Skip to content

Instantly share code, notes, and snippets.

@gunesacar
gunesacar / OnAudience_behavioral_engine.diff
Created Jun 4, 2020
OnAudience script archived by the Wayback Machine on 28 Dec '17 and 3 Jan '18. The script was updated immediately following our publication: https://freedom-to-tinker.com/2017/12/27/no-boundaries-for-user-identities-web-trackers-exploit-browser-login-managers. (Sources were beautified before the comparison.)
View OnAudience_behavioral_engine.diff
@@ -471,7 +471,7 @@
return t.toLowerCase()
};
if (typeof BUtilities === 'undefined') BUtilities = {
- serverPath: '//web.archive.org/web/20171228075028/http://api.behavioralengine.com/',
+ serverPath: '//web.archive.org/web/20180103014626/http://api.behavioralengine.com/',
getCookie: function(cookieName) {
var i, name, value, cookies = document.cookie.split(';');
for (var i = 0; i < cookies.length; i++) {
@@ -895,8 +895,8 @@
@gunesacar
gunesacar / BE_sites_with_FB_likes.csv
Created Oct 7, 2019
.be sites with FB Like button as of 1 Sep 2019.Limited to home pages of sites in the HTTP Archive corpus (~4.3M sites, https://httparchive.org/faq#how-does-the-http-archive-decide-which-urls-to-test). Ranks from Tranco list as of 1 Sep 2019 (https://tranco-list.eu/)
View BE_sites_with_FB_likes.csv
Tranco Rank Domain Site URL
4081 telenet.be http://speedtest.telenet.be
22730 sudinfo.be http://aiseau-presles.blogs.sudinfo.be
22730 sudinfo.be http://ath.blogs.sudinfo.be
22730 sudinfo.be http://aubel.blogs.sudinfo.be
22730 sudinfo.be http://bassenge.blogs.sudinfo.be
22730 sudinfo.be http://charleroi.blogs.sudinfo.be
22730 sudinfo.be http://ciney.blogs.sudinfo.be
22730 sudinfo.be http://dalhem.blogs.sudinfo.be
22730 sudinfo.be http://esneux.blogs.sudinfo.be
@gunesacar
gunesacar / print_cookies.py
Created Feb 6, 2018
Load a URL and print the cookies with Tor Browser Driver
View print_cookies.py
from argparse import ArgumentParser
from tbselenium.tbdriver import TorBrowserDriver
def print_cookies(tbb_dir, url):
with TorBrowserDriver(tbb_dir) as driver:
driver.load_url(url)
print "Finished loading", url
print "Cookies:", driver.execute_script("return document.cookie;")
View session_replay_urls.md

Script URL substrings used to detect the embeddings from the companies offering session replay services

  • mc.yandex.ru/metrika/watch.js
  • mc.yandex.ru/metrika/tag.js
  • mc.yandex.ru/webvisor/
  • fullstory.com/s/fs.js
  • d2oh4tlt9mrke9.cloudfront.net/Record/js/sessioncam.recorder.js
  • ws.sessioncam.com/Record/record.asmx
  • userreplay.net
  • script.hotjar.com
@gunesacar
gunesacar / tbselenium_usage.py
Last active Oct 28, 2017
tbselenium basic usage
View tbselenium_usage.py
from tbselenium.tbdriver import TorBrowserDriver
TBB_PATH = "/path/to/tbb/7.0.8/tor-browser_en-US/"
def main():
with TorBrowserDriver(TBB_PATH) as driver:
driver.get('https://check.torproject.org')
if __name__ == '__main__':
View py2to3.patch
--- ./demo.py (original)
+++ ./demo.py (refactored)
@@ -1,4 +1,4 @@
-from automation import TaskManager, CommandSequence
+from .automation import TaskManager, CommandSequence
# The list of sites that we wish to crawl
NUM_BROWSERS = 3
@@ -10,7 +10,7 @@
manager_params, browser_params = TaskManager.load_default_params(NUM_BROWSERS)
View page_with_frame_ls_3sec.html
<!doctype html>
<html>
<head>
<title>localStorage example - 3rd party frame</title>
</head>
<body>
<p>Test if we can detect localStorage set by a third-party frame</p>
<iframe src="https://gistcdn.githack.com/gunesacar/b66fd9b4f0ac0548e70c8b5442ec9437/raw/312dac2ba95d7b3f48afc6f51edaba4d8c219546/frame_ls_after_3sec.html"></iframe>
</body>
</html>
View frame_ls_after_3sec.html
<!doctype html>
<html>
<head>
<title>localStorage example</title>
<script type="application/javascript">
function set_ls() {
setTimeout(function(){ localStorage['frameId'] = 'ABCDEF0123456789'; }, 3000);
}
</script>
</head>
View frame_ls.html
<!doctype html>
<html>
<head>
<title>localStorage example - 3rd party frame</title>
</head>
<body>
<p>Test if we can detect localStorage set by a third-party frame</p>
<iframe src="https://gistcdn.githack.com/gunesacar/3b7e1a58252a0fed29e3d509964ef099/raw/dc4831bb865dc3c5980115f24666e5bd40befb4e/frame_ls.html"></iframe>
</body>
</html>
View frame_ls.html
<!doctype html>
<html>
<head>
<title>localStorage example</title>
<script src="https://gistcdn.githack.com/gunesacar/07098e29bdbcdb3ffe40/raw/eacd6885c9f10ccd97ce4ea425408f341409d3ee/gistfile1.js"></script>
</head>
<body>
</body>
</html>
You can’t perform that action at this time.