Full Disclosure mailing list archives
Re: Phishing scam - Obfuscated url help please
From: Valdis.Kletnieks () vt edu
Date: Thu, 22 Jan 2004 22:55:26 -0500
On Fri, 23 Jan 2004 14:48:43 +1300, Nick FitzGerald <nick () virus-l demon co uk> said:
as the "@" is (incorrectly) interpreted by many browsers (most in terms of absolute use) as indicating the username part of the "userinfo" part of the generic URI scheme.
RFC2396 - Uniform Resource Identifiers (URI): Generic Syntax 3.2.2. Server-based Naming Authority URL schemes that involve the direct use of an IP-based protocol to a specified server on the Internet use a common syntax for the server component of the URI's scheme-specific data: <userinfo>@<host>:<port> where <userinfo> may consist of a user name and, optionally, scheme- specific information about how to gain authorization to access the server. The parts "<userinfo>@" and ":<port>" may be omitted. server = [ [ userinfo "@" ] hostport ] The user information, if present, is followed by a commercial at-sign "@". userinfo = *( unreserved | escaped | ";" | ":" | "&" | "=" | "+" | "$" | "," ) Some URL schemes use the format "user:password" in the userinfo field. This practice is NOT RECOMMENDED, because the passing of authentication information in clear text (such as URI) has proven to be a security risk in almost every case where it has been used. Looks like a correct interpretation to me.
Attachment:
_bin
Description:
Current thread:
- Phishing scam - Obfuscated url help please Zach Forsyth (Jan 22)
- Re: Phishing scam - Obfuscated url help please Nick FitzGerald (Jan 22)
- Re: Phishing scam - Obfuscated url help please Valdis . Kletnieks (Jan 22)
- Re: Phishing scam - Obfuscated url help please Nick FitzGerald (Jan 23)
- Re: Phishing scam - Obfuscated url help please Valdis . Kletnieks (Jan 22)
- Re: Phishing scam - Obfuscated url help please Matthias Benkmann (Jan 23)
- Re: Phishing scam - Obfuscated url help please Gadi Evron (Jan 23)
- Re: Phishing scam - Obfuscated url help please Nick FitzGerald (Jan 23)
- Re: Phishing scam - Obfuscated url help please Gadi Evron (Jan 23)
- Re: Phishing scam - yet another Paypal phishing scam! Tobias Weisserth (Jan 24)
- Re: Phishing scam - yet another Paypal phishing scam! Valdis . Kletnieks (Jan 24)
- RE: Phishing scam - yet another Paypal phishingscam! Bill Royds (Jan 24)
- RE: Phishing scam - yet another Paypal phishingscam! Tobias Weisserth (Jan 25)
- <Possible follow-ups>
- RE: Phishing scam - Obfuscated url help please Leif Sawyer (Jan 22)
- Re: Phishing scam - Obfuscated url help please Nick FitzGerald (Jan 22)