Full Disclosure mailing list archives

Re: [WEB SECURITY] Stealing Search Engine Queries with JavaScript

From: "Brian Eaton" <eaton.lists () gmail com>
Date: Fri, 29 Sep 2006 15:18:44 -0400

On 9/29/06, Billy Hoffman <Billy.Hoffman () spidynamics com> wrote:

Possible uses:

-HMO's website could check if a visitor has been searching other sites about
cancer, cancer treatments, or drug rehab centers.

-Advertising networks could gather information about which topics someone is
interested based on their search history and use that to echance their
customer databases.

-Government websites could see if a visitor has been searching for
bomb-making instructions.


Correct me if I'm wrong, but it looks like the technique only works if
you can guess the entire set of search terms the user entered.

For example, let's say I searched for "XSS hack".  The technique won't
work if the attacking web site checks only for "XSS", or only for
"hack".  The technique does reveal that I searched for "XSS hack"
though.

Regards,
Brian

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Stealing Search Engine Queries with JavaScript Billy Hoffman (Sep 29)
- Re: Stealing Search Engine Queries with JavaScript Dave "No, not that one" Korn (Sep 29)
- Re: [WEB SECURITY] Stealing Search Engine Queries with JavaScript Brian Eaton (Sep 29)
- Re: [WEB SECURITY] Stealing Search Engine Queries with JavaScript Chris Hofmann (Sep 30)
  - Re: [WEB SECURITY] Stealing Search Engine Queries with JavaScript Collin Jackson (Sep 30)
- Re: [WEB SECURITY] Stealing Search Engine Queries with JavaScript Ian (Sep 30)
- Re: Stealing Search Engine Queries with JavaScript マグロ原子 (Sep 30)