Full Disclosure mailing list archives

Re: " * " in url

From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Tue, 13 Jan 2004 22:32:20 +1300

"morning_wood" <se_cur_ity () hotmail com> wrote:

dunno if this is new but..

http://pa.yahoo.com/*http://rd.yahoo.com/hotjbs/*http://example.com


Nope, not new at all.

Those (and several other Yahoo pages) have long been known as 
redirectors, taking whatever comes after the asterisk and redirecting 
to it.  Some appear to work just for URLs to other yahoo.com-hosted 
pages (and perhaps Yahoo! partner sites?), but some (such as the 
"hotjobs" one) will redirect to anywhere.

I vaguely recall seeing one of these used ages back in a some scam-
associated spam, which heavily obfuscated the URL to redirect to with 
URL-encoding and so on...


Regards,

Nick FitzGerald

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

" * " in url morning_wood (Jan 13)
- Re: " * " in url Lan Guy (Jan 13)
- Re: " * " in url Nick FitzGerald (Jan 13)
- Re: " * " in url Suresh Ponnusami (Jan 13)