1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Fingerprints / How can a website track you.

Discussion in 'Black Hat SEO' started by deathx01, Oct 7, 2013.

  1. deathx01

    deathx01 Registered Member

    Joined:
    Oct 23, 2012
    Messages:
    91
    Likes Received:
    21
    So this is to show what I know about fingerprints (computing ) and to help us get a complete view of it. This can help in many ways , specialy for blackhat project ;).
    It's shure that i dont know everything , so if you think you can add some relevent information , please do it.
    So I'll talk about important things : IP, browser data/computer data, cookies , flash cookies (LSO ) , proxy ( java attack )

    Well IP is the obvious one... everybody know that IP need to be change if you want to look like an other computer. In that case you'll need some good proxy. When you are choosing a proxy provider, you should ask for brand new IP that as never been use for your need. You can look if they have been blacklisted ( http://whatismyipaddress.com/blacklist-check ) , if so , maybe you should consider try an other proxy provider. An other thing to look is that javascript is disable on the proxy, if JavaScript is allowed, attacks on web proxies are quite easy: a website may simply override the JavaScript methods that should actually protect the proxy from any attacks, with this attack all website can easly know if you are hidding behind a proxy and know your real ip. You can look on http://www.whatismyip.com/ to know if it detect you are behind a proxy.

    Now the browser data. A website can know a lot of informations about your computer :Your ip, your location(city) and your net provider, this will change if you using good proxy.
    There's a lot of thing a browser transmit to a website : Cookies, Authentication, Cache (E-Tags), HTTP session, Referer, Signature, User-Agent, SSL_session_id, Language, Content types, Encoding, Do-Not-Track, JavaScript, Plugins, Mime types, Tab name, Tab history, Local storage, Screen Resolution, Browser window, Browser bars, Browser type, System,Fonts. I'll not describe everything in this , but all the info about each of the tracking possibility can be found on http://ip-check.info/description.php .

    And one important thing that a lot of people forget , is the LSO ( flash cookies ). We have a thread that was talking about it and how to deactivated them ( http://www.blackhatworld.com/blackhat-seo/black-hat-seo/611826-flash-cookies.html) , you can use firefox Betterprivacy plugins to remove them or just delete them at the source (http://en.wikipedia.org/wiki/Local_shared_object).


    So if you are coding a bot or making things manually , you'll have to consider all of these things . When coding a browser-base bot, all element have to be taken into consideration , if you are coding a bot that use mechanize or somme sorth of progammatic browsing , the IP and the User agent are the one to be carefull with.

    If you want to test your browser and see what website can see about you : http://ip-check.info and you can download the JonDoFox to help get a bit more anonymous on the web : http://anonymous-proxy-servers.net/en/jondofox.html


    If you have any updates or questions, go for it . Thanks
     
    • Thanks Thanks x 3
    Last edited: Oct 7, 2013
  2. V

    V Elite Member

    Joined:
    May 18, 2012
    Messages:
    2,113
    Likes Received:
    2,543
    Occupation:
    Student
    Location:
    /tmp
    nice post OP, obviously i didn't knew ALL of it. thanks for the share ;)
     
  3. deathx01

    deathx01 Registered Member

    Joined:
    Oct 23, 2012
    Messages:
    91
    Likes Received:
    21
    Thanks , i think this is not a trendy subject :p , anyway maybe its going to help someone somewhere
     
  4. royserpa

    royserpa Jr. VIP Jr. VIP Premium Member

    Joined:
    Sep 28, 2011
    Messages:
    4,650
    Likes Received:
    3,494
    Gender:
    Male
    Occupation:
    Negative Options aka Rebills!
    Location:
    Royserpa
    Home Page:
    Basically:

    Cookies, Flash Cookies, Headers, IP, Location, ISP, etc etc.

    I really don't think it's possible to hide from being found but you can hide yourself temp. ;)
     
  5. AquaticGamer

    AquaticGamer Jr. VIP Jr. VIP

    Joined:
    Apr 13, 2013
    Messages:
    4,091
    Likes Received:
    1,519
    Gender:
    Male
    Location:
    http://www.AQSocials.com
    Home Page:
  6. HelpMyCompanyNow

    HelpMyCompanyNow Newbie

    Joined:
    Oct 9, 2013
    Messages:
    12
    Likes Received:
    1
    Well, I am having an issue with a particular review website, trying to post and it keeps filtering, I do not know how to fix this, can anyone help me out?
     
  7. Ixidor2016

    Ixidor2016 Newbie

    Joined:
    May 8, 2013
    Messages:
    18
    Likes Received:
    4
    Thanks for the info, very eye opening!
     
  8. deathx01

    deathx01 Registered Member

    Joined:
    Oct 23, 2012
    Messages:
    91
    Likes Received:
    21

    Your site is yelp ?
     
  9. deathx01

    deathx01 Registered Member

    Joined:
    Oct 23, 2012
    Messages:
    91
    Likes Received:
    21
    • Thanks Thanks x 1
  10. cnick79

    cnick79 Jr. VIP Jr. VIP

    Joined:
    Jun 10, 2010
    Messages:
    653
    Likes Received:
    341
    Location:
    Google's SandBox
    Fingerprinting uses many components but there are really only a few major pieces. There is no exact science to it, but more of an art. System fonts are a big factor in fingerprinting as well. The chances of all of us having the same fonts are small when mixed in with other variables.
     
  11. cnick79

    cnick79 Jr. VIP Jr. VIP

    Joined:
    Jun 10, 2010
    Messages:
    653
    Likes Received:
    341
    Location:
    Google's SandBox
    Depends on who you are hiding from. If somebody is not taking into account your IP address, then it won't matter which VPN or proxy you use.
     
  12. deathx01

    deathx01 Registered Member

    Joined:
    Oct 23, 2012
    Messages:
    91
    Likes Received:
    21
    • Thanks Thanks x 1
  13. deathx01

    deathx01 Registered Member

    Joined:
    Oct 23, 2012
    Messages:
    91
    Likes Received:
    21
  14. Tiddlywink19

    Tiddlywink19 Regular Member

    Joined:
    Oct 5, 2014
    Messages:
    425
    Likes Received:
    128
    Gender:
    Male
    Location:
    US
    Well this is the most "useless" guide of all time. Not only does everyone (most people) know all this stuff but your guide consisted of:

    "Here is a bunch of stuff that tracks you. Okay hide it. There ya go, great job. Hey, good luck."

    I would totally downvote this if it were an option , Lmao.
     
  15. deathx01

    deathx01 Registered Member

    Joined:
    Oct 23, 2012
    Messages:
    91
    Likes Received:
    21
    Did you ever build a crawling bot or scrapping bot , imo , ill say NO . all this is only for people that are programmer and face some security problem... we are not all hiding guru , and i let people knowing some info i would like to know when i began codding those type of project. You are not really respecfull and you can suck a bag of dick https://www.youtube.com/watch?v=sLNQxlQZfv4 :)
     
    Last edited: Dec 18, 2014