Skip to content

Instantly share code, notes, and snippets.

@mvberg

mvberg/ChromeSsoTelemetry.md

Last active October 19, 2017 01:11
Show Gist options
  • Save mvberg/319324f8f3123207851036892585a4a1 to your computer and use it in GitHub Desktop.
Save mvberg/319324f8f3123207851036892585a4a1 to your computer and use it in GitHub Desktop.
Download ZIP
Microsoft Telemetry recursion on Chrome on Windows 10 (SSO?)
Raw
ChromeSsoTelemetry.md

Microsoft SSO Telemetry Recursion in Chrome

https://twitter.com/mikethefuture/status/920668087229341696

A series of never ending request that generate ~11 megabytes per minute on https://support.microsoft.com/en-us

  • windows 10 + chrome
  • does not happen on win 7 or ios
  • extensions do not matter
  • incognito has same problem
  • clearing cookies has no effect

https://gyazo.com/8f6c53930497056d9d82a8006c5e5903

Request 1

curl 'https://login.microsoftonline.com/common/login/telemetry?client-request-id=21269cd6-8b43-4c1c-b86e-c57c9368a2fc' -H 'Pragma: no-cache' -H 'Origin: https://login.microsoftonline.com' -H 'Accept-Encoding: gzip, deflate, br' -H 'Accept-Language: en-US,en;q=0.9' -H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.62 Safari/537.36' -H 'Content-Type: application/x-www-form-urlencoded; charset=UTF-8' -H 'Accept: */*' -H 'Cache-Control: no-cache' -H 'X-Requested-With: XMLHttpRequest' -H 'Connection: keep-alive' -H 'Referer: https://login.microsoftonline.com/common/oauth2/authorize?response_type=id_token&client_id=fdf9885b-dd37-42bf-82e5-c3129ef5a302&redirect_uri=https%3A%2F%2Fsupport.microsoft.com%2Fsilentauth&state=0a091c94-6ac8-4f31-8f9f-79d337a971dd%7Cfdf9885b-dd37-42bf-82e5-c3129ef5a302&client-request-id=21269cd6-8b43-4c1c-b86e-c57c9368a2fc&x-client-SKU=Js&x-client-Ver=1.0.11&prompt=none&nonce=2e3b713f-7ecb-4f68-bc0e-1ff8b0677b1f' -H 'DNT: 1' --data '{"nonce":"AQABAAEAAABHh4kmS_aKT5XrjzxRAtHzwG9tHk4ZbqCCG1w98717zpE9eBkpXAcieMPoFy28HORtbySevKZd20vUiQjBtTdPxzsNxPQeVTFGVoHexYPxwWza3dV02ObF4yV5ayxhNd4gAA","type":"ChromeSsoTelemetry","traces":["Creating provider","Error: NoExtension: Extension is not installed."],"data":"result=end;"}' --compressed

Response

<!DOCTYPE HTML PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr"
      lang="en"
      xml:lang="en">
<head>
    <title>Redirecting...</title>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" />
    <meta http-equiv="Pragma" content="no-cache" />
    <meta http-equiv="Expires" content="-1" />
    <meta http-equiv="X-UA-Compatible" content="IE=edge" />
    <meta name="PageID" content="redirect.2.0" />
    <meta name="ReqLC" content="1033" />
    <meta name="LocLC" content="1033" />
    <meta name="mswebdialog-newwindowurl" content="*"/>
    
