 Freie Software |
 p2p |
 Politik |
 Physik |
 Projekte |
 zurück |
 Rollenspiele |
 Geschichten |
 Gedichte |
 Lieder |
 Magie |
   
|
||||||||||
History
Your browser history can be sniffed with just 64 lines of Python (tested with Firefox 3.5.3)
Oktober 2nd, 2009
After the example of making-the-web, I was quite intrigued by the ease of sniffing the history via simple CSS tricks.
- Firefox Bug report - still open!
- Start Panic! - a site dedicated to spreading the news about the vulnerability.
- What the internet knows about you - easily sniff yourself.
- Cute kitten - look at cute kittens. Does this look suspicious? :)
- Start Panic! - a site dedicated to spreading the news about the vulnerability.
- What the internet knows about you - easily sniff yourself.
- Cute kitten - look at cute kittens. Does this look suspicious? :)
So I decided to test, how small I get a Python program which can sniff the history via CSS - without requiring any scripting ability on the browser-side.
I first produced fully commented code (see server.py) and then stripped it down to just 64 lines (server-stripped.py), to make it really crystal clear, that making your browser vulnerable to this exploit is a damn bad idea. I hope this will help get Firefox fixed quickly.
Dieser Text ist mir was wert:
