Is it possible to corrupt tracking cookies?

Discussion in 'privacy problems' started by driekus, Feb 16, 2015.

  1. driekus

    driekus Registered Member

    Joined:
    Nov 30, 2014
    Posts:
    489
    I have a thought and if it has been done before I will be very happy. If not can somebody tell me if it is possible.

    Tracking cookies are probably the most used method of tracking users as I understand it. Could you have a plugin which messes up the tracking by generating fake tracking cookies.
    One way you may be able to do it, is by creating a shared database of cookies that could be used to corrupt the tracking data obtained.

    IS this possible or should I stick to my tin foil hat?
     
  2. krustytheclown2

    krustytheclown2 Registered Member

    Joined:
    Nov 18, 2014
    Posts:
    210
    I think that the self-destructing cookies addon negates tracking cookies quite effectively, I don't see a need for fake cookies or anything like that
     
  3. driekus

    driekus Registered Member

    Joined:
    Nov 30, 2014
    Posts:
    489
    I use self-destructing cookies add-on and love it.

    I just want to get back at the companies doing the tracking and try to break the system. If you had something widely used it would seriously mess with site metrics and data brokers.

    So figured out cookies are stored in SQLite file in Firefox. Edited amazon.ca and a few others and good news is that I didnt break firefox. Bad news is that there must be some type of checking mechanism because they reissued the cookies. I wonder if you use a legitimate cookie value from another computer whether it would work.

    Edit: to avoid double post
     
    Last edited: Feb 16, 2015
  4. driekus

    driekus Registered Member

    Joined:
    Nov 30, 2014
    Posts:
    489
    Well did some more exploring today and found that it only works if transfer a working cookie number. I did this with multiple doubleclick and amazon ad-systems cookies. Concept also works in that I now receive tailored ads that were on the other computer. (Used my wife as guinea pig).
    As long as the value is legitimate it will work.

    I think the only way this could work is that if you created a database of shared advertising cookies.
     
  5. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,032
    I wonder how many instances of a particular cookie will work. From what you say, it seems as if two instances work. But maybe the second (pointing to you) just replaced the first (pointing to your wife). How would Doubleclick and Amazon respond if numerous users had the same cookie? Also, what sort of cookie would numerous users want to have?
    Right, if some large group randomly interchanged all of their cookies, it would arguably mess with the tracking system. However, maybe that would just be another category: people who use CookieShare ;) What ads would they like the best? Kits for building custom license tags? NRA memberships? MREs and freeze dried provisions? The system would just adapt, I suspect.
     
  6. driekus

    driekus Registered Member

    Joined:
    Nov 30, 2014
    Posts:
    489
    You are also forgetting tin foil hat designs.

    For it to really mess with the system you would need a large user base (3-4 million users should do it). The more I think about it the more CookieShare (love the name) would work if the initial cookies were generated by automated robot that trawls the web. That way there is no risk of taking somebodies login cookies.

    It may be a simple manner of an add-on that automatically checks a website on browser startup that sends a new list of cookies.
     
  7. mirimir

    mirimir Registered Member

    Joined:
    Oct 1, 2011
    Posts:
    6,032
    That is an interesting concept. Maybe someone will steal it ;)
     
  8. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    CookieShare = Great Idea !
     
  9. deBoetie

    deBoetie Registered Member

    Joined:
    Aug 7, 2013
    Posts:
    1,151
    Location:
    UK
    This is a very beautiful thing. So beautiful that if you did it, they'd probably try to nail you under some copyright or reverse engineering legislation....!
     
  10. driekus

    driekus Registered Member

    Joined:
    Nov 30, 2014
    Posts:
    489
    I have no problem with anybody developing the concept. Plan on looking at myself, but I would need to learn the code required and understand the mechanisms that cookies are set. If anybody is interested in collaborating I am more than up for it.
     
  11. J_L

    J_L Registered Member

    Joined:
    Nov 6, 2009
    Posts:
    8,516
  12. driekus

    driekus Registered Member

    Joined:
    Nov 30, 2014
    Posts:
    489
    Regardless whether they had legal standing they would try to blast you into oblivion through legal means. Only way I can see doing this is anonymously and having no money to tie back to the people involved. We would have the skills here to be invisible ;) and tough to find.

    Personally I self destruct cookies, block scripts and ads. These are defensive measures and really why should we settle for defense. This is an offensive tool that is legal. :)
     
    Last edited: Feb 18, 2015
  13. driekus

    driekus Registered Member

    Joined:
    Nov 30, 2014
    Posts:
    489
  14. Wroll

    Wroll Registered Member

    Joined:
    Nov 29, 2011
    Posts:
    549
    Location:
    Italy
  15. Stefan Froberg

    Stefan Froberg Registered Member

    Joined:
    Jul 30, 2014
    Posts:
    108
    https://en.wikipedia.org/wiki/HTTP_cookie
    That's all you need. Pretty simple stuff really.

    Grerat Idea (and love the CookieShare name)!
    Looks like something I do in my CyberDragon browser but I only do it for single cookie (Google PREF cookie) and even then it's optional.