    <meta name="robots" content="noindex, nofollow" />

<script type="text/javascript">//<![CDATA[
$Config={
	"scid": 1013,
	"hpgact": 1800,
	"hpgid": 2,
	"apiCanary": "AQABAAAAAABHh4kmS_aKT5XrjzxRAtHzRoTKptJYcf7eDeEEJZv43eGUasx386iZGSLx1Xz4pmEcbKJ3nR3MkGgFGWg0Rp3JDwMCcwKfxBc6JX75lrD_bp9MVvdO60cZrxc6dLA2tVj6RYi0QpUPidSQrhzzhd8NoVdkXKfvV9UNlx6skH_GMUN7vsjhxYK42pz97JXyzzON870jAYOdyQpYaebbcT86WteGGQgtIPOmV33iAPbeLCAA",
	"canary": "Ym2eHJQJdtXfaWajPlO8WgeZkGcM1+OxiwJp1UlP438=6:1",
	"correlationId": "a1e88a19-b51a-4697-b17b-b0165449bc26",
	"locale": {
		"mkt": "en-US",
		"lcid": 1033
	},
	"slMaxRetry": 2,
	"slReportFailure": true,
	"strings": {
		"desktopsso": {
			"authenticatingmessage": "Trying to sign you in"
		},
		"mfa": {
			"setitupnow": "Set it up now"
		}
	},
	"enums": {
		"ClientMetricsModes": {
			"None": 0,
			"SubmitOnPost": 1,
			"SubmitOnRedirect": 2,
			"InstrumentPlt": 4
		}
	},
	"urls": {
		"instr": {
			"pageload": "https://login.microsoftonline.com/common/instrumentation/reportpageload",
			"dssostatus": "https://login.microsoftonline.com/common/instrumentation/dssostatus"
		}
	},
	"browser": {
		"ltr": 1,
		"Chrome": 1,
		"_Win": 1,
		"_M62": 1,
		"_D0": 1,
		"Full": 1,
		"Win81": 1,
		"RE_WebKit": 1,
		"b": {
			"name": "Chrome",
			"major": 62,
			"minor": 0
		},
		"os": {
			"name": "Windows",
			"version": "10.0"
		},
		"V": "62.0"
	},
	"watson": {
		"url": "/common/handlers/watson",
		"bundle": "https://secure.aadcdn.microsoftonline-p.com/ests/2.1.6741.13/content/cdnbundles/watson.min.js",
		"sbundle": "https://secure.aadcdn.microsoftonline-p.com/ests/2.1.6741.13/content/cdnbundles/watsonsupport.min.js",
		"fbundle": "https://secure.aadcdn.microsoftonline-p.com/ests/2.1.6741.13/content/cdnbundles/frameworksupport.min.js",
		"resetErrorPeriod": 5,
		"maxCorsErrors": 2,
		"maxInjectErrors": 5,
		"maxErrors": 10,
		"maxTotalErrors": 100,
		"expSrcs": ["https://secure.aadcdn.microsoftonline-p.com/ests/", "https://login.microsoftonline.com", ".login.microsoftonline.com"],
		"envErrorRedirect": true,
		"envErrorUrl": "/common/handlers/enverror"
	},
	"serverDetails": {
		"slc": "ProXXXXes",
		"dc": "CHI",
		"ri": "ESTXXXX_211",
		"ver": {
			"v": [2, 1, 6741, 13]
		},
		"rt": "2017-10-19T00:18:36",
		"et": 24
	},
	"country": "US",
	"bsso": {
		"states": {
			"START": "start",
			"INPROGRESS": "in-progress",
			"END": "end",
			"END_SSO": "end-sso",
			"END_USERS": "end-users"
		},
		"nonce": "AQABAAAAAABHh4kmS_aKT5XrjzxRAtHz1_sApopt3dGDYnxyAIkXyz888cdFstkTSdU7s5BsnrWnHZhcToyaWsWEJYKxFSsynhFcfnIONfIUGxJedIARxCAA",
		"reloadOnFailure": true,
		"telemetry": {
			"url": "https://login.microsoftonline.com/common/login/telemetry",
			"type": "ChromeSsoTelemetry",
			"nonce": "AQABAAEAAABHh4kmS_aKT5XrjzxRAtHz2px6lIwt72m--ljWvPeq6unnsOi21PBs9YP2q6TyqQBIa1-96d-9AY6uNdOHO-UjZue_6Xfivaa3SNlfBAYvyyYrnZ8jikckha8T9-ZNS40gAA",
			"reportStates": ["end", "end-sso"]
		},
		"redirectEndStates": ["end"],
		"cookieNames": {
			"aadSso": "AADSSO",
			"winSso": "ESTSSSO",
			"ssoTiles": "ESTSSSOTILES",
			"ssoPulled": "SSOCOOKIEPULLED",
			"userList": "ESTSUSERLIST"
		},
		"enabled": true,
		"type": "chrome",
		"reason": "Pull is needed"
	}
};//]]></script> 
<script type="text/javascript">//<![CDATA[
--OMITTED--
//]]></script> 
 
<script crossorigin="anonymous" src="https://secure.aadcdn.microsoftonline-p.com/ests/2.1.6741.13/content/cdnbundles/jquery.1.11.min.js" onerror='$Loader.On(this,true)' onload='$Loader.On(this)'></script>
<script crossorigin="anonymous" src="https://secure.aadcdn.microsoftonline-p.com/ests/2.1.6741.13/content/cdnbundles/aad.login.min.js" onerror='$Loader.On(this,true)' onload='$Loader.On(this)'></script>
    
