[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Stealing browser history without JavaScript

To: or-talk@xxxxxxxxxxxxx
Subject: Re: Stealing browser history without JavaScript
From: Anon Mus <my.green.lantern@xxxxxxxxxxxxxx>
Date: Sun, 14 Jun 2009 22:34:32 +0100
Delivered-to: archiver@xxxxxxxx
Delivered-to: or-talk-outgoing@xxxxxxxx
Delivered-to: or-talk@xxxxxxxx
Delivery-date: Sun, 14 Jun 2009 17:34:52 -0400
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:references:in-reply-to :content-type:content-transfer-encoding; bh=jqSHcZe4D/kmBrSFNQs198EPFgkuTS8ufrCtoq7Zke0=; b=o7os5IUhMaC9dg+sKp7ntk3WamfkowNnH3hxMN9/T+l5wRtmFUX+Fmyy7IM2OjIVZo 9/BoK8sDGGNYriayhqGoWT1hxriQiDxe5SMpVBCEsacSZfW3PaK/sPxOtOct7Sehtwbq UIClDLbJkf8/pwqeQkJNb4VGln7R7qdjUQOUs=
Domainkey-signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; b=DAbQLX3SEAOUfb7PoOLhLvLpD3BB/pM75PkRZsce8/AVgZ3nep5UUZL+uxei/ADFET sW+Op0MvebjtVlynnm82+Rvh2h2JFqir91CJhlgjEWjZCO3m/IT4gqr49wa+YfPYrSHq iOvoZt8fK3v7KuX/uNj7YkVRaGHN5tqd1WiJc=
In-reply-to: <20090614153045.678F51407D51@xxxxxxxxxxxxxx>
References: <20090614153045.678F51407D51@xxxxxxxxxxxxxx>
Reply-to: or-talk@xxxxxxxxxxxxx
Sender: owner-or-talk@xxxxxxxxxxxxx
User-agent: Thunderbird 2.0.0.14 (Windows/20080421)

Zinco wrote:

-----Original Message-----
From: owner-or-talk@xxxxxxxxxxxxx [mailto:owner-or-talk@xxxxxxxxxxxxx] On
Behalf Of Anon Mus
Sent: Sunday, June 14, 2009 8:09 AM
To: or-talk@xxxxxxxxxxxxx
Subject: Re: Stealing browser history without JavaScript

Matej Kovacic wrote:

Hi,

this seems an interesting issue:

http://www.making-the-web.com/misc/sites-you-visit/nojs/

bye, Matej

Been to this site and it dont work on my firefox.3.0.8 browser... (withNoScript, QuickJava, Better Privacy, JavaScript Deobfuscator, QuickPreference Button & User Agent Switcher)


it replies with a 0 (zero) count. But there should be dozens.

Seems to me it would have to have all websites known to man on the page it
loads.  If it looks at "visited links" css on the page it loads it could
only look at websites on that page.  It would have to store a lot of web
pages on that hidden i-frame to really compare.  Unless you are looking to
see if a particular person visited a particular page doesn't seem like it
would do anyone much good.

Maybe IFrames don't work on Firefox. The pages IFrame message "Pleaseenable Iframes, though" is superfluous, as it only prints if IFrames isfunctional !!

Reminds me of a security software con site years ago which would printsome detail value known only to your browser, up on a web page. Ofcourse, only YOU could see it, no data was sent to the visited web site.

Even though it was a con, lots of people bought the security softwareto protect themselves from that non-existent leak.

In this IFrames exploit the test web page is said to have a cssbackground image embedded in it. I can find no such image (background:#003399;).

(See http://www.w3schools.com/css/pr_background.asp.)

The only image on the page is a javascript button. But there is ajavascript dependent Google Analytics urchin tracker.



Would the author Brendon Bo[mb]shell like to identify him/her self?

Follow-Ups:
- RE: Stealing browser history without JavaScript
  - From: downie -
- RE: Stealing browser history without JavaScript
  - From: Zinco

References:
- RE: Stealing browser history without JavaScript
  - From: Zinco

Prev by Author: Re: eliminating bogus port 43 exits
Next by Author: Re: eliminating bogus port 43 exits
Previous by thread: RE: Stealing browser history without JavaScript
Next by thread: RE: Stealing browser history without JavaScript
Index(es):
- Author
- Thread