LD SoftwareBespoke Software, Web Design, Security Consultants and Host Services.

Menu

Sentinel
You have been warned!
We have caught 5848 shameful hackers.

NukeSentinel(tm)

Paypal Referral
Sign up for PayPal and start accepting credit card payments instantly.

Link Exchange
Join our free link exchange

Click Here
 
Referer spoofing

Web Design & Development Guide

Referer spoofing

Home | Up


In computer security, referer spoofing or ref tar spoofing is the sending of incorrect referer information along with an HTTP request, with the aim of gaining unauthorized access to a web site.

Application

Some subscription sites, especially many pornographic paysites, utilize referer information to secure their materials: only browsers arriving from a small set of approved (login-) pages are given access; this facilitates the sharing of materials among a group of cooperating paysites. If attackers acquire knowledge of these approved referers (which is often trivial because many sites follow a common template), they can then gain free access to the materials.

Tools

Several software tools exist to facilitate referrer spoofing:

  • Proxomitron offeres the capability of referrer spoofing at http://proxomitron.info
  • Here is an open source project at http://livehttpheaders.mozdev.org/ where there is a feature called "replay headers".
  • The Mozilla Firefox extension refspoof allows to use a custom referer URL for any site one visits, and provides a mechanism to manage a bookmark list of such referer/site pairs.
  • A similar Mozilla Firefox extension is spooFXplorer (not compatible with the most recent version of Firefox).
  • QuickSpoof and Spooph provide the same functionality for the Internet Explorer browser.
  • SuperMegaSpoof is a Windows application that supports both browsers and allows users to exchange and rate referer spoofs; it displays advertisements while it is running.
  • SpoofForge is similar to SuperMegaSpoof with the exception that spoofs are displayed on a web site, and so there is no software to install.

External links


Home | Up | Browser exploit | Cross-site cooking | Cross-site request forgery | Cross-site scripting | Cross-zone scripting | Directory traversal | Evil twin (wireless networks) | HTTP response splitting | IDN homograph attack | Referer spoofing | Session fixation | Session poisoning | Website spoofing

Web Design & Development Guide, made by MultiMedia | Websites for sale

This guide is licensed under the GNU Free Documentation License. It uses material from the Wikipedia.

 

Text Ads
There isn't content right now for this block.

Community Login
Welcome,
Anonymous

Nickname
Password
   

People Online:
Visitors: 27
Members: 1
Total: 28

Online Now:
01 : Monty

Like my code
Then please make a donation.

Which help me produce more free code.


Paypal Verified

Information

Powered by PHP-Nuke

Valid CSS!


Valid Robots.txt

Bad Behavior

[Valid RSS]

[Valid RSS]
You can syndicate our News with backend.php And our Forums with rss.php
You can also access our feeds via Feedburner Site News and LD Software Forums
© 2009 ld-software.co.uk All Rights Reserved.
PHP-Nuke Copyright © 2005 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.
Page Generation: 0.67 Seconds