Full Disclosure mailing list archives

Re: strange domain name in phishing email

From: Q Beukes <full-disclosure () list za net>
Date: Wed, 15 Mar 2006 11:25:04 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I think this would be a client side only thing.
Netcat connected fine when I have such a name (167772398 - 10.0.0.238)
as a target.

The reason I say this is because how would apache know what to do with:
Host: 167772398

It might have been a vhost, so I dont think they have support for this.

NOTE: just my thoughts

Julien GROSJEAN - Proxiad wrote:

I think you try to remove the slash at the end... What about the
logs ?



Alice Bryson a écrit :

BTW, this kind of ip address would not always work. i try to use
 http://2887060730/ to access an internal web server
http://172.21.12.250, but failed. It said 400 bad request. I use
Windows XP IE 6, web server is Apache on Windows 2003, does
anyone know why?


_______________________________________________ Full-Disclosure -
We believe in it. Charter:
http://lists.grok.org.uk/full-disclosure-charter.html Hosted and
sponsored by Secunia - http://secunia.com/


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEVAwUBRBfdcLEDZDQ16UzTAQK2hQf/bLNUt/NOBlBFjg6x2jaKE2uQGee7uPm0
3TNdye/xgkqCBZ7b2F213fPjm4ERtijyUmKSMxWyMrMM4CSWI354mjVQqqY94FAk
UbUDoZFKqUYAD5EJLuaTBLDPfrJCHJx0YwrZiHNVzGZEe2frEBn9I3AnAKvhjuGw
kc6VIozuo0V8dSbumOTIkX3/ShhvyEnuZKyHD5dP7HW0PXgmV5Uz2oCnKPlSK7Q7
M4tN3jkCQJj7XyeOJuFK16kofnzPWa9B6iswnrQtEGrBLwslcuBDmLJz9HLVsKfy
C3ll6DnG3H53flfFNp9adCl2iP7sPOTTgzSy275pHEg8kWM1j8ZVzQ==
=86fl
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Re: strange domain name in phishing email, (continued)
- - Message not available
    - Re: strange domain name in phishing email Nancy Kramer (Mar 11)
- Re: strange domain name in phishing email Alice Bryson (Mar 13)
  - Re: strange domain name in phishing email Michael Holstein (Mar 14)
  - Re: strange domain name in phishing email gboyce (Mar 14)
    - Re: strange domain name in phishing email Chris Umphress (Mar 14)
    - Re: strange domain name in phishing email gboyce (Mar 15)
    - Re: strange domain name in phishing email Alice Bryson (Mar 15)
    - Re: strange domain name in phishing email gboyce (Mar 15)
    - Re: strange domain name in phishing email Jianqiang Xin (Mar 15)
- Re: strange domain name in phishing email Julien GROSJEAN - Proxiad (Mar 14)
  - Re: strange domain name in phishing email Q Beukes (Mar 15)
- RE: strange domain name in phishing email Edward Pearson (Mar 14)
- RE: strange domain name in phishing email auto62996 (Mar 14)
  - Re: strange domain name in phishing email Michael Holstein (Mar 14)
    - Re: strange domain name in phishing email sheeponhigh (Mar 14)
    - Re: strange domain name in phishing email Dave Korn (Mar 15)
    - Re: Re: strange domain name in phishing email Michael Holstein (Mar 15)
    - Re: strange domain name in phishing email Alice Bryson (Mar 14)
    - Re: strange domain name in phishing email James Longstreet (Mar 15)
- Re: strange domain name in phishing email Juha-Matti Laurio (Mar 16)
- RE: strange domain name in phishing email Arley Barros Leal (Mar 16)

(Thread continues...)