Hack Any Webapp
Self-healing client-side bundle patching for single-page web apps. A technical case study and patent-style disclosure, by Alexey Fedorov.
The thesis
A third-party web app ships its behavior inside a large, minified JavaScript bundle. We change that behavior on the user's own machine, durably, and keep working even as the vendor redeploys the bundle on an unknown cadence.
Why it's hard
Six constraints that break the obvious approaches.
Minified, churning bundles
Variable names and file hashes change on every vendor deploy. Any patch keyed to literal identifiers rots within days.
Manifest V3
Extensions may not eval remote code or inject remote <script> the way MV2 allowed. The classic rewrite-the-page approaches are gone.
Subresource Integrity
The vendor's integrity="sha384-…" attribute makes the browser reject any substituted bytes.
Content-Security-Policy
The page may forbid inline scripts and eval, blocking naive injection outright.
SPA load order
The bundle is requested very early: parser-inserted, preloaded, or programmatic. Every path must be intercepted.
Web-store review
"Remote code execution" is a flagged behavior. The distribution model changes how a reviewer perceives the extension.
The technique
Four ideas that make it work.
§6 · The crown jewel
The onreset Trick
Run a fetched string as page-realm code with no extension eval and no <script> element: an attribute write plus a synthetic event.
Read →§5 · The comparison
Model A vs Model B
File-pull versus rules-plus-local-apply: the full trade-off between shipping a 19 MB bundle and shipping a 756-byte recipe.
Read →§1-§4 · The pipeline
How It Works
A self-healing, two-subsystem pipeline: a scheduled server-side patcher and a dumb, durable MV3 extension.
Read →§10-§15 · The artifact
The Disclosure
The same architecture recast as a patent-style technical disclosure: field, embodiments, and numbered claims.
Read →3
open-source repositories
≤2h
self-heal latency after a redeploy
756 B
rules recipe vs ~19 MB bundle
225
commits of git archaeology
In the wild
Two real, shipped, open-source systems.
Gizmo AI Unlimited
Removes daily hearts/hints limits on app.gizmo.ai by forcing two subscription checks to read "subscribed." Model B (rules + local apply), fail-closed.
Play Origin / P-NP
Injects auto-answer hooks, a membership bypass, DI service discovery, and a full in-game mod menu into Prodigy Math Game. Model A client, Model B server.
About the researcher
Alexey Fedorov
Security researcher & engineer who designs and ships the self-healing patching systems documented here.