CanvasRenderingContext2D.prototype, ['getImageData', 'fillText', 'strokeText', 'measureText']],
+            [EventTarget.prototype, ['addEventListener', 'removeEventListener']],
+            [Date.prototype, ['getTimezoneOffset']],
+          ];
+          if (typeof WebGL2RenderingContext !== 'undefined') {
+            protoMasks.push([WebGL2RenderingContext.prototype, ['getParameter', 'getExtension']]);
+          }
+          protoMasks.forEach(([proto, methods]) => {
+            methods.forEach(name => {
+              if (typeof proto[name] === 'function') maskAsNative(proto[name], name);
+            });
+          });
+
+          // Mask navigator/window method overrides
+          if (typeof navigator.permissions?.query === 'function') maskAsNative(navigator.permissions.query, 'query');
+          if (typeof navigator.getBattery === 'function') maskAsNative(navigator.getBattery, 'getBattery');
+          if (typeof speechSynthesis?.getVoices === 'function') maskAsNative(speechSynthesis.getVoices, 'getVoices');
+          if (typeof performance.now === 'function') maskAsNative(performance.now, 'now');
+          if (typeof Notification?.requestPermission === 'function') maskAsNative(Notification.requestPermission, 'requestPermission');
+          if (typeof window.RTCPeerConnection === 'function') maskAsNative(window.RTCPeerConnection, 'RTCPeerConnection');
+          if (typeof window.Image === 'function') maskAsNative(window.Image, 'Image');
+          if (typeof window.fetch === 'function') maskAsNative(window.fetch, 'fetch');
+          if (typeof window.PointerEvent === 'function') maskAsNative(window.PointerEvent, 'PointerEvent');
+
+          // Mask property getters on navigator
+          const navProps = ['userAgentData', 'connection', 'pdfViewerEnabled', 'webdriver',
+                            'hardwareConcurrency', 'deviceMemory', 'platform', 'maxTouchPoints'];
+          navProps.forEach(prop => {
+            // Check both instance and prototype (webdriver lives on prototype)
+            const desc = Object.getOwnPropertyDescriptor(navigator, prop)
+                      || Object.getOwnPropertyDescriptor(Navigator.prototype, prop);
+            if (desc?.get) maskAsNative(desc.get, 'get ' + prop);
+          });
+
+          // Mask window property getters
+          ['screenX', 'screenY', 'outerWidth', 'outerHeight'].forEach(prop => {
+            const desc = Object.getOwnPropertyDescriptor(window, prop);
+            if (desc?.get) maskAsNative(desc.get, 'get ' + prop);
+          });
+
+          if (debugEnabled) console.log('[fingerprint] toString protection applied to all spoofed functions');
+        }, 'Function.prototype.toString bulk masking');
+
       }, ua, forceDebug, selectedGpu);
     } catch (stealthErr) {
       if (stealthErr.message.includes('Session closed') || 
@@ -2030,9 +2084,6 @@ async function applyAllFingerprintSpoofing(page, siteConfig, forceDebug, current
 }
 
 // Legacy compatibility function - maintained for backwards compatibility
-function safeExecuteSpoofing(spoofFunction, description, forceDebug = false) {
-  return safeSpoofingExecution(spoofFunction, description, { debug: forceDebug });
-}
 
 
 module.exports = {
@@ -2044,7 +2095,6 @@ module.exports = {
   applyAllFingerprintSpoofing,
   simulateHumanBehavior,
   safeDefineProperty,
-  safeExecuteSpoofing, // Legacy compatibility
   safeSpoofingExecution,
   DEFAULT_PLATFORM,
   DEFAULT_TIMEZONE

package/lib/interaction.js

@@ -123,6 +123,20 @@ const ELEMENT_INTERACTION = {
   MISTAKE_RATE: 0.02         // Probability of typing mistakes (0.02 = 2% chance)
 };
 
+// === CONTENT CLICK CONSTANTS ===
+// For triggering document-level onclick handlers (e.g., Monetag onclick_static)
+// These clicks target the page content area, not specific UI elements
+// NOTE: No preDelay needed — mouse movements + scrolling already provide ~1s
+// of activity before clicks fire, which is enough for async ad script registration
+const CONTENT_CLICK = {
+  CLICK_COUNT: 2,            // Two attempts (primary + backup if first suppressed)
+  INTER_CLICK_MIN: 300,      // Minimum ms between clicks (above Monetag 250ms cooldown)
+  INTER_CLICK_MAX: 500,      // Maximum ms between clicks
+  PRE_CLICK_DELAY: 300,      // Small buffer for late-loading async ad scripts
+  VIEWPORT_INSET: 0.2,       // Avoid outer 20% of viewport (menus, overlays)
+  MOUSE_APPROACH_STEPS: 3    // Minimal steps — just enough for non-instant movement
+};
+
 // === INTENSITY SETTINGS ===
 // Pre-configured intensity levels - modify these to change overall behavior
 const INTENSITY_SETTINGS = {
@@ -606,6 +620,97 @@ async function interactWithElements(page, options = {}) {
   }
 }
 
+/**
+ * Clicks random spots in the page content area to trigger document-level
+ * onclick handlers (Monetag onclick_static, similar popunder SDKs).
+ *
+ * WHY THIS EXISTS:
+ * Ad onclick SDKs attach a single listener on `document` (capture phase)
+ * that fires on ANY click with `isTrusted: true`. They don't care which
+ * element was clicked — just that a real input event reached the document.
+ * `interactWithElements()` hunts for <button>/<a> which may not exist or
+ * may be excluded by the SDK's own filter. This function simply clicks
+ * the content area of the page where the SDK will always accept the event.
+ *
+ * TIMING:
+ * - 300ms preDelay: small buffer after mouse/scroll activity (~1.2s) for
+ *   any late-loading async ad scripts to finish registering listeners.
+ * - Spaces clicks 300-500ms apart (above Monetag's 250ms cooldown).
+ * - Total time: ~1.1s for 2 clicks (preDelay + move + pause + click + gap).
+ *
+ * TARGETING:
+ * - Clicks within the inner 60% of the viewport to avoid sticky headers,
+ *   footers, sidebars, cookie banners, and overlay close buttons.
+ * - Each click gets a fresh random position with natural mouse approach.
+ *
+ * @param {import('puppeteer').Page} page
+ * @param {object} [options]
+ * @param {number} [options.clicks]         Number of click attempts
+ * @param {number} [options.preDelay]       Ms to wait before first click
+ * @param {number} [options.interClickMin]  Min ms between clicks
+ * @param {number} [options.interClickMax]  Max ms between clicks
+ * @param {boolean} [options.forceDebug]    Log click coordinates
+ */
+async function performContentClicks(page, options = {}) {
+  const {
+    clicks = CONTENT_CLICK.CLICK_COUNT,
+    preDelay = CONTENT_CLICK.PRE_CLICK_DELAY,
+    interClickMin = CONTENT_CLICK.INTER_CLICK_MIN,
+    interClickMax = CONTENT_CLICK.INTER_CLICK_MAX,
+    forceDebug = false
+  } = options;
+
+  try {
+    if (page.isClosed()) return;
+
+    const viewport = await getCachedViewport(page);
+    const inset = CONTENT_CLICK.VIEWPORT_INSET;
+    const minX = Math.floor(viewport.width * inset);
+    const maxX = Math.floor(viewport.width * (1 - inset));
+    const minY = Math.floor(viewport.height * inset);
+    const maxY = Math.floor(viewport.height * (1 - inset));
+
+    // Wait for ad scripts to register their listeners
+    await fastTimeout(preDelay);
+
+    let lastX = minX + Math.floor(Math.random() * (maxX - minX));
+    let lastY = minY + Math.floor(Math.random() * (maxY - minY));
+
+    for (let i = 0; i < clicks; i++) {
+      if (page.isClosed()) break;
+
+      // Random position in content zone
+      const targetX = minX + Math.floor(Math.random() * (maxX - minX));
+      const targetY = minY + Math.floor(Math.random() * (maxY - minY));
+
+      // Natural mouse approach (few steps, no need for elaborate curves)
+      await humanLikeMouseMove(page, lastX, lastY, targetX, targetY, {
+        steps: CONTENT_CLICK.MOUSE_APPROACH_STEPS,
+        curve: 0.03 + Math.random() * 0.04,
+        jitter: 1
+      });
+
+      // Brief human-like pause, then click
+      await fastTimeout(TIMING.CLICK_PAUSE_MIN + Math.random() * (TIMING.CLICK_PAUSE_MAX - TIMING.CLICK_PAUSE_MIN));
+      await page.mouse.click(targetX, targetY);
+
+      if (forceDebug) {
+        console.log(`[interaction] Content click ${i + 1}/${clicks} at (${targetX}, ${targetY})`);
+      }
+
+      lastX = targetX;
+      lastY = targetY;
+
+      // Inter-click gap (skip after last click)
+      if (i < clicks - 1) {
+        await fastTimeout(interClickMin + Math.random() * (interClickMax - interClickMin));
+      }
+    }
+  } catch (err) {
+    // Content clicks are supplementary — never break the scan
+  }
+}
+
 /**
  * Simulates realistic typing behavior with human characteristics
  * 
@@ -876,12 +981,22 @@ async function performPageInteraction(page, currentUrl, options = {}, forceDebug
       }
     }
 
