corsasport.co.uk
 

Corsa Sport » Message Board » Off Day » Geek Day » Mobile Web Leaks Number in Headers


New Topic

New Poll
  <<  1    2  >> Subscribe | Add to Favourites

You are not logged in and may not post or reply to messages. Please log in or create a new account or mail us about fixing an existing one - register@corsasport.co.uk

There are also many more features available when you are logged in such as private messages, buddy list, location services, post search and more.


Author Mobile Web Leaks Number in Headers
Dom
Member

Registered: 13th Sep 03
User status: Offline
25th Jan 12 at 13:11   View User's Profile U2U Member Reply With Quote

Looks like Nokia Dev site has an article from 2002 and it looks like other networks do this as well - http://www.mulliner.org/security/feed/random_tales_mobile_hacker.pdf

Ed - Yup, not showing here either now.

[Edited on 25-01-2012 by Dom]
John
Member

Registered: 30th Jun 03
User status: Offline
25th Jan 12 at 13:20   View User's Profile U2U Member Reply With Quote

Not showing on mine either.

How will they explain this one do you think?

They obviously think it's a bit sneaky if it's been removed so quickly.
adiohead
Member

Registered: 28th Sep 01
User status: Offline
25th Jan 12 at 13:30   View User's Profile U2U Member Reply With Quote

quote:
Originally posted by Dom
Looks like Nokia Dev site has an article from 2002 and it looks like other networks do this as well - http://www.mulliner.org/security/feed/random_tales_mobile_hacker.pdf

Ed - Yup, not showing here either now.

[Edited on 25-01-2012 by Dom]


that's the site I was using to check
Dom
Member

Registered: 13th Sep 03
User status: Offline
25th Jan 12 at 13:33   View User's Profile U2U Member Reply With Quote

Don't think they can, certainly it's a load of bollocks if they try and say it was used for tethering detection; as Ed mentioned, user-agent header is used for that. Only reason I can see for it is to track a users browsing habit.

O2 doesn't appear to be the only network that 'leaks' this type of data though (just look at the PDF i posted).
ed
Member

Registered: 10th Sep 03
User status: Offline
25th Jan 12 at 16:37   View User's Profile U2U Member Reply With Quote

"Routine maintenance that went wrong" - ORLY
Dom
Member

Registered: 13th Sep 03
User status: Offline
25th Jan 12 at 16:49   View User's Profile U2U Member Reply With Quote

Reeks of BS And i bet they've been injecting customers mobile numbers into the headers for a lot longer than 2 weeks.

Has anyone tried on orange? That PDF lists Orange UK as injecting 'funky' headers.
ed
Member

Registered: 10th Sep 03
User status: Offline
25th Jan 12 at 16:53   View User's Profile U2U Member Reply With Quote

I want to figure out a way of doing some experiments on this. Just need Ian to left me put a 'blank.gif' somewhere on here
Dom
Member

Registered: 13th Sep 03
User status: Offline
25th Jan 12 at 17:23   View User's Profile U2U Member Reply With Quote

Dom
Member

Registered: 13th Sep 03
User status: Offline
26th Jan 12 at 13:23   View User's Profile U2U Member Reply With Quote

Just been reading that O2 apparently used it for tracking/billing customers on stores, so it's probably still active on their network and then obviously stripped on the outbound proxies.
Just wondering what would happen if you injected that header into HTTP requests (with another users number) and whether or not you could gain access to unauthorised areas of the network like billing or download music and get it charged to another account. Food for thought
Russ
Member

Registered: 14th Mar 04
Location: Armchair
User status: Offline
28th Jan 12 at 07:55   View User's Profile U2U Member Reply With Quote

http://www.thinkbroadband.com/news/4990-o2-shares-your-mobile-phone-number-with-every-website-you-visit.html
Steve
Premium Member

Avatar

Registered: 30th Mar 02
Location: Worcestershire Drives: Defender
User status: Offline
28th Jan 12 at 09:20   View Garage View User's Profile U2U Member Reply With Quote

Wow this is terrible iv also just found out when I ring someone my number appears on there screen

[Edited on 28-01-2012 by Steve]
ed
Member

Registered: 10th Sep 03
User status: Offline
28th Jan 12 at 10:39   View User's Profile U2U Member Reply With Quote

You have the option to withhold the number and you know who you're calling. Anyone with half an ounce of sense could quickly send you an e-mail and gain your phone number without your permission then use it for a phishing scam, especially as some of the operators in the PDF Dom shared are also bundling things that look like your customer id e.t.c. in the headers.
Ian
Site Administrator

Avatar

Registered: 28th Aug 99
Location: Liverpool
User status: Offline
28th Jan 12 at 15:21   View Garage View User's Profile U2U Member Reply With Quote

quote:
Originally posted by ed
Just need Ian to left me put a 'blank.gif' somewhere on here
Tell me what you need, I'm on for it.

I actually think its great news for me, if I had the list of headers I would log them all. Imagine having a trade complaint and getting a verified working contract phone number.
ed
Member

Registered: 10th Sep 03
User status: Offline
28th Jan 12 at 15:44   View User's Profile U2U Member Reply With Quote

Was just thinking something along the lines of:

<img src="https://static.ecscdn.net/logging/blank.gif" />

and blank.gif actually being:

code:
<?php
header('Content-Type: image/gif');
$req=serialise($_REQUEST);
mysql_query("INSERT INTO table (timestamp,request) VALUES (NOW(),$req)");
?>


Might need to be slightly different to that, but with that data you could make some interesting tables and graphs.

[Edited on 28-01-2012 by ed]
Ian
Site Administrator

Avatar

Registered: 28th Aug 99
Location: Liverpool
User status: Offline
28th Jan 12 at 15:46   View Garage View User's Profile U2U Member Reply With Quote

To run on CS? Wouldn't even need to be that complicated, could just go in header.php which is included on every page.
ed
Member

Registered: 10th Sep 03
User status: Offline
28th Jan 12 at 15:52   View User's Profile U2U Member Reply With Quote

Was thinking of doing it that was as I could stick it on all the websites I manage, could be useful anyway to have a database of the data you get from the $_REQUEST array, or maybe just interesting in a geeky kind of way. Would be easier to get other people on board too if it was just a fake image/js file.
Ian
Site Administrator

Avatar

Registered: 28th Aug 99
Location: Liverpool
User status: Offline
28th Jan 12 at 16:09   View Garage View User's Profile U2U Member Reply With Quote

I was just thinking about getting enough data to establish which headers are in use. Wouldn't want to log all of it for too long, a lot of it is duplicated or not relevant to an investigation.
pow
Premium Member

Avatar

Registered: 11th Sep 06
Location: Hazlemere, Buckinghamshire
User status: Offline
28th Jan 12 at 21:14   View Garage View User's Profile U2U Member Reply With Quote

Ummmmm... you learn something new every day. Fucked off they've been transmitting my mobile number though.

  <<  1    2  >>
New Topic

New Poll

  Related Threads Author Forum Replies Views Last Post
transferring mobile number flame1987 Geek Day 3 696
30th Aug 07 at 21:05
by scottyp1989
 
Tweaking Settings (Fans + OC) Doug Geek Day 8 201
19th Jun 08 at 19:29
by Russ
 
Using a HTC Magic on O2? Doug Geek Day 2 865
29th Jun 09 at 00:17
by noshua
 
facebook mobile corsa.v6 Geek Day 17 495
27th Dec 09 at 23:25
by Nic Barnes
 

Corsa Sport » Message Board » Off Day » Geek Day » Mobile Web Leaks Number in Headers 28 database queries in 0.0167890 seconds