CGI-Browser-CGI qux.com foo.org geht.net bar.com . p.1/ ?? - - PowerPoint PPT Presentation

cgi browser cgi
SMART_READER_LITE
LIVE PREVIEW

CGI-Browser-CGI qux.com foo.org geht.net bar.com . p.1/ ?? - - PowerPoint PPT Presentation

Jun 11, 2023 178 likes •461 views

CGI-Browser-CGI qux.com foo.org geht.net bar.com . p.1/ ?? CGI-Browser-CGI qux.com foo.org /cgibin/img.pl /cgibin/img.pl geht.net bar.com /cgibin/img.pl /cgibin/img.pl . p.1/ ?? CGI-Browser-CGI qux.com foo.org

slide-1
SLIDE 1

CGI-Browser-CGI

qux.com geht.net foo.org bar.com

. – p.1/??

slide-2
SLIDE 2

CGI-Browser-CGI

/cgi−bin/img.pl

geht.net foo.org bar.com qux.com

/cgi−bin/img.pl /cgi−bin/img.pl /cgi−bin/img.pl

. – p.1/??

slide-3
SLIDE 3

CGI-Browser-CGI

img.gif

geht.net foo.org bar.com qux.com

/cgi−bin/img.pl /cgi−bin/img.pl /cgi−bin/img.pl /cgi−bin/img.pl img.gif img.gif img.gif

. – p.1/??

slide-4
SLIDE 4

CGI-Browser-CGI

http://harmless.org/index.html

geht.net foo.org bar.com qux.com

/cgi−bin/img.pl /cgi−bin/img.pl /cgi−bin/img.pl /cgi−bin/img.pl img.gif img.gif img.gif img.gif

. – p.1/??

slide-5
SLIDE 5

CGI-Browser-CGI

<img src="http://foo.org/cgi−bin/img.pl">

geht.net foo.org bar.com qux.com

/cgi−bin/img.pl /cgi−bin/img.pl /cgi−bin/img.pl /cgi−bin/img.pl img.gif img.gif img.gif img.gif http://harmless.org/index.html

. – p.1/??

slide-6
SLIDE 6

CGI-Browser-CGI

<img src="http://foo.org/cgi−bin/img.pl">

geht.net foo.org bar.com qux.com

/cgi−bin/img.pl /cgi−bin/img.pl /cgi−bin/img.pl /cgi−bin/img.pl img.gif img.gif img.gif img.gif http://harmless.org/index.html

. – p.1/??

slide-7
SLIDE 7

CGI-Browser-CGI

<img src="http://foo.org/cgi−bin/img.pl">

geht.net

spool

foo.org bar.com qux.com

/cgi−bin/img.pl /cgi−bin/img.pl /cgi−bin/img.pl /cgi−bin/img.pl img.gif img.gif img.gif http://harmless.org/index.html

. – p.1/??

slide-8
SLIDE 8

CGI-Browser-CGI

303 Location http://geht.net/cgi−bin/img.pl?id=aswHu3gw49hh4...

geht.net

spool

foo.org bar.com qux.com

/cgi−bin/img.pl /cgi−bin/img.pl /cgi−bin/img.pl /cgi−bin/img.pl img.gif img.gif img.gif http://harmless.org/index.html

<img src="http://foo.org/cgi−bin/img.pl">

. – p.1/??

slide-9
SLIDE 9

CGI-Browser-CGI

GET /cgi−bin/img.pl?id=aswHu3gw49hh4...

geht.net foo.org bar.com qux.com

/cgi−bin/img.pl /cgi−bin/img.pl /cgi−bin/img.pl /cgi−bin/img.pl img.gif img.gif img.gif http://harmless.org/index.html

. – p.1/??

slide-10
SLIDE 10

CGI-Browser-CGI

http://harmless.org/index.html

geht.net

spool

foo.org bar.com qux.com

/cgi−bin/img.pl /cgi−bin/img.pl /cgi−bin/img.pl /cgi−bin/img.pl img.gif img.gif img.gif

