Home > CAPEC List > CAPEC-472: Browser Fingerprinting (Release 2.0)  

CAPEC-472: Browser Fingerprinting

 
Browser Fingerprinting
Attack Pattern ID: 472 (Detailed Attack Pattern Completeness: Stub)Typical Severity: LowStatus: Draft
+ Description

Summary

An attacker carefully crafts small snippets of Java Script to efficiently detect the type of browser the potential victim is using. Having this knowledge allows an attacker to target the victim with attacks that specifically exploit known or zero day weaknesses in the type and version of the browser used by the victim.

The following code snippets can be used to detect various browsers:

//Firefox 2/3

FF=/a/[-1]=='a'

//Firefox 3

FF3=(function x(){})[-5]=='x'

//Firefox 2

FF2=(function x(){})[-6]=='x'

//IE

IE='\v'=='v'

//Safari

Saf=/a/.__proto__=='//'

//Chrome

Chr=/source/.test((/a/.toString+''))

//Opera

Op=/^function \(/.test([].sort)

+ Attack Prerequisites

    Victim's browser visits a website that contains contains attacker's Java Script

    Java Script is not disabled in the victim's browser

+ Solutions and Mitigations

Configuration: Disable Java Script in the browser

+ References
Gareth Heyes. "Detecting browsers javascript hacks". http://www.thespanner.co.uk/2009/01/29/detecting-browsers-javascript-hacks/. 2009-01-29.
+ Content History
Submissions
SubmitterOrganizationDate
Evgeny LebanidzeCigital Federal, Inc2011-05-31
Back to top
Page Last Updated: May 18, 2012
 

CAPEC is co-sponsored by the office of Cybersecurity and Communications at the U.S. Department of Homeland Security.

This Web site is sponsored and managed by The MITRE Corporation to enable stakeholder collaboration. Copyright © 2007 - 2013, The MITRE Corporation. CAPEC and the CAPEC logo are trademarks of The MITRE Corporation. Contact capec@mitre.org for more information.
Privacy policy
Terms of use
Contact us