Full Disclosure mailing list archives
RE: 3 new MS patches next week... but none fix 0x01!
From: psz () maths usyd edu au (Paul Szabo)
Date: Sun, 11 Jan 2004 16:37:21 +1100 (EST)
... and I've got this question for the list: This really long 'form action' item http://www.citibank.com:achaaa9uwdtyazjwvwaaaa9p398haaa9uwdtyazjwvwaboundpyw wgc2l6zt00pjxtvgc2l6zt00pjxywwgc2l6zt00pjxt398haaa9uwdtyazjwvwaaoundpywwgc2l 6zt00pjxtvgc2l6zt00pjxvgc2l6zt00pjxt@211.239.150.170/login/form.php obviously contains the 0x01 exploit. What I'm curious about is the HUGE amount of crap in between the : and the @ sign. I mean, if the 0x01 exploit is 'good enough', what's with the extra characters?
Hmmm... where in there do you see %01? No, that is no 0x01 exploit, but just user:password@host quasi-RFC-compliant usage. The string is long so as to leave the user staring at the citibank+gibberish part, not to be made suspicious of the @IP part. Cheers, Paul Szabo - psz () maths usyd edu au http://www.maths.usyd.edu.au:8000/u/psz/ School of Mathematics and Statistics University of Sydney 2006 Australia _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: 3 new MS patches next week... but none fix 0x01! Exibar (Jan 09)
- <Possible follow-ups>
- RE: 3 new MS patches next week... but none fix 0x01! tlarholm (Jan 09)
- Re: 3 new MS patches next week... but none fix 0x01! J G (Jan 10)
- RE: 3 new MS patches next week... but none fix 0x01! David Bartholomew (Jan 10)
- re: Citibank phishing email Jim Race (Jan 10)
- RE: [inbox] RE: 3 new MS patches next week... Exibar (Jan 11)
- RE: 3 new MS patches next week... Can Erkin Acar (Jan 12)
- RE: 3 new MS patches next week... but none fix 0x01! David Bartholomew (Jan 10)
- Re: 3 new MS patches next week... but none fix 0x01! Mary Landesman (Jan 10)
- Re: 3 new MS patches next week... but none fix 0x01! Ray P (Jan 10)
- RE: 3 new MS patches next week... but none fix 0x01! Paul Szabo (Jan 10)
- RE: 3 new MS patches next week... but none fix 0x01! David Bartholomew (Jan 11)