WebApp Sec mailing list archives
Redirection obfuscation in FF and NS
From: RSnake <rsnake () shocking com>
Date: Mon, 20 Mar 2006 13:56:04 -0800 (PST)
ID and I were playing around with some weird redirection
obfuscation and came across these a few days ago (works in latest
version of Firefox and Netscape on untrusted site settings). Sorry that
this is a little ho-hum but it's probably worth documenting:
http://www.visa.com@rsnake
and
http://rsnake:www.visa.com
This seems like something that could confuse users. This is the
same old "feeling lucky" stuff built into browsers. Not so much a hack
as just confusing behavior to users which could lead to unintended
redirection and potentially more sucessful phishing attacks. This
relies on being the #1 page rank in something, but that is pretty easy
with obscure search terms.
-RSnake http://ha.ckers.org/xss.html
-------------------------------------------------------------------------
This List Sponsored by: SpiDynamics
ALERT: "How A Hacker Launches A Web Application Attack!"
Step-by-Step - SPI Dynamics White Paper
Learn how to defend against Web Application Attacks with real-world
examples of recent hacking methods such as: SQL Injection, Cross Site
Scripting and Parameter Manipulation
https://download.spidynamics.com/1/ad/web.asp?Campaign_ID=701300000003gRl --------------------------------------------------------------------------
Current thread:
- Redirection obfuscation in FF and NS RSnake (Mar 20)
- Re: Redirection obfuscation in FF and NS Saqib Ali (Mar 20)
- Re: Redirection obfuscation in FF and NS RSnake (Mar 20)
- Re: Redirection obfuscation in FF and NS Saqib Ali (Mar 20)
- Re: Redirection obfuscation in FF and NS RSnake (Mar 20)
- Re: Redirection obfuscation in FF and NS Saqib Ali (Mar 20)
