Bugtraq: Re: Bypassing of web filters by using ASCII

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Bypassing of web filters by using ASCII

From: Vincent Archer <varcher () denyall com>
Date: Mon, 26 Jun 2006 11:19:28 +0200

On Fri, Jun 23, 2006 at 05:12:13PM +0200, Amit Klein (AKsecurity) wrote:

On 23 Jun 2006 at 10:35, Vincent Archer wrote:

The same problem did exist in RFC821, which specified the data path as
being 7-bit, with the MSB set to 0. The venerable ancestor sendmail did
enforce that, by and-ing each and every byte with 0x7F, which means that
the IE solution is "slightly better", due to historical precedent.


If we're into precedences, does anyone know what Mosaic 1.0 used to do in such case? after


Mosaic didn't really handle charsets.

It used Motif as the underlying toolkit, and rendered the binary text stream
using XmSTRING_DEFAULT_CHARSET, which could default to ISO 8859-1 most of
the time, or something else if you tweaked your X11 installation and
properties.

So, basically, Mosaic worked as firefox/opera do, not as IE.

-- 
Vincent ARCHER
varcher () denyall com

Tel : +33 (0)1 40 07 47 14
Fax : +33 (0)1 40 07 47 27
Deny All - 23, rue Notre Dame des Victoires - 75002 Paris - France

By Date By Thread

Current thread:

Re: Bypassing of web filters by using ASCII, (continued)
- Re: Bypassing of web filters by using ASCII Hubert Seiwert (Jun 22)
- Re: Bypassing of web filters by using ASCII Amit Klein (AKsecurity) (Jun 22)
  - Message not available
    - Re: Bypassing of web filters by using ASCII Amit Klein (AKsecurity) (Jun 23)
    - Re: Bypassing of web filters by using ASCII Vincent Archer (Jun 26)
    - Re: Bypassing of web filters by using ASCII Balazs Attila-Mihaly (Cd-MaN) (Jun 26)
- Re: Bypassing of web filters by using ASCII Kurt Huwig (Jun 22)