. – p.1/??

slide-11
SLIDE 11

CGI-Browser-CGI

....

geht.net foo.org bar.com qux.com

/cgi−bin/img.pl /cgi−bin/img.pl /cgi−bin/img.pl /cgi−bin/img.pl img.gif img.gif img.gif http://harmless.org/index.html

500 Content−Type: image/gif

. – p.1/??

slide-12
SLIDE 12

CGI-Browser-CGI

qux.com geht.net

http://some.com/index.html http://some.com/index.html http://some.com/index.html http://some.com/index.html

foo.org bar.com

. – p.1/??

slide-13
SLIDE 13

Same with Acks

cgi−bin/img.pl">

geht.net foo.org bar.com qux.com

http://some.com/index.html <frame src="http://foo.org/

. – p.2/??

slide-14
SLIDE 14

Same with Acks

303 Location http://geht.net/cgi−bin/img.pl?id=9gXe0pl1f...

geht.net foo.org bar.com qux.com

http://some.com/index.html <frame src="http://foo.org/ cgi−bin/img.pl">

. – p.2/??

slide-15
SLIDE 15

Same with Acks

GET /cgi−bin/img.pl?id=9gXe0pl1f...

geht.net foo.org bar.com qux.com

http://some.com/index.html <frame src="http://foo.org/ cgi−bin/img.pl"> . – p.2/??

slide-16
SLIDE 16

Same with Acks

cgi−bin/img.pl?ack=0xd34..">

geht.net foo.org bar.com qux.com

http://some.com/index.html <img src="http://foo.org/

. – p.2/??

slide-17
SLIDE 17

Same with Acks

GET /cgi−bin/img.pl?ack=0xd34...

geht.net foo.org bar.com qux.com

http://some.com/index.html <img src="http://foo.org/ cgi−bin/img.pl?ack=0xd34..">

. – p.2/??

slide-18
SLIDE 18

Same with Acks

...

geht.net foo.org bar.com qux.com

http://some.com/index.html <img src="http://foo.org/ cgi−bin/img.pl?ack=0xd34.."> 500 Content−Type: image/gif . – p.2/??

slide-19
SLIDE 19

Other ways

  • Cookies with Domain= .something.tld

(Broadcast)

. – p.3/??

slide-20
SLIDE 20

Other ways

  • Cookies with Domain= .something.tld

(Broadcast)

  • Javascript:

. – p.3/??

slide-21
SLIDE 21

Other ways

  • Cookies with Domain= .something.tld

(Broadcast)

  • Javascript:
  • submit prepared FORMs OnLoad

. – p.3/??

slide-22
SLIDE 22

Other ways

  • Cookies with Domain= .something.tld

(Broadcast)

  • Javascript:
  • submit prepared FORMs OnLoad
  • Talking Frames ?

. – p.3/??

slide-23
SLIDE 23

End Points

  • Have the receiver parse the HTML with a

script.

. – p.4/??

slide-24
SLIDE 24

End Points

  • Have the receiver parse the HTML with a

script.

  • Steganography, but: Where on the Web are

images unique per request with sufficient entropy?

. – p.4/??

slide-25
SLIDE 25

End Points

  • Have the receiver parse the HTML with a

script.

  • Steganography, but: Where on the Web are

images unique per request with sufficient entropy?

  • . – p.4/??
slide-26
SLIDE 26

Properties

  • Hapless browsers transport the data,

indistinguishable from users of the PET

. – p.5/??

slide-27
SLIDE 27

Properties

  • Hapless browsers transport the data,

indistinguishable from users of the PET

  • Established protocol (Firewalls, NAT,..)

. – p.5/??

slide-28
SLIDE 28

Properties

  • Hapless browsers transport the data,

indistinguishable from users of the PET

  • Established protocol (Firewalls, NAT,..)
  • Anonymity set depends on popularity of web

pages

. – p.5/??