Home / 2016 / September

Monthly Archives: September 2016

Workers SOP Bypass importScripts and baseHref

As we know, all browsers impose several restrictions when trying to access resources from different origins. Of course we can play music and render images coming from different domains but thanks to the Same Origin Policy, we will not be able to read the content of those resources. For example, we can draw …

Read More »

Detecting analysts before installing the malware

With the help of a beautiful piece of code, malware authors can detect installed applications straight from within the browser and serve the bad bits only to unsavvy users. In other words, attackers target regular users by detecting specific analysts applications (like Fiddler) and serving their harmful program to users that do not have those apps …

Read More »

Referer spoofing and defeating the XSS filter

According to Wikipedia, “Referer spoofing is the sending of incorrect referer information in an HTTP request in order to prevent a website from obtaining accurate data on the identity of the web page previously visited by the user.” In other words, making a server think that requests are coming from anywhere we want. Referer …

Read More »

CSS History Leak or “I know where you’ve been”

Hello fellow bug hunter! I’ve been thinking this morning on the classic trick originally discovered by Jeremiah Grossman back in 2006, where you could find out which sites were visited by the user. If you are not familiar with this beauty, I recommend you reading his original post. I will do my best to quickly …

Read More »