Tracking Users Via the Browser Cache

Use Netsparker


An interesting new twist on things, rather than using cookies to store information you can use perpetually cached files.

So clearing your cache and cookies isn’t enough, could be a privacy issue you say, indeed it could..

Clearing cookies may not be enough as you may think. Your browser’s cache is a valuable store of information. A JavaScript .js file resource which is generated dynamically when requested can have embedded a unique tracking ID and can live permanently in your browser’s cache when sent with the right HTTP cache-control headers. This JavaScript file can then be called by pages. The script is never re-requested, and hence keeps the unique ID, and it can call resources on the server-side to track you. They just need to associate this unique ID once with your account (when you login first time after the ID was created), and they can set cookies back again later and track you anyway. The result is that you can be tracked uniquely even past the point where you clear your cookies (i.e., as if you never cleared your cookies to generate fresh ones).

You can view a live demo here.

This is a demonstration of how a person’s web-browser can be tagged and tracked using a unique identifier which lives in the web browser’s cache for a very long time (using HTTP cache control headers and browsers’ use of conditional GET requests). This serves the same purpose as using a cookie to track people. However popular web browsers lack finer cache disposal controls (compared to cookie disposal), and this is something which needs to be looked into. No private information is collected in this example. It has been tested on Firefox, IE6, Konqueror and Epiphany. I don’t know about the IE7 versions or Safari.

Source: Mukund

Posted in: Privacy, Web Hacking

, ,


Latest Posts:


CloudFrunt - Identify Misconfigured CloudFront Domains CloudFrunt – Identify Misconfigured CloudFront Domains
CloudFrunt is a Python-based tool for identifying misconfigured CloudFront domains, it uses DNS and looks for CNAMEs which may be allowed to be associated with CloudFront distributions.
Airbash - Fully Automated WPA PSK Handshake Capture Script Airbash – Fully Automated WPA PSK Handshake Capture Script
Airbash is a POSIX-compliant, fully automated WPA PSK handshake capture script aimed at penetration testing, it is compatible with Bash and Android Shell.
XXEinjector - Automatic XXE Injection Tool For Exploitation XXEinjector – Automatic XXE Injection Tool For Exploitation
XXEinjector is an XXE Injection Tool that automates retrieving files using direct and out of band methods. Directory listing only works in Java applications.
Yahoo! Fined 35 Million USD For Late Disclosure Of Hack Yahoo! Fined 35 Million USD For Late Disclosure Of Hack
Ah Yahoo! in trouble again, this time the news is Yahoo! fined for 35 million USD by the SEC for the 2 year delayed disclosure of the massive hack, we actually reported on the incident in 2016 when it became public.
Drupwn - Drupal Enumeration Tool & Security Scanner Drupwn – Drupal Enumeration Tool & Security Scanner
Drupwn is a Python-based Drupal Enumeration Tool that also includes an exploit mode, which can check for and exploit relevant CVEs.
MyEtherWallet DNS Hack Causes 17 Million USD User Loss MyEtherWallet DNS Hack Causes 17 Million USD User Loss
Big news in the crypto scene this week was that the MyEtherWallet DNS Hack that occured managed to collect about $17 Million USD worth of Ethereum in just a few hours.


One Response to Tracking Users Via the Browser Cache

  1. jMs October 25, 2006 at 8:19 pm #

    Very very unique site and article here… thanx for info sharin with us….

    keep those stuff comin in