Jump to content

What Informartion Can a Website Get?

Taxonomy

By Taxonomy
in Spam/Off Topic

 Share

Recommended Posts

Botre Dragon Poster

Botre

Posted
Posted

Without an additional download:

  No.

  No.

  No.

 

You can use ActiveXObject objects in js and get the MAC and hardware info if the PC is using IE  (not sure about the other browsers), I've also read about WebGL exploits to get hardware info (primarily GPU stuff but I think the article also mentioned CPU info) and that API is cross-browser so...

 

Not sure if JavaScript scripts count as additional downloads either considering you can embed them in HTML files.

 

The web ain't all that safe :x

Link to comment
Share on other sites
Eliot Rune Poster

Eliot

Posted
Posted

You can use ActiveXObject objects in js and get the MAC and hardware info if the PC is using IE  (not sure about the other browsers), I've also read about WebGL exploits to get hardware info (primarily GPU stuff but I think the article also mentioned CPU info) and that API is cross-browser so...

 

Not sure if JavaScript scripts count as additional downloads either considering you can embed them in HTML files.

 

The web ain't all that safe :x

That only works in IE and probably requires user to allow plugin to run, if you figure out how to do it in a modern browser golf clap for you.

 

Just double checked, you can get some hardware info in some browsers, but not a complete picture afaik.

Link to comment
Share on other sites
Bobrocket Adamantite Poster

Bobrocket

Posted
Posted

Through use of various flash/java exploits you can get a lot of information. Been a long time since I looked into this stuff but I believe CVE-2014-0543 (not even sure if that's the right CVE) could grab hardware info since it could execute arbitrary code.

 

The standard information someone can get from visiting a website without exploits includes:

  • Whether or not you have JS enabled
  • Whether or not you have a form of adblock
  • Your IP
  • Your country and rough area (through your IP)
  • Your browser
  • Your OS
  • Your .NET version (some user agents submit this information, I believe only IE does this but no idea)
  • Whether or not you are using a transparent proxy
  • Your screen resolution and the resolution of your browser window
  • Your local time + timezone
  • Your referrer (the last site you visited)

Here's a little example of the sheer amount of information you can grab from your user agent string:

Mozilla/5.0 (Windows NT 6.1; WOW64; rv:39.0) Gecko/20100101 Firefox/39.0

-I am using Firefox, version 39.0

-I am using Windows 7 (NT 6.1)

-I am running a 32-bit browser on 64-bit architecture (WOW64)

-I use the Gecko CSS engine (default firefox engine)

-My Gecko engine is version "2010-01-01"

  • Like 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...