Full Disclosure mailing list archives
Re: FOUND: COELACANTH: Phreak Phishing Expedition
From: Juergen Schmidt <ju () heisec de>
Date: Mon, 14 Jun 2004 18:51:13 +0200 (CEST)
On Fri, 11 Jun 2004, http-equiv () excite com wrote:
From the original discover, 'bitlance winter' one big fat coelacanth: <a href="http://www.malware.com%2F redir=www.e-gold.com">test</a>
JFYI: This only works with direct internet access -- not if any kind of proxy is involved. With the latter, IE does not evaluate the redirection but passes the whole URL to the proxy: GET http://www.heise.de%2F%20%20redir=.e-gold.com/ HTTP/1.0 bye, ju -- Juergen Schmidt Chefredakteur heise Security www.heisec.de Heise Zeitschriften Verlag, Helstorferstr. 7, D-30625 Hannover Tel. +49 511 5352 300 FAX +49 511 5352 417 EMail ju () heisec de _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- FOUND: COELACANTH: Phreak Phishing Expedition http-equiv () excite com (Jun 10)
- Re: FOUND: COELACANTH: Phreak Phishing Expedition Juergen Schmidt (Jun 14)