[funsec] Interesting: Stealing your browser history... withoutJavaScript!
Thomas Raef
traef at ebasedsecurity.com
Sat Jun 13 18:39:25 CDT 2009
I seem to recall that HD Moore (I believe that's his name) showed this
at Blackhat 2006 in Las Vegas, but his did use javascript.
Thomas J. Raef
We Watch Your Website
"We Watch Your Website - so you don't have to!"
> -----Original Message-----
> From: funsec-bounces at linuxbox.org [mailto:funsec-bounces at linuxbox.org]
> On Behalf Of Paul Ferguson
> Sent: Saturday, June 13, 2009 4:01 PM
> To: funsec at linuxbox.org
> Subject: [funsec] Interesting: Stealing your browser history...
> withoutJavaScript!
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> FYI:
>
> http://www.making-the-web.com/misc/sites-you-visit/nojs/
>
> - - ferg
>
> -----BEGIN PGP SIGNATURE-----
> Version: PGP Desktop 9.5.3 (Build 5003)
>
> wj8DBQFKNBNmq1pz9mNUZTMRAkRRAJ0dGV8Mw3pf+R2Z9Va7JrBeUCKVUQCg6H5t
> RScMLFKztS/fx90StlPL67E=
> =JThT
> -----END PGP SIGNATURE-----
>
>
> --
> "Fergie", a.k.a. Paul Ferguson
> Engineering Architecture for the Internet
> fergdawgster(at)gmail.com
> ferg's tech blog: http://fergdawg.blogspot.com/
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.
More information about the funsec
mailing list