Autocomplete Injection Attack Nethanel Gelernter 1,2,3(B ) and Amir Herzberg 2,3 1 Cyberpion, Givat Shmuel, Israel nethanel.gelernter@gmail.com 2 College of Management Academic Studies, Rishon LeZion, Israel 3 Bar Ilan University, Ramat Gan, Israel Abstract. Autocomplete, a well-known feature in popular search engines, offers suggestions for search terms before the user has even com- pleted typing their query. We present the autocomplete injection attack and its potential exploits. In this attack, a cross-site attacker injects terms into the autocomplete suggestions offered by a web-service to a victim user. The most popular web search engines are vulnerable to the attack, as well as other websites. Autocomplete injection can be exploited in multiple ways, including phishing, framing, illegitimate content-promotion and sometimes persis- tent cross-site scripting attacks. We evaluated the effectiveness of the attack with several experiments. Our results show the potential impact of the autocomplete injection attacks. Keywords: Web-security · Phishing · Cross-site attacks · Usable security · Autocomplete injection attack · Cross-site framing · Blackhat SEO · Cross site scripting · Persistent XSS · CSRF 1 Introduction Web-services invest considerable efforts to improve their user experience. More specifically, services are often personalized using information collected about each user, including the history of previous interactions. Autocomplete mechanisms are one of the personalization methods most widely-used by web-services to ease the entry of search terms. As the user types the first few letters of a query, the autocomplete mechanism offers several suggestions for the complete query. The user can either avoid typing the rest of the term by choosing one of the suggestions or type additional letters, which will prompt updated suggestions. Autocomplete suggestions allow users to choose long terms while decreasing the number of keystrokes [3, 27]. This serves to improve the user experience, especially for users with disabilities (for whom it was originally designed). We show that the autocomplete mechanism can also be abused by a rogue website visited by the user, allowing multiple attacks on those who have an active ‘session’ in one of several popular websites. Based on this new type of ‘cross-site’ attack, we tested for - and found - autocomplete vulnerabilities in five sites: the c  Springer International Publishing Switzerland 2016 I. Askoxylakis et al. (Eds.): ESORICS 2016, Part II, LNCS 9879, pp. 512–530, 2016. DOI: 10.1007/978-3-319-45741-3 26