Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Faking referers


  • Please log in to reply
10 replies to this topic

#1 HuckerJ

HuckerJ

  • Members
  • 189 posts
  • OFFLINE
  •  
  • Location:East Tennessee
  • Local time:12:56 PM

Posted 11 May 2004 - 05:34 PM

Is it possible to fake referers so that the site can't pull an if(document.referer != ........) on me? I was thinking something like www.site.com/$referer=correctreferer Is this possible?
There are 10 kinds of people. Those who understand binary notation, and those who do not.
Posted Image - It plays, it streams, it kills WiMPs!!

BC AdBot (Login to Remove)

 


#2 raw

raw

    Bleeping Hacker


  • Members
  • 2,577 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Texas
  • Local time:11:56 AM

Posted 11 May 2004 - 08:57 PM

Unless you use an add on program like "proxomitron" the only way I know is with telnet:
telnet www.target.com 80 (press enter)
GET /index.html HTTP/1.0 (press enter)
Referer: http://www.fake-referer.com (press enter twice)

Of course my way isn't point and click fancy it just gets around basic authentication,for a permanent solution do a search for "proxomitron" Besides referer it will also fake User_Agent, cookies (yes create your own cookies) java script detection, background and image blocking, and lots more.

rawsig.png

 rawcreations.net          @raw_creations


Current systems: WHAT OS, BackTrack-raw, PCLinuxOS, Peppermint OS 6, Kali Linux

and a custom Linux From Scratch server hosting a bunch of top secret stuff.


#3 HuckerJ

HuckerJ
  • Topic Starter

  • Members
  • 189 posts
  • OFFLINE
  •  
  • Location:East Tennessee
  • Local time:12:56 PM

Posted 12 May 2004 - 06:20 AM

Thanks, but I can get around that online using proxify which, will also remove referrers. http://proxify.com/p/011110A/http/www.site.com
has an option to remove referers. I'd like to have something on the page that will do this so anyone can use it.

Right now, I changed the referer by redirection from a different page
There are 10 kinds of people. Those who understand binary notation, and those who do not.
Posted Image - It plays, it streams, it kills WiMPs!!

#4 HuckerJ

HuckerJ
  • Topic Starter

  • Members
  • 189 posts
  • OFFLINE
  •  
  • Location:East Tennessee
  • Local time:12:56 PM

Posted 12 May 2004 - 07:10 AM

I got another idea. Is it possible to, on the framed page, add a

<script>parent.frame_content.referer = "http://www.faked_referer.com"</script>

would something like this work?
There are 10 kinds of people. Those who understand binary notation, and those who do not.
Posted Image - It plays, it streams, it kills WiMPs!!

#5 Guest_Plimsol_*

Guest_Plimsol_*

  • Guests
  • OFFLINE
  •  

Posted 16 May 2004 - 10:54 PM

From what I understand there is no way to change the properties of the referrer variable.

What exactly are you trying to do?

#6 HuckerJ

HuckerJ
  • Topic Starter

  • Members
  • 189 posts
  • OFFLINE
  •  
  • Location:East Tennessee

Posted 17 May 2004 - 05:53 AM

Here's what I'm trying to do:
There is this one site that I want to put in a .tk address frame. The webmaster has blocked referers containing ".tk"
There are 10 kinds of people. Those who understand binary notation, and those who do not.
Posted Image - It plays, it streams, it kills WiMPs!!

#7 Guest_Plimsol_*

Guest_Plimsol_*

  • Guests
  • OFFLINE
  •  

Posted 17 May 2004 - 03:11 PM

I dont think there is going to be much you can do on this one.

Any idea why they blocked .tk referrers ?

#8 HuckerJ

HuckerJ
  • Topic Starter

  • Members
  • 189 posts
  • OFFLINE
  •  
  • Location:East Tennessee
  • Local time:12:56 PM

Posted 17 May 2004 - 07:49 PM

I'm not sure. My guess is that the webmaster looked at the web stats and just decided to block me. Does anyone know of an IRC channel that might have people in it that could help me?
There are 10 kinds of people. Those who understand binary notation, and those who do not.
Posted Image - It plays, it streams, it kills WiMPs!!

#9 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,679 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:USA

Posted 17 May 2004 - 08:54 PM

Go to #php, #java, #html, or #javascript. Those are your best choices

#10 sardonyx

sardonyx

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:12:56 PM

Posted 17 June 2004 - 10:54 PM

maybe you can just change your ip address and that's it.

#11 Guest_brunt_*

Guest_brunt_*

  • Guests
  • OFFLINE
  •  

Posted 22 July 2004 - 07:10 PM

Not that easy to change ip addy, have to call your isp and have them change it I have 3 ip addy's though but thats just one for each computer. Try this

Go to start, hit the run and in there type command once in there type
ipconfig... enter
ipconfig/all...enter
ipconfig/release....enter
ipconfig/renew...enter. See fi that can update anything for you. Somtimes youll get lucky




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users