-    // Element interaction
+    // Click interaction — two strategies for maximum ad script coverage
+    // 1. Content area clicks: triggers document-level onclick handlers
+    //    (Monetag, similar popunder SDKs that listen on document)
+    // 2. Element clicks: interacts with specific UI elements
+    //    (ad scripts that attach to specific clickable elements)
     if (includeElementClicks) {
-      await interactWithElements(page, {
-        maxAttempts: 2,
-        avoidDestructive: true
-      });
+      if (checkTimeout()) return; // Emergency timeout check
+      // Primary: content area clicks for document-level onclick handlers
+      await performContentClicks(page, { forceDebug });
+      // Secondary: targeted element clicks (fast, 1 attempt only)
+      if (!checkTimeout()) {
+        await interactWithElements(page, {
+          maxAttempts: 1,
+          avoidDestructive: true
+        });
+      }
     }
 
     // Periodic memory cleanup during interaction
@@ -1105,6 +1220,7 @@ module.exports = {
   humanLikeMouseMove,
   simulateScrolling,
   interactWithElements,
+  performContentClicks,
   simulateTyping,
   generateRandomCoordinates
 };

package/nwss.js

@@ -39,7 +39,7 @@ const { processResults } = require('./lib/post-processing');
 // Colorize various text when used
 const { colorize, colors, messageColors, tags, formatLogMessage } = require('./lib/colorize');
 // Enhanced mouse interaction and page simulation
-const { performPageInteraction, createInteractionConfig } = require('./lib/interaction');
+const { performPageInteraction, createInteractionConfig, performContentClicks, humanLikeMouseMove } = require('./lib/interaction');
 // Domain detection cache for performance optimization
 const { createGlobalHelpers, getTotalDomainsSkipped, getDetectedDomainsCount } = require('./lib/domain-cache');
 const { createSmartCache } = require('./lib/smart-cache'); // Smart cache system
@@ -1447,7 +1447,6 @@ function setupFrameHandling(page, forceDebug) {
         '--disable-features=SafeBrowsing',
         '--disable-dev-shm-usage',
         '--disable-sync',
-        '--disable-gpu',  // WebGL null-context handled by fingerprint.js Proxy mock
         '--mute-audio',
         '--disable-translate',
         '--window-size=1920,1080',
@@ -3660,6 +3659,32 @@ function setupFrameHandling(page, forceDebug) {
           }
         }
 
+      // Post-reload interaction: trigger onclick ad scripts (Monetag etc.)
+      // Each reload gives a fresh session with a new random ad domain —
+      // without clicks the SDK never fires and we miss those domains.
+      if (interactEnabled && !page.isClosed()) {
+        try {
+          // Brief wait for ad scripts to re-register after reload
+          await fastTimeout(800);
+          // Quick mouse moves to build movement score (Monetag tracks this)
+          const vp = page.viewport() || { width: 1920, height: 1080 };
+          const startX = 200 + Math.floor(Math.random() * (vp.width - 400));
+          const startY = 200 + Math.floor(Math.random() * (vp.height - 400));
+          await page.mouse.move(startX, startY);
+          for (let m = 0; m < 2; m++) {
+            const endX = 200 + Math.floor(Math.random() * (vp.width - 400));
+            const endY = 200 + Math.floor(Math.random() * (vp.height - 400));
+            await humanLikeMouseMove(page, startX, startY, endX, endY, { steps: 3, curve: 0.04, jitter: 1 });
+          }
+          // Content clicks to trigger document-level onclick handlers
+          await performContentClicks(page, { clicks: 2, preDelay: 200, forceDebug });
+          if (forceDebug) console.log(formatLogMessage('debug', `Post-reload interaction completed for reload #${i}`));
+        } catch (postReloadInteractErr) {
+          // Non-critical — continue with remaining reloads
+          if (forceDebug) console.log(formatLogMessage('debug', `Post-reload interaction failed: ${postReloadInteractErr.message}`));
+        }
+      }
+
       // Only add delay if we're continuing with more reloads
       if (i < totalReloads) {
     // Reduce delay for problematic sites

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@fanboynz/network-scanner",
-  "version": "2.0.54",
+  "version": "2.0.55",
   "description": "A Puppeteer-based network scanner for analyzing web traffic, generating adblock filter rules, and identifying third-party requests. Features include fingerprint spoofing, Cloudflare bypass, content analysis with curl/grep, and multiple output formats.",
   "main": "nwss.js",
   "scripts": {