Referrer spoofing Information & Referrer spoofing Links at HealthHaven.com

In computer security, referrer spoofing or ref tar spoofing is the sending of incorrect referrer information along with an HTTP request, sometimes with the aim of gaining unauthorized access to a web site. It can also be used because of privacy concerns, as an alternative to sending no referrer at all.

[edit] Application

Some sites, especially many pornographic paysites, utilize referrer information to secure their materials: only browsers arriving from a small set of approved (login-) pages are given access; this facilitates the sharing of materials among a group of cooperating paysites. If attackers acquire knowledge of these approved referrers (which is often trivial because many sites follow a common template), they can then gain free access to the materials.

Spoofing often allows legitimate access to a site's content where the site's web server is configured to block browsers not sending referrer headers. Web site owners may do this to disallow hotlinking.

It can be also used to defeat referrer checking controls that are used to mitigate Cross-Site Request Forgery attacks.

[edit] Tools

Several software tools exist to facilitate referrer spoofing:

Proxomitron is a proxy capable of referrer spoofing.
The Mozilla Firefox extension refspoof [1] allows the use of a custom referrer URL for any site one visits, and provides a mechanism to manage a bookmark list of such referrer/site pairs.
The Mozilla Firefox extension RefControl [2] allows users to define custom referrer URLs based on specific sites. Unlike the refspoof extension, RefControl does not use a toolbar to define referrer URLs.
QuickSpoof and Spooph provide the same functionality for the Internet Explorer browser.
SuperMegaSpoof [3] is a Windows application that supports both browsers and allows users to exchange and rate referrer spoofs; it displays advertisements while it is running.

[edit] See also

Referrer spam