Full Disclosure mailing list archives
Re: Twitter URL spoofing still exploitable
From: Benji <me () b3nji com>
Date: Tue, 27 Sep 2011 16:18:18 +0100
If you hover over the t.co links the alt= tag holds the real url. On Tue, Sep 27, 2011 at 4:11 PM, dave bl <db.pub.mail () gmail com> wrote:
On 28 September 2011 01:00, Mario Vilas <mvilas () gmail com> wrote:On Tue, Sep 27, 2011 at 3:26 PM, Dan Kaminsky <dan () doxpara com> wrote:Ok, now nobody can spoof a URL, but how come a user will tell good URLs and bad ones apart? Oh boy!Wherever did you get the idea that users can do this?Jokes apart, I do find it annoying that URLs aren't expandedautomaticallyanymore. But I don't expect this situation to be permanent.Agreed. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Twitter URL spoofing still exploitable Pablo Ximenes (Sep 26)
- Re: Twitter URL spoofing still exploitable Darren Martyn (Sep 27)
- Re: Twitter URL spoofing still exploitable Pablo Ximenes (Sep 27)
- Re: Twitter URL spoofing still exploitable Dan Kaminsky (Sep 27)
- Re: Twitter URL spoofing still exploitable Mario Vilas (Sep 27)
- Re: Twitter URL spoofing still exploitable dave bl (Sep 27)
- Re: Twitter URL spoofing still exploitable Benji (Sep 27)
- Re: Twitter URL spoofing still exploitable Pablo Ximenes (Sep 27)
- Re: Twitter URL spoofing still exploitable Pablo Ximenes (Sep 27)
- Re: Twitter URL spoofing still exploitable Darren Martyn (Sep 27)