Back to All Attacks

@container Query Attack ({{adblocker}})

Stealth Mode

Visible Mode

Your Fingerprint Output

Collecting...

This page is designed to test the @container query attack. The attack sends signals if the size of the container is less than 100px. This only happens when the element in the container is blocked.

Attack Pros

  1. This attack does not require any script. All scripts present in this demo are strictly to help visualize the attack: One script connects a service worker to act like the adversary server, and other scripts helps with visualizing the attack parameters for the viewer.
  2. This attack can be stealthy. At this moment, even while not trying to hide the images, many images we load are originally single pixels and don't show up. Click this button to hide/show the attack boxes: We make the attack boxes invisible by reducing the height to 0 and allowing no events to pass through. This way, the attack can be hidden from the user.
  3. The attack works even if JavaScript is disabled.
  4. The attack is fast and does not require user interaction
  5. The attack is instantenaous
  6. The attack only sends network requests if the element is blocked
  7. The attack works correctly even if the unblocked URL does not exist.

Attack Cons

  1. The attack is restricted to generic network rules.
  2. The fattack does not work on chromium because of non-standard ways of styling the alt attribute.
{% for group in css_classes %}
unblocked
Class rule {{group.id}}: ".{{group.class}}"
{% endfor %} {% for group in css_ids %}
unblocked
ID rule {{group.id}}: "#{{group._id}}"
{% endfor %} {% for group in network_imgs %}
Test {{ group.id }}
Image rule {{group.id}}
{% endfor %} {% for group in network_iframes %}
Iframe rule {{group.id}}
{% endfor %}
{# #}