Security Warning (CSS Hack) - Page 2 - Torrent Invites! Get your free private torrent tracker invites !

Stellar · 10-09-2009, 01:09 AM

Thanks for the info, I disabled my browser history

airman · 10-09-2009, 01:20 AM

It's a vulnerability that checks your Browser History (not your cookies) through CSS. The gist of the hack is that CSS allows you to specify different responses/styles if a link has been visited or not - thus allowing the website to effectively query your browser history.

Any news on other trackers that are using this, or only x264 so far?

Stellar · 10-09-2009, 01:29 AM

This sucks, if I completely disable browser history a lot of /browse.php pages don't work (log me out or redirect to home). I'm hoping for security update for Opera :S

wtfmate · 10-09-2009, 01:55 AM

No disabling browse history will not log you out of anything steller and everything will function as normal. I've never ever kept browser history on FF.

redbanana · 10-09-2009, 02:21 AM

Thanks for the tip the chrome feature mentioned is awsome!

Stellar · 10-09-2009, 03:04 AM

@wtfmate
Do you want a video or something?
If I say it does to me, it means it does, I can't win anything out of it by lying

osx86 · 10-09-2009, 03:20 AM

Quote: Originally Posted by princest.zelda

If you are using mozilla:
First of all, open your history tabs, delete all with keyword torrent-invites.com.
Then install below plugin :
History Blocker
Add *.torrent-invites.com as your blacklist.

Sweet action, thanks for the tip. History Blocker works wonders.

Maksimir · 10-09-2009, 03:22 AM

Quote: Originally Posted by Stellar Cascade

@wtfmate
Do you want a video or something?
If I say it does to me, it means it does, I can't win anything out of it by lying

LOL... I get it too, though after I log back in everything is alright in both firefox (mac) and chrome (pc).

rHA2Or8z · 10-09-2009, 03:50 AM

Quote: Originally Posted by princest.zelda

Then install below plugin :
History Blocker
Add *.torrent-invites.com as your blacklist.

they want me to login before i can download it

seems like they're not much better than the guys i wanna fight with that

rHA2Or8z · 10-09-2009, 03:54 AM

Quote: Originally Posted by airman

Any news on other trackers that are using this, or only x264 so far?

what and gft but what is the #1 regarding spy things generally.


	Remember Me? Home Forum Donate Conquest Arcade IRC Open Trackers FAQ Members List Calendar	Search	Today's Posts	Mark Forums Read

LinkBacks (?) LinkBack to this Thread: http://www.torrent-invites.com/announcements-bittorrent-news/39723-security-warning-css-hack.html
Posted By	For	Type	Date
ha.ckers.org web application security lab	This thread	Refback	10-30-2009 08:14 AM
Webappsec ha.ckers.org web application security lab	This thread	Refback	10-26-2009 11:51 PM
Google Reader - ha.ckers.org web application security lab	This thread	Refback	10-25-2009 12:59 PM
Google Reader -	This thread	Refback	10-15-2009 05:41 AM
Google Reader -	This thread	Refback	10-13-2009 02:55 AM
ha.ckers.org web application security lab	This thread	Refback	10-13-2009 02:46 AM
DELPAI : [CSS History Hack] ë‚˜ëŠ” ë‹¹ì‹ ì´ ì–´ë–¤ ì‚¬ì´íŠ¸ì— ë°©ë¬¸í–ˆëŠ”ì§€ ì•Œê³ ìžˆë‹¤.	This thread	Refback	10-10-2009 01:23 PM
www.okc2600.com :: View topic - Stealing Browser History - New Metasploit Module	This thread	Refback	10-10-2009 09:13 AM
ha.ckers.org web application security lab	This thread	Refback	10-10-2009 06:20 AM
Du hast die falschen Freunde (sagt dein Browser) « partikelfernsteuerung	This thread	Pingback	10-09-2009 07:14 PM
CSS History Hack Used To Ban Torrent Users ha.ckers.org web application security lab	This thread	Refback	10-09-2009 11:15 AM

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

10-09-2009, 01:09 AM	#11 (permalink)
Stellar Stellar has no status. Join Date: May 2009 Posts: 642 iGiver: (61)	Thanks for the info, I disabled my browser history

10-09-2009, 01:20 AM	#12 (permalink)
airman airman has no status. The Exalted Join Date: Jul 2009 Posts: 313 iGiver: (9)	It's a vulnerability that checks your Browser History (not your cookies) through CSS. The gist of the hack is that CSS allows you to specify different responses/styles if a link has been visited or not - thus allowing the website to effectively query your browser history. Any news on other trackers that are using this, or only x264 so far?

10-09-2009, 01:29 AM	#13 (permalink)
Stellar Stellar has no status. Join Date: May 2009 Posts: 642 iGiver: (61)	This sucks, if I completely disable browser history a lot of /browse.php pages don't work (log me out or redirect to home). I'm hoping for security update for Opera :S

10-09-2009, 01:55 AM	#14 (permalink)
wtfmate wtfmate has no status. Join Date: Aug 2009 Location: cough Demonoid Posts: 226 iGiver: (22)	No disabling browse history will not log you out of anything steller and everything will function as normal. I've never ever kept browser history on FF.

10-09-2009, 02:21 AM	#15 (permalink)
redbanana redbanana has no status. Join Date: Sep 2009 Posts: 24 iGiver: (0)	Thanks for the tip the chrome feature mentioned is awsome!

10-09-2009, 03:04 AM	#16 (permalink)
Stellar Stellar has no status. Join Date: May 2009 Posts: 642 iGiver: (61)	@wtfmate Do you want a video or something? If I say it does to me, it means it does, I can't win anything out of it by lying

10-09-2009, 03:20 AM	#17 (permalink)
osx86 osx86 has no status. Join Date: Oct 2009 Posts: 32 iGiver: (0)	Quote: Originally Posted by princest.zelda If you are using mozilla: First of all, open your history tabs, delete all with keyword torrent-invites.com. Then install below plugin : History Blocker Add *.torrent-invites.com as your blacklist. Sweet action, thanks for the tip. History Blocker works wonders.

10-09-2009, 03:22 AM	#18 (permalink)
Maksimir Maksimir has no status. Join Date: Aug 2009 Posts: 286 iGiver: (27)	Quote: Originally Posted by Stellar Cascade @wtfmate Do you want a video or something? If I say it does to me, it means it does, I can't win anything out of it by lying LOL... I get it too, though after I log back in everything is alright in both firefox (mac) and chrome (pc).

10-09-2009, 03:50 AM	#19 (permalink)
rHA2Or8z rHA2Or8z has no status. Join Date: Sep 2009 Posts: 251 iGiver: (2)	Quote: Originally Posted by princest.zelda Then install below plugin : History Blocker Add *.torrent-invites.com as your blacklist. they want me to login before i can download it seems like they're not much better than the guys i wanna fight with that

10-09-2009, 03:54 AM	#20 (permalink)
rHA2Or8z rHA2Or8z has no status. Join Date: Sep 2009 Posts: 251 iGiver: (2)	Quote: Originally Posted by airman Any news on other trackers that are using this, or only x264 so far? what and gft but what is the #1 regarding spy things generally.

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)