brmlab

User Tools

Site Tools

You are here: Hackerspace Prague » Projects » Spyzilla
project:spyzilla

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
project:spyzilla [2021/02/10 19:10] – [Thunderbird] jendaproject:spyzilla [2022/12/24 16:23] (current) – [Thunderbird] jenda
Line 203: Line 203:
  
 <code> <code>
-POST /submit/telemetry/4e0009de-f8dc-4aad-8b07-30011f7622de/deletion-request/Thunderbird/78.7.1/default/20210203182138?v=4 HTTP/1.1+POST /submit/telemetry/4e0009de-f8dc-4aad-8b07-30011f7622de/deletion-request
 +/Thunderbird/78.7.1/default/20210203182138?v=4 HTTP/1.1
 Host: incoming-telemetry.thunderbird.net Host: incoming-telemetry.thunderbird.net
 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1
  
-{"type":"deletion-request","id":"XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXX","creationDate":"2021-02-10T18:55:32.926Z","version":4,"application":{"architecture":"x86-64","buildId":"20210203182138","name":"Thunderbird","version":"78.7.1","displayVersion":"78.7.1","vendor":"","platformVersion":"78.7.0","xpcomAbi":"x86_64-gcc3","channel":"default"},"payload":{"scalars":{}},"clientId":"XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX"}+{ 
 +  "type": "deletion-request", 
 +  "id": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXX", 
 +  "creationDate": "2021-02-10T18:55:32.926Z", 
 +  "version": 4, 
 +  "application": { 
 +    "architecture": "x86-64", 
 +    "buildId": "20210203182138", 
 +    "name": "Thunderbird", 
 +    "version": "78.7.1", 
 +    "displayVersion": "78.7.1", 
 +    "vendor": "", 
 +    "platformVersion": "78.7.0", 
 +    "xpcomAbi": "x86_64-gcc3", 
 +    "channel": "default" 
 +  }, 
 +  "payload": { 
 +    "scalars": {} 
 +  }, 
 +  "clientId": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXX" 
 +}
 </code> </code>
 +
 +==== Attachments ====
  
 When you open an attachment (tested with PDF), the following request is sent, leaking username, profile name, attachment filename and attachment SHA-256 hash (as raw binary data in the middle): When you open an attachment (tested with PDF), the following request is sent, leaking username, profile name, attachment filename and attachment SHA-256 hash (as raw binary data in the middle):
Line 234: Line 257:
 000000f0  2e 70 64 66 50 00 5a 05  65 6e 2d 55 53           |.pdfP.Z.en-US| 000000f0  2e 70 64 66 50 00 5a 05  65 6e 2d 55 53           |.pdfP.Z.en-US|
 </code> </code>
-To disable this, remove browser.safebrowsing.downloads.remote.url in about:config.+To disable this, remove browser.safebrowsing.downloads.remote.url in about:config. [[https://searchfox.org/mozilla-central/source/toolkit/components/reputationservice/ApplicationReputation.cpp#1564|Link to source where this happens.]]
 ===== Firefox for Android ===== ===== Firefox for Android =====
  
project/spyzilla.1612984229.txt.gz · Last modified: 2021/02/10 19:10 by jenda