Abusing HTTP Status Codes to Expose Private Information

[Flash]

https://grepular.com/Abusing_HTTP_Statu ... nformation

When you visit my website, I can automatically and silently determine if you're logged into Facebook, Twitter, GMail and Digg.....

[jpeps]

If people insist on running browsers with javascript, adobe flash, active x, etc, what do they expect? Even on a TOR proxy, "features" like google toolbars can grab your personal info....and it's for sale.

[efiguy]

Good Job Flash,

We should connect this "browser spilling" to :

http://murga-linux.com/puppy/viewtopic.php?t=62391

Example:
- A curious site webmaster will visit a number of sites that he would like to know whether his own "visitors" are also viewing, like the city banks, restaurants, grocery, auto dealers, etc. They save the home page and comb them for obscure, yet unique from all the other "curious about" desired links small pics. These are then obliquely loaded into his own website, and they wait.

- Someone visits the "curious" site, now the "misc pic files" load from his site or the browser cache, revealing where the browser "goes to" or doesn't.

- just one way

Have G'day group

[Bruce B]

Even though I'm running Javascript, he doesn't know. Not on my
computer.

1) he can't know where I came from

2) he can't know my OS or browser, worse, his site is informed I'm
running XP with IE 6

3) he can't know if I'm logged into Facebook, Twitter or Google

All this is default, preemptive for all sites, not just this one.

RequestPolicy addon prevents #3

Preferences Toolbar is set to refuse to send referrer and spoof the
OS and browser. Thus messing up #1 and #2

Yes, I strongly recommend the RequestPolicy and Preferences
Toolbar AND they are easy to use and intuitive.

See pic below showing the sites which were blocked by default.

~

[bugman]

this sort of creepy stuff is part of the reason i've switched from javascript to php in my website coding

don't know if php can do this stuff at all, but since it can't be turned off, visitors to my benign sites don't get security warnings or missing features

thanks for posting

[efiguy]

Hi,

Bruce B, you have taken the critical steps of what an individual can do, 98% of the web requires Jscript to operate, crafted that way, We can admire "Bugman" for his avoiding the js.

- But any given pc or system Kernal can be discovered by the TCP/IP stack, and the assigned ISP IP geographically locates one right to a neighborhood.

Stack Fingerprinting ( EDIT 1- My apology - Old bookmarks not explored )
More info: * links are good 03-12-2011
- OLD (bad) http://www.sys-security.com/html/projects/X.html
*Replacement- http://capec.mitre.org/data/definitions/316.html

*New page- http://sourceforge.net/scm/?type=git&group_id=30984
*old Link page- http://xprobe.sourceforge.net Link page
*New Link page- http://sourceforge.net/apps/mediawiki/x ... =Main_Page
*new-link-old_page- http://xprobe.sourceforge.net/oldindex.html
*old PDF- http://xprobe.sourceforge.net/xprobe-ng.pdf
*old PDF- http://xprobe.sourceforge.net/xprobe_dsn_slides.pdf

OLD (bad) http://www.notlsd.net/xprobe/
*Replacement- http://www.phrack.com/issues.html?issue=57&id=7


- Once we click the browser, we don phosphorescent clothing covered in text.

Jay

Edit 2
Thank you Bruce B, did not understand as you surmized ;)
My system is subject to above attacks, as are most others

Edit 3
- If I was single Bugman, I'd be standing on the ol' Mustang's Loud pedal going West !!!
Well alas, 5th wife still here, the cars out of gas and so am I
-

[nooby]

Jay have you tested the first one lately?

http://en.wordpress.com/typo/?subdomain=sys-security

sys-security.wordpress.com doesn’t exist

did you by any chance save the text on that page because it seems gone unless that person have it mirrrored somewhere?

wher eam I suppose to read on the second one they say they refer to the wiki but there they still refer back to the one referring to the wiki
http://sourceforge.net/apps/mediawiki/x ... =Main_Page

similar with the third one

it is says
notlsd.net (NOTLSD.NET) is for sale

[bugman]

But any given pc or system Kernal can be discovered by the TCP/IP stack, and the assigned ISP IP geographically locates one right to a neighborhood.

i guess this why lovely young ladies from denver occasionally want to meet me

i live about 600-700 miles from denver though . . .

[Bruce B]

Bruce B, you have taken the critical steps of what an individual can do,
98% of the web requires Jscript to operate, crafted that way, We can
admire "Bugman" for his avoiding the js.

With prefbar the script can be turned on and off with a single mouse click.

With RequestPolicy, the only site contacted with is the site you visit. Unless
you explicitly allow specific remote sites. This permission can be
temporary or permanent.

So, on the page in question, the JavaScript ran, but the remote sites were unavailable.

I wanted to make it clear, in case it wasn't.

[efiguy]

Edited - didn't trigger mail updates My apologies all <:)

Stack Fingerprinting ( EDIT 1- My apology - Old bookmarks not explored )
More info: * links are good 03-12-2011
- OLD (bad) http://www.sys-security.com/html/projects/X.html
*Replacement- [url]http://capec.mitre.org/data/definitions/316.html[/url]

*New page- [url]http://sourceforge.net/scm/?type=git&group_id=30984[/url]
*old Link page- http://xprobe.sourceforge.net Link page
*New Link page- [url]http://sourceforge.net/apps/mediawiki/x ... =Main_Page[/url]
*new-link-old_page- [url]http://xprobe.sourceforge.net/oldindex.html[/url]
*old PDF- http://xprobe.sourceforge.net/xprobe-ng.pdf
*old PDF- http://xprobe.sourceforge.net/xprobe_dsn_slides.pdf

OLD (bad) http://www.notlsd.net/xprobe/
*Replacement- [url]http://www.phrack.com/issues.html?issue=57&id=7[/url]


Edit 2
Thank you Bruce B, did not understand as you surmized ;)
My system is subject to above attacks, as are most others

Edit 3
- If I was single Bugman, I'd be standing on the ol' Mustang's Loud pedal going West !!!
But alas, 5th wife is still here, the car's out of gas and so am I

jay
-