This required some digging. samy.pl has several levels of indirection and obfuscation on top of this code. It uses a different version of the discovery code than the GitHub repository found by JohanP. The code in samy.pl, unlike the GitHub repository, can detect devtools when they are not docked.
This is done with a short script that runs differently depending on whether devtools is open or closed.
script
- ; , , devtools ( , ):
<!DOCTYPE html>
<html>
<body>
<pre id="output"></pre>
<script type="text/javascript">
var element = new Image;
var devtoolsOpen = false;
element.__defineGetter__("id", function() {
devtoolsOpen = true;
});
setInterval(function() {
devtoolsOpen = false;
console.log(element);
document.getElementById('output').innerHTML += (devtoolsOpen ? "dev tools is open\n" : "dev tools is closed\n");
}, 1000);
</script>
</body>
</html>
SetInterval . console.log , devtools: console . log , devtools . devtools , console.log . , , devtools: .
element . , __defineGetter__. console.log(element) , devtools , console.log no-op. , devtools .
samy.pl , : , (!) .