</head>

<body style="display: none">
</body>
</html>

Request 2

curl 'https://login.microsoftonline.com/common/login/telemetry?client-request-id=21269cd6-8b43-4c1c-b86e-c57c9368a2fc' -H 'Pragma: no-cache' -H 'Origin: https://login.microsoftonline.com' -H 'Accept-Encoding: gzip, deflate, br' -H 'Accept-Language: en-US,en;q=0.9' -H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.62 Safari/537.36' -H 'Content-Type: application/x-www-form-urlencoded; charset=UTF-8' -H 'Accept: */*' -H 'Cache-Control: no-cache' -H 'X-Requested-With: XMLHttpRequest' -H 'Connection: keep-alive' -H 'Referer: https://login.microsoftonline.com/common/oauth2/authorize?response_type=id_token&client_id=fdf9885b-dd37-42bf-82e5-c3129ef5a302&redirect_uri=https%3A%2F%2Fsupport.microsoft.com%2Fsilentauth&state=0a091c94-6ac8-4f31-8f9f-79d337a971dd%7Cfdf9885b-dd37-42bf-82e5-c3129ef5a302&client-request-id=21269cd6-8b43-4c1c-b86e-c57c9368a2fc&x-client-SKU=Js&x-client-Ver=1.0.11&prompt=none&nonce=2e3b713f-7ecb-4f68-bc0e-1ff8b0677b1f' -H 'DNT: 1' --data '{"nonce":"AQABAAEAAABHh4kmS_aKT5XrjzxRAtHzwG9tHk4ZbqCCG1w98717zpE9eBkpXAcieMPoFy28HORtbySevKZd20vUiQjBtTdPxzsNxPQeVTFGVoHexYPxwWza3dV02ObF4yV5ayxhNd4gAA","type":"ChromeSsoTelemetry","traces":["SSO cookie detected. Refreshing page."],"data":"result=end-sso;"}' --compressed

Request Body

{
	"nonce": "AQABAAEAAABHh4kmS_aKT5XrjzxRAtHzwG9tHk4ZbqCCG1w98717zpE9eBkpXAcieMPoFy28HORtbySevKZd20vUiQjBtTdPxzsNxPQeVTFGVoHexYPxwWza3dV02ObF4yV5ayxhNd4gAA",
	"type": "ChromeSsoTelemetry",
	"traces": ["Creating provider", "Error: NoExtension: Extension is not installed."],
	"data": "result:end;"
}

Request 3

curl 'https://login.microsoftonline.com/common/oauth2/authorize?response_type=id_token&client_id=fdf9885b-dd37-42bf-82e5-c3129ef5a302&redirect_uri=https%3A%2F%2Fsupport.microsoft.com%2Fsilentauth&state=0a091c94-6ac8-4f31-8f9f-79d337a971dd%7Cfdf9885b-dd37-42bf-82e5-c3129ef5a302&client-request-id=21269cd6-8b43-4c1c-b86e-c57c9368a2fc&x-client-SKU=Js&x-client-Ver=1.0.11&prompt=none&nonce=2e3b713f-7ecb-4f68-bc0e-1ff8b0677b1f' -H 'Pragma: no-cache' -H 'DNT: 1' -H 'Accept-Encoding: gzip, deflate, br' -H 'Accept-Language: en-US,en;q=0.9' -H 'Upgrade-Insecure-Requests: 1' -H 'User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.62 Safari/537.36' -H 'Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8' -H 'Cache-Control: no-cache' -H 'Referer: https://login.microsoftonline.com/common/oauth2/authorize?response_type=id_token&client_id=fdf9885b-dd37-42bf-82e5-c3129ef5a302&redirect_uri=https%3A%2F%2Fsupport.microsoft.com%2Fsilentauth&state=0a091c94-6ac8-4f31-8f9f-79d337a971dd%7Cfdf9885b-dd37-42bf-82e5-c3129ef5a302&client-request-id=21269cd6-8b43-4c1c-b86e-c57c9368a2fc&x-client-SKU=Js&x-client-Ver=1.0.11&prompt=none&nonce=2e3b713f-7ecb-4f68-bc0e-1ff8b0677b1f' -H 'Connection: keep-alive' --compressed

Request Body

{
	"nonce": "AQABAAEAAABHh4kmS_aKT5XrjzxRAtHzwG9tHk4ZbqCCG1w98717zpE9eBkpXAcieMPoFy28HORtbySevKZd20vUiQjBtTdPxzsNxPQeVTFGVoHexYPxwWza3dV02ObF4yV5ayxhNd4gAA",
	"type": "ChromeSsoTelemetry",
	"traces": ["SSO cookie detected. Refreshing page."],
	"data": "result:end-sso;"
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment