Powershell Patching Chromedriver.exe file becomes unusable

Question

So if i replace the cdc strings theres about 9 occurances of them in total with Notepad++ etc it works fine.

But for some reason my powershell code makes the file unusable. It replaces the strings but its not longer able to execute.

$PSDefaultParameterValues['*:Encoding'] = 'utf8';
$regexA = 'cdc_.{22}';
function Get-RandomCharacters($length, $characters) { 
$random = 1..$length | ForEach-Object { Get-Random -Maximum $characters.length } 
$private:ofs="" ;
return [String]$characters[$random];
}
$random += Get-RandomCharacters -length 3 -characters 'abcdefghijklmnopqrstuvwxyz';
$random = 'cdc_' + $random;
$randomupper = Get-RandomCharacters -length 1 -characters 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
$randomtwo = Get-RandomCharacters -length 12 -characters 'abcdefghijklmnopqrstuvwxyz';
$randomuppertwo = Get-RandomCharacters -length 2 -characters 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
$randomthree = Get-RandomCharacters -length 4 -characters 'abcdefghijklmnopqrstuvwxyz';
$output = $random += $randomupper += $randomtwo += $randomuppertwo += $randomthree
Write-Output "New cdc string is : $output"
Get-ChildItem 'C:\Users\C0n\Desktop\chromedriver.exe' | ForEach-Object {
    $c = (Get-Content $_.FullName) -replace $regexA, $output -join "`r"
    $Utf8NoBomEncoding = New-Object System.Text.UTF8Encoding $true
    [IO.File]::WriteAllText($_.FullName, $c, $Utf8NoBomEncoding)
}

Here is the cdc string inside the file cdc_adoQpoasnfa76pfcZLmcfl it gets replaced with a randomly generated string.

An executable is a binary file. Code that is intended for processing text files will likely damage the file as it tries to interpret the binary data as a text with specific encoding. If there is a chance for this to succeed, you should work with raw [binary streams](https://learn.microsoft.com/en-us/dotnet/api/system.io.filestream?view=net-7.0) only. The question is, what is the purpose of your attempted solution? — zett42, Dec 02 '22 at 08:31
@zett42 Thanks haha i feel stupid i have amended my code and this is my soloution posted below hopefully it helps others who use selenium and chromedriver and want it to be undetectable. — C0nw0nk, Dec 02 '22 at 10:14

score 1 · Accepted Answer · answered Dec 02 '22 at 10:16

My soloution read binary and convert to readable UTF8 text then write it back as binary again.

$regexA = 'cdc_.{22}';
$ThisFile = 'C:\Users\C0n\Desktop\chromedriver.exe'
function Get-RandomCharacters($length, $characters) { 
$random = 1..$length | ForEach-Object { Get-Random -Maximum $characters.length } 
$private:ofs="" ;
return [String]$characters[$random];
}
$random += Get-RandomCharacters -length 3 -characters 'abcdefghijklmnopqrstuvwxyz';
$random = 'cdc_' + $random;
$randomupper = Get-RandomCharacters -length 1 -characters 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
$randomtwo = Get-RandomCharacters -length 12 -characters 'abcdefghijklmnopqrstuvwxyz';
$randomuppertwo = Get-RandomCharacters -length 2 -characters 'ABCDEFGHIJKLMNOPQRSTUVWXYZ';
$randomthree = Get-RandomCharacters -length 4 -characters 'abcdefghijklmnopqrstuvwxyz';
$output = $random += $randomupper += $randomtwo += $randomuppertwo += $randomthree
Write-Output "New cdc string is : $output"
Get-ChildItem $ThisFile | ForEach-Object {
    $c = (Get-Content $_.FullName -Raw)
    if ($c -match $regexA) {
        $existing_cdc = $matches[0]
        Write-Output "Existing cdc to be replaced: $existing_cdc"
    }
}

# To compensate for a difference between Windows PowerShell and PowerShell (Core) 7+
# with respect to how byte processing is requested: -Encoding Byte vs. -AsByteStream
$byteEncParam = 
  if ($IsCoreCLR) { @{ AsByteStream = $true } } 
  else            { @{ Encoding = 'Byte' } }

# Read the file *as a byte array*.
$data = Get-Content @byteEncParam -ReadCount 0  $ThisFile

# Convert the array to a "hex string" in the form "nn-nn-nn-...",
# where nn represents a two-digit hex representation of each byte,
# e.g. '41-42' for 0x41, 0x42, which, if interpreted as a
# single-byte encoding (ASCII), is 'AB'.
$dataAsHexString = [BitConverter]::ToString($data)

# Define the search and replace strings, and convert them into
# "hex strings" too, using their UTF-8 byte representation.
$search = $existing_cdc
$replacement = $output
$searchAsHexString = [BitConverter]::ToString([Text.Encoding]::UTF8.GetBytes($search))
$replaceAsHexString = [BitConverter]::ToString([Text.Encoding]::UTF8.GetBytes($replacement))

# Perform the replacement.
$dataAsHexString = $dataAsHexString.Replace($searchAsHexString, $replaceAsHexString)

# Convert he modified "hex string" back to a byte[] array.
$modifiedData = [byte[]] ($dataAsHexString -split '-' -replace '^', '0x')

# Save the byte array back to the file.
Set-Content @byteEncParam $ThisFile -Value $modifiedData

score 1 · Answer 2 · edited Dec 27 '22 at 18:05

Remove cdp_props using Selenium (Python).

js = '''let objectToInspect = window,
    result = [];
    while(objectToInspect !== null)
        { result = result.concat(Object.getOwnPropertyNames(objectToInspect));
        objectToInspect = Object.getPrototypeOf(objectToInspect); }
    result.forEach(p => p.match(/.+_.+_(Array|Promise|Symbol)/ig)
        &&delete window[p]&&console.log('removed',p))'''

driver.execute_cdp_cmd("Page.addScriptToEvaluateOnNewDocument", {"source": js})

This will execute the js script, which removes the cdp_props when called.

Reference:

https://github.com/ultrafunkamsterdam/undetected-chromedriver/blob/master/undetected_chromedriver/__init__.py#L638

Thanks, I saw your github and whilst your python method works I needed a powershell method since i am automating the selenium setup process including browsers https://github.com/C0nw0nk/Selenium — C0nw0nk, Dec 16 '22 at 13:54

Powershell Patching Chromedriver.exe file becomes unusable

2 Answers2