    CookieShare Firefox plugin that stores bunch of tracking cookies to SQLite database and then let users to decide what to do
    with those cookies. What cookie(s) to send? What value to send in that cookie(s) (original,custom,random)? And when to send (regular expression against domains to send?). :)

    This should be the latest tutorial how to write Firefox extensions?:
    https://developer.mozilla.org/en-US...chool/Getting_Started_with_Firefox_Extensions

    Edit: Oh, and when testing, using wireshark tool is a great way to see live what is actually happening (what cookies server is trying to set and what cookies browser tries to send back)
    http.cookie and http.set_cookie wireshark filters help to show only relevant info
    (https://www.wireshark.org/docs/dfref/h/http.html)

    Edit2: More recent firefox extensions tutorial URL added
     
    Last edited: Feb 19, 2015
  16. driekus

    driekus Registered Member

    Joined:
    Nov 30, 2014
    Posts:
    489

    Thanks Stefan, I have a long way to go but it is fun.

    Wrote some scripts to play around with it. I chose the PREF cookie because it is easy to find. Used SQLite to harvest 20 PREF cookies and then used random function to choose one to put back in. Works like a charm.

    There has to be another way to get the cookies in than insert through SQLite lines.

    This is fun :)
     
  17. Stefan Froberg

    Stefan Froberg Registered Member

    Joined:
    Jul 30, 2014
    Posts:
    108
    Yea, that Google PREF cookie is almost everywhere thanks to it's ad network. That cookie's main function is to save user's Google search preferences (SafeSearch, on/off, number of hits per page, etc...) but there is also some unique identifier (S= part) slapped at the end of that cookie that I could never fully work out (and Net was not much help)

    Best description so far of PREF cookie structure is here: http://repository.cmu.edu/cgi/viewcontent.cgi?article=1058&context=jpc
    page 5.

    And NSA took also advantage of that cookie some time ago to identify potential hacking targets.
    http://www.washingtonpost.com/blogs...ogle-cookies-to-pinpoint-targets-for-hacking/

    That was the major reason why I added that PREF cookie spoofing option so long ago, to send some totally random PREF cookie data with each and every page load when doing google search. Or alternatively, set it to some fixed value (like 0000000).

    There is SQLite database API for Firefox extensions (for both JavaScript and C++ language).
    https://developer.mozilla.org/en/docs/Storage

    Firefox also offers two interfaces for cookie handling:
    Old nsICookieManager (https://developer.mozilla.org/en-US/docs/Mozilla/Tech/XPCOM/Reference/Interface/nsICookieManager)
    and newer nsICookieManager2 (https://developer.mozilla.org/en-US/docs/Mozilla/Tech/XPCOM/Reference/Interface/nsICookieManager2)

    And here´s some interesting stackoverflow question about cookie handling in firefox extension: https://stackoverflow.com/questions...c-cookies-by-domain-name-in-firefox-extension

    Happy hacking :)
     
  18. driekus

    driekus Registered Member

    Joined:
    Nov 30, 2014
    Posts:
    489
    Wow thanks Stefan, this would have taken me a long time to figure out.

    the nsICookieManager/2 interface was exactly what I was chasing. All I am looking to do is to remove a selection of Cookies and replace it with another Cookie (non-random). Could be run every time firefox starts. I can see now how I could get it to work.

    Thanks again
     
  19. RockLobster

    RockLobster Registered Member

    Joined:
    Nov 8, 2007
    Posts:
    318
    sounds like a good idea for a firefox add on ..
     
  20. driekus

    driekus Registered Member

    Joined:
    Nov 30, 2014
    Posts:
    489
    Silly question, looked at the Firefox sdk and from the look of the language everything is written in Javascript?
     
  21. Stefan Froberg

    Stefan Froberg Registered Member

    Joined:
    Jul 30, 2014
    Posts:
    108
    That is correct. All your extension logic is done with JavaScript.
    And if I figured it right, those XUL files are actually XML files that describe your GUI for your addon/extension.

    And firefox extensions are actually nothing more than ordinary ZIP files that have their extension renamed to XPI.

    So, from that tutorial page (https://developer.mozilla.org/en-US...chool/Getting_Started_with_Firefox_Extensions tutorial page),
    if you want to look inside that "Hello World" extension, you can save it to file (https://developer.mozilla.org/@api/deki/files/5139/=xulschoolhello1.xpi) and just rename it's extension to zip and open it like any other ordinary zip-file and start modifying stuff.

    The very short Firefox XPCOM using tutorial (that is needed for nsICookieManager/2 and also for that SqLite storage API) start from here:
    https://developer.mozilla.org/en-US/Add-ons/Overlay_Extensions/XUL_School/XPCOM_Objects

    All the relevant stuff up to "Passing parameters" but the rest, "Creating Your Own Components" can be skipped.

    And here's more throughout guide for XPCOM:
    https://developer.mozilla.org/en-US/docs/Mozilla/Tech/XPCOM
    Check especially "XPCOM reference" from there to see what ready made goodies Firefox offers for extension writers.

    There's also some mention of SQLite for Firefox extensions here:
    https://developer.mozilla.org/en-US/Add-ons/Overlay_Extensions/XUL_School/Local_Storage
     
    Last edited: Feb 21, 2015
  22. Azure Phoenix

    Azure Phoenix Registered Member

    Joined:
    Nov 22, 2014
    Posts:
    362
    If they do, I wonder if Mozilla's plan to make developers have addon digitally signed would in anyway affect such addon.
     
  23. imliver

    imliver Registered Member

    Joined:
    Apr 24, 2015
    Posts:
    1
Loading...
Similar Threads
  1. compleo
    Replies:
    5
    Views:
    441