BugTraq
Back to list
|
Post reply
COELACANTH: Phreak Phishing Expedition
Jun 10 2004 08:34PM
http-equiv (at) excite (dot) com [email concealed] (1 malware com)
Thursday, June 10, 2004
The following was presented by 'bitlance winter' of Japan today:
<a href="http://www.microsoft.com%2F redir=www.e-
gold.com">test</a>
Quite inexplicable from these quarters. Perhaps someone with
server 'knowledge' can examine it.
It carries over the address into the address bar:
[screen shot: http://www.malware.com/gosh.png 72KB]
while redirecting to egold. The key being %2F without that it
fails. The big question is where is the 'redir' and why is it
only applicable [so far] to e-gold. Other sites don't work and e-
gold is running an old Microsoft-IIS/4.0.
Working Example:
http://www.malware.com/golly.html
credit: 'bitlance winter'
End Call
--
http://www.malware.com
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Thursday, June 10, 2004
The following was presented by 'bitlance winter' of Japan today:
<a href="http://www.microsoft.com%2F redir=www.e-
gold.com">test</a>
Quite inexplicable from these quarters. Perhaps someone with
server 'knowledge' can examine it.
It carries over the address into the address bar:
[screen shot: http://www.malware.com/gosh.png 72KB]
while redirecting to egold. The key being %2F without that it
fails. The big question is where is the 'redir' and why is it
only applicable [so far] to e-gold. Other sites don't work and e-
gold is running an old Microsoft-IIS/4.0.
Working Example:
http://www.malware.com/golly.html
credit: 'bitlance winter'
End Call
--
http://www.malware.com
[ reply ]