Jump to content


Photo

Java Script question


  • Please log in to reply
5 replies to this topic

#1 hustla

hustla
  • Members
  • PipPip
  • Member
  • 12 posts

Posted 15 July 2006 - 02:05 AM

Im tring to get java script to spoof a referer via the XMLHTTP object but i cannot get it working properly. 

here is an example that wont work
yahoo is the target and google is the fake referere this is the location of the script http://thisfileshost/spoof2.php


<script type="text/javascript">
var x = new ActiveXObject("Microsoft.XMLHTTP");
x.open("GET\thttp://www.yahoo.com\tHTTP/1.0\r\nHost:\twww.yahoo.com\r\nReferer:\thttp://www.google.com\r\n\r\nGET\thttp://nosuchhost/\tHTTP/1.0\r\nFoobar:","http://thisfileshost...oof2.php",false);
x.send();
alert(x.responseText);
</script>

not sure what im missing here i get a file not found error 404 

Thanks guys


#2 akitchin

akitchin
  • Staff Alumni
  • Advanced Member
  • 2,516 posts
  • LocationCalgary, AB, Canada

Posted 15 July 2006 - 02:06 AM

...  did you not see the javascript forum?  i'm moving this there.

#3 hustla

hustla
  • Members
  • PipPip
  • Member
  • 12 posts

Posted 15 July 2006 - 02:06 AM

this is the article i followed

http://www.cgisecuri...TPRequest.shtml

#4 hustla

hustla
  • Members
  • PipPip
  • Member
  • 12 posts

Posted 15 July 2006 - 02:06 AM

sorry about that thanks did not see

#5 hustla

hustla
  • Members
  • PipPip
  • Member
  • 12 posts

Posted 15 July 2006 - 02:17 AM

read a little more and i believe its a proxy issue. is their any other methods you guys know of to spoof the referer without a forward proxy.

#6 hustla

hustla
  • Members
  • PipPip
  • Member
  • 12 posts

Posted 16 July 2006 - 06:20 PM

Found a much easier solution to spoof a referer via activex althought it does require you to enable the intilize and script control that are marked not safe option in ie settings. Don't know much about active x controls so if you guys know how to convert this small script to a control the user can install so they don't have to enable this option that would be great otherwise i guess i will spend a few hours reading. thanks below is the source. forgive the spelling to lazy to fix.

<SCRIPT language="Javascript">
function spoofit()
{
var target;
var referer;

target = document.getElementById('url').value;
referer = document.getElementById('ref').value;

var header = "Referer: " + referer + "\n\r";
var objIE = new ActiveXObject("InternetExplorer.Application");
objIE.Visible = true;
objIE.Navigate(target, 2, "", "", header);
}
</SCRIPT>




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users