|
Full Disclosure
mailing list archives
COELACANTH: Phreak Phishing Expedition
From: "http-equiv () excite com" <1 () malware com>
Date: Thu, 10 Jun 2004 20:35:03 -0000
Thursday, June 10, 2004
The following was presented by 'bitlance winter' of Japan today:
<a href="http://www.microsoft.com%2F redir=www.e-
gold.com">test</a>
Quite inexplicable from these quarters. Perhaps someone with
server 'knowledge' can examine it.
It carries over the address into the address bar:
[screen shot: http://www.malware.com/gosh.png 72KB]
while redirecting to egold. The key being %2F without that it
fails. The big question is where is the 'redir' and why is it
only applicable [so far] to e-gold. Other sites don't work and e-
gold is running an old Microsoft-IIS/4.0.
Working Example:
http://www.malware.com/golly.html
credit: 'bitlance winter'
End Call
--
http://www.malware.com
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
 By Date 
By Thread
Current thread:
- COELACANTH: Phreak Phishing Expedition http-equiv () excite com (Jun 10)
|
Intro
