|
-
Jan 31st, 2002, 12:21 PM
#1
Thread Starter
Member
Using a .gif extention for a file with javascripts in it.
here's an odd post... I was building a tracking system to track hits to a website and was looking at another company's tracker to get some insite. What I discoverd was very odd.
The way they work is they give users a javascript code to paste into their page. This code gets the info from the viewer (browser, screen size, etc) and document writes an image link to an image on thier server, but heres the odd part... the image link has a query string on the image name with the info it received from the user's system. ie:
document.write = '<img src="www.server.com/fake.gif?sres=' + sres + '&browser=' +brow + ' " height="1" width="1">
like that (but formatted correctly...im just throwing it out there to give an idea. I built a page with nothing but a javascript alert and then renamed it .gif and it will exicute the javascript, but my test concluded that the trick will not work on asp. I did however make a javescript redirect to an asp page and named it .gif and that worked.
My main question is how are they adding the info from the query string into the database (the user never sees anything)...
sorry if i am unclear but i was interuppted in the middle of this post and hope i covered it all . also, is this an old trick i have never heard of?
thanks in advance,
Michael
-
Jan 31st, 2002, 12:53 PM
#2
Addicted Member
I think what's happening is:
1. The victim's browser gathers whatever information it can.
2. The information is encapsulated as an img request as you have
shown.
3. When the page is finally opened, the victims browser opens all the images as well. Each image on a page generates its own Get request to the server.
4. The actual gathering of the information, then, is performed by looking at the server logs because the server logs can often show not only what was requested, but all of the arguments that make that request. Essential you can get the whole URL.
In other words, images are used because each image on a page *automatically* generates it's own get request that shows up on the server's logs. No other aspect of web browsing will generate automatic requests like images do.
cudabean
-
Jan 31st, 2002, 12:58 PM
#3
Thread Starter
Member
so I could only duplicate this process if I had access to the servers logs?
thanks
michael
-
Jan 31st, 2002, 01:51 PM
#4
Black Cat
There's no reason a CGI script cannot output an image and write to a log file. Take a look at those old image-based hit counters.
Josh
Get these: Mozilla Opera OpenBSD
I have books for sale: "MCSD in a Nutshell" and "VB Distributed Exam Cram" - PM me for details. Will also trade for a decent ATX Pentium 2 MB/CPU/RAM combo.
-
Jan 31st, 2002, 02:06 PM
#5
Thread Starter
Member
thats pretty much what this is (i guess), an old image based hit counter. So would this have to be cgi or is it doable w/javascript &/or asp.
thanks
michael
-
Jan 31st, 2002, 02:17 PM
#6
Addicted Member
It can't be done with javascript alone.
You can easily check to see if it will work with ASP:
Test.html
Code:
<html>
<title>test</title>
<body>
<img src="/myimage.asp?arg1=x&arg2=y&arg3=z">
</body>
</html>
Then write myimage.asp so that it gets the values of arg1, arg2 and arg3 and does whatever with them.
Note: in order for myimage.asp to be seamless, it will need to return a fake gif image. Otherwise you'll get an ugly red X when the browser doesn't get it's image it was promised.
cudabean
-
Jan 31st, 2002, 02:29 PM
#7
Thread Starter
Member
per the first post, i tried that already with negitive results. Here is a more detaled descript of what I tried.
1) I set up a table with a single field. [fldTest]
2) I created test.asp which will write "did it" to fldTest... going to it directly worked.
3) I created test.gif and in it I put nothing but the bare html tags and a javascript window.location.reload('test.asp'). I went to it directly, it redirected and therefor added the did it to the fld
4) then I created a test.html page that called the gif via
<img src="test.gif" width="1" height="1"> (which keeps user from getting the red x)
when I pulled up the test.html I get nothing... well, i get the fake image cos I tried resetting the size so I could see the red x and it is there but no records are added.
thanks
michael
-
Jan 31st, 2002, 03:02 PM
#8
Black Cat
In a Perl Script:
Code:
print "Location: image.gif\n\n";
In ASP
Code:
Response.Redirect ("image.gif")
Is a quick way to redirect a script to an image. Just make sure you get the location of the actual image file right, and not send any more data out to the browser. Then your script can process away at the log.
Josh
Get these: Mozilla Opera OpenBSD
I have books for sale: "MCSD in a Nutshell" and "VB Distributed Exam Cram" - PM me for details. Will also trade for a decent ATX Pentium 2 MB/CPU/RAM combo.
-
Jan 31st, 2002, 03:05 PM
#9
Thread Starter
Member
pardon my ignorance, but where would i need that?
michael
-
Jan 31st, 2002, 03:27 PM
#10
Black Cat
You'd need it in the script that acts as the image:
<img src="script.asp?x=7&y=23" ...>
Then put the code in script.asp, if you're using ASP. What this does it tell the browser to get the script for the image - but the script does its thing and tells the browser the image is actually in another location (the real image).
(Or you could possibly have the script open the image as a binary file and start sending the data directly to the browser, but that's a little more complicated.)
Josh
Get these: Mozilla Opera OpenBSD
I have books for sale: "MCSD in a Nutshell" and "VB Distributed Exam Cram" - PM me for details. Will also trade for a decent ATX Pentium 2 MB/CPU/RAM combo.
-
Jan 31st, 2002, 04:13 PM
#11
Thread Starter
Member
sounds good... i'll give that a try tonight.
Michael
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|