Referer spoofing

Web Design & Development Guide

Referer spoofing


In computer security, referer spoofing or ref tar spoofing is the sending of incorrect referer information along with an HTTP request, with the aim of gaining unauthorized access to a web site.


Some subscription sites, especially many pornographic paysites, utilize referer information to secure their materials: only browsers arriving from a small set of approved (login-) pages are given access; this facilitates the sharing of materials among a group of cooperating paysites. If attackers acquire knowledge of these approved referers (which is often trivial because many sites follow a common template), they can then gain free access to the materials.


Several software tools exist to facilitate referrer spoofing:

  • Proxomitron offeres the capability of referrer spoofing at http://proxomitron.info
  • Here is an open source project at http://livehttpheaders.mozdev.org/ where there is a feature called "replay headers".
  • The Mozilla Firefox extension refspoof allows to use a custom referer URL for any site one visits, and provides a mechanism to manage a bookmark list of such referer/site pairs.
  • A similar Mozilla Firefox extension is spooFXplorer (not compatible with the most recent version of Firefox).
  • QuickSpoof and Spooph provide the same functionality for the Internet Explorer browser.
  • SuperMegaSpoof is a Windows application that supports both browsers and allows users to exchange and rate referer spoofs; it displays advertisements while it is running.
  • SpoofForge is similar to SuperMegaSpoof with the exception that spoofs are displayed on a web site, and so there is no software to install.

External links

Browser exploit
Cross-site cooking
Cross-site request forgery
Cross-site scripting
Cross-zone scripting
Directory traversal
Evil twin (wireless networks)
HTTP response splitting
IDN homograph attack
Referer spoofing
Session fixation
Session poisoning
Website spoofing

Page created in 0.328534 Seconds