Your Fingerprint Output

This page is designed to test the image alt attribute attack. The attack sends signals on page load as part of the background image URL of unblocked requests.

{% if adblocker=='adguard' %} For Adguard: Adguard will trigger the alt backgrounds if the element is not blocked and the image doesn't load. So, we point the URL to a non-existing image. This way, the alt attribute is triggered if the URL is not blocked. The signals the server receives are the unblocked requests, so the adversary must reverse the fingerprint.

Attack Pros

1. This attack does not require any script. All scripts present in this demo are strictly to help visualize the attack: One script connects a service worker to act like the adversary server, and other scripts helps with visualizing the attack parameters for the viewer.
2. This attack can be stealthy. At this moment, even while not trying to hide the images, many images we load are originally single pixels and don't show up. Click this button to hide/show the attack boxes: Toggle Stealth We make the attack boxes invisible by lowering the opacity and allowing no events to pass through. This way, the attack can be hidden from the user.
3. The attack works even if JavaScript is disabled.

Attack Cons

1. The attack is restricted to generic network rules.
2. The fattack does not work on chromium because of non-standard ways of styling the alt attribute.