| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <006501c6cdc2$93169cc0$e500030a@netvision.ads> Date: Fri, 1 Sep 2006 14:31:39 +0200 From: "mikx" <mikx@...x.de> To: <full-disclosure@...ts.grok.org.uk> Subject: Browzar Footprints Read over on Slashdot about the "no footprints" browser Browzar. As with every potential new browser in the market I quickly booted into a virtual machine to check compatibility with my major applications. A 264KB download sounded way to little for a full browser application. Not surprisingly Browzar is just a wrapper around the IE rendering engine. Let's have a look Download Browzar Fire up Filemon Set a filter for "Browzar" Start Browzar and open "http://www.mikx.de" As the expected files like ieframe.dll fly by a certain file hits my eyes: C:\Documents and Settings\Administrator\Local Settings\Temporary Internet Files\Content.IE5\index.dat Could it be so easy? Copy the location string Open the file on Notepad Search for "mikx.de" and *whups* there it is :o Maybe Browzar cleans after itself? So closing Browzar, opening the index.dat again. Still there. Wow, that's privacy you can trust. browzar.com is currently down, so no proper vendor notification so far. mikx _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists