nanog mailing list archives
Re: HXXP browser protocol
From: Sean Harlow <sean () seanharlow info>
Date: Thu, 13 Sep 2012 17:27:37 -0400
Fur further reference, wiki gives the following reasons for hxxp or other similar methods of URL obfuscation: Some of the uses of this method include: * to avoid passing the HTTP referrer header which would reveal the referring web site to the target. * avoiding automated web crawlers from following the links. While effective, legitimate web crawlers can be avoided through the use of a robots exclusion standard on the target web site. To avoid advancing the search engine rank of the target web site, nofollow attributes can be used instead. * to bypass overzealous link spam protection in, for example, blog comments. * for making sure that a user doesn't accidentally click on a potentially harmful link, in applications that automatically recognize links in plain text. Examples of this include "not safe for work" links. * to avoid an application from downloading unwanted files, like advertisements or a malware. The method is directly change all 'http' to 'hxxp' in specific uncompressed .exe or .swf files with a hex editor. --- Sean Harlow sean () seanharlow info
Current thread:
- HXXP browser protocol Matthew Black (Sep 13)
- Re: HXXP browser protocol Sean Harlow (Sep 13)
- Re: HXXP browser protocol Landon Stewart (Sep 13)
- Re: HXXP browser protocol Sean Harlow (Sep 13)
- Re: HXXP browser protocol Sean Harlow (Sep 13)
- Re: HXXP browser protocol Landon Stewart (Sep 13)
- Re: HXXP browser protocol Ricky Beam (Sep 13)
- Re: HXXP browser protocol Sean Harlow (Sep 13)