Bypass of the security measures with automated bots

[fatihhcelik]

I was playing with the site https://typings.gg/ . Then, I realized I can write a python code to automate this process and break the my record. I recorded my screen during this process to illustrate the process clearly. Firstly, I will show my code and then write my suggestion to prevent this. Here is my code,

from selenium import webdriver

driver = webdriver.Chrome(executable_path= r'E:\\file\\path\\chromedriver.exe')
driver.get("https://typings.gg/")

text = input()
text = text + " "

inputElement = driver.find_element_by_id("input-field")
inputElement.send_keys(text)

If I need to explain quickly, this code runs in the following order,

• Open the automated browser using given path to appropriate browser's driver.
• Wait for the text in the website.
• Write the text into input field on the website.

I illustrated all these processes as a video in the attachment. I absolutely broke my record. (WPM:3204 ACC:100)

Here is the video in the zip file,

typing.zip

Suggestion to Prevent Automated Browsers

Actually, I didn't research about that deeply but I think, found some useful things. You can control the output of navigator.webdriver statement. This code returns true if the browser automated. As you can see in the photo,

[briemens]

There are many more ways to cheat then using selinium. You don't even need a bot at all!!! 😂
You can just fill in the WPM directly in the dom element with the Dev Tools if you want. Or make a screenshot apply some photoshop foo and brag to your friends.

I would say it only matters if there is an actual competion component where the server keeps track of scores and guarantees no one is cheating.