Mining a User’s Browser History
Browsers natively integrate the ability to track the URLs that a user visits. They use this information to autocomplete links in the URL bar and to alter the color of clicked links. Malicious developers can take advantage of this native tracking functionality to help figure out which sites a user has visited, allowing them to launch more targeted phishing attacks against him.
In addition to the standard color of links within a web page, many sites implement link styles to change a link’s appearance when the user has visited it:
<style type="text/css">
a:visited{ color:#c0c0c0; }
a:link{ color:#000; }
</style>In this scenario, attackers can check the link’s color to mine the browser history of the current user visiting the site. For instance, assume we have a few links defined on our site that link to other sources:
<a href="http://www.yahoo.com" id="link1">Yahoo!</a><br /> <a href="http://www.facebook.com" id="link2">Facebook</a>
Using the standard getComputedStyle
JavaScript function, a developer can capture the color styling of those
links to determine the user’s visited status:
<script type="text/javascript">
var compStyle = getComputedStyle(document.getElementById("link1"), "")
var color = compStyle.getPropertyValue("color");
</script>Note
The full code for this sample is available at https://github.com/jcleblanc/programming-social-applications/blob/master/chapter_8/attack_vector_history_miner.html.
Using these simple techniques as a base, malicious ...
Get Programming Social Applications now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
