Is It Possible To Fake A User Agent?

BlackBat

Registered Member
Jan 6, 2008
58
6
Is it possible to fake (or minimum blank) the user agent of the visitors browser (i.e. Z*a*n*g*0 Toolbar) and redirect it to your favorite destination URL while showing a new user agent (and drop the cookie)?

Some say yes and some are sure it can't be done.

If anyone knows any php script or examples that enables this, I'm sure many people would be interested besides me.
 
I'm sure that if it was possible it would have to be by exploiting some browser bug. Or really hacking the browser by exploiting a security hole in a plug-in like java, or some other hackish way.
 
I think you got the wrong idea about this. Because the user agent will never appear as Z*a*n*g*0 Toolbar. It will only appear as the browser that the visitor is using. For example internet explorer, firefox and Chrome.

So there's no point in trying to change the user-agent.
 
There is one way to do this for mozilla, but it could be considered pretty illegal.
There are ways to change the browser configuration of a user but it will require the user to confirm a security question.

So you could in theory:
javascript -> get browser grants to change useragent
-> if user pressed yes: change the agent and forward user to target site
-> if user pressed no: either keep asking or forward user to some other page

It works for firefox/mozilla browsers and I doubt people like that as the change is permanent.

Beside this: no way
 
So this leaves us with only one option...promoting networks that allow Zango.

Anyone knows any?

I know for sure that CJ.com and Azoogle don't allow it for sure.
 
This would be almost the same as spoofing (not blanking) a referrer, it's not really possible in this scenario.

Could do it with something like cURL, but not for what you want to do.
 
This is prolly what your looking for only for FireFox though, which people should use anyways.

Code:
https://addons.mozilla.org/en-US/firefox/addon/59

Hope that helps :)
 
I think you are 50% right.

It does appear like Mozilla/4.0 (compatible; MSIE 5.01; Windows 98; ZangoToolbar 4.8.2)

http://www.botsvsbrowsers.com/listings.asp?search=zango

I could hope that the word Zango doesn't appear but the price of just 'hoping' could be losing the CJ account...

Thanks for the info I didn't know that lol.

Anyway you could do it with cURL but than your ip's will all be the same. And that may cause some suspicion.

So if you are worried you could probably try out the smaller networks as they won't have that much resources to detect that your traffic is from zango. Or they won't bother to.
 
my understanding is that when u "redirect" you are actually RESPONDING back to the surfer's browser and you are telling it to visit another URL instead of the first URL that the browser hit.

this means you are telling the browser to "independently" go and visit another site/page everytime you redirect. u are merely suggesting to the browser that it shuould try another alternative site/page instead of the one it hit first time. with that said, we can therefore say the process of how the browser will identify itself to the new URL is probably out of your hands. it is totally in the hands of the surfer's browser how it will identify itself to the new URL.

Now what if you can pretend to be the surfer's browser or you become the intermediary and send requests to other sites "on behalf of the surfer's browser" ?

this brings us to the idea of a proxy server. if you can run a proxy server script on your site then you are going to somehow be able to fake/spoof the user agent (and many other things) since you will be making requests to the final destination URL "on behalf" of the surfer's browser. how does that sound ??
 
If you use a proxy or similar to change the useragent of a visitor.
Well why not just leave all that shit and create 100% artificial traffic ? ;)

There is no solution to this problem if you want real visitors.
 
Back
Top
AdBlock Detected

We get it, advertisements are annoying!

Sure, ad-blocking software does a great job at blocking ads, but it also blocks useful features and essential functions on BlackHatWorld and other forums. These functions are unrelated to ads, such as internal links and images. For the best site experience please disable your AdBlocker.

I've Disabled AdBlock