Date: Mon Aug  1 16:40:35 2005
From: mailinglists at vanscherpenseel.nl (Vincent van Scherpenseel)
Subject: Weird URL

On Monday 01 August 2005 17:26, Bug Traq wrote:
> Paste this URL in a firefox browser address bar and see what happens.
> http://https/;//gmail.google.com
>
> Anyone know why?

Yes, Firefox uses Google's "I'm feeling lucky" feature to redirect users who 
enter a word in the address bar which does not exist. The only part needed to 
be redirected to paypal.com is http://https

If you shorten that just a little bit (to http://http) you'll arrive at 
www.microsoft.com (that's kind of ironic even ;).

Now try looking up the words https and http on Google and see which websites 
are at rank 1 :)

This feature could be exploited by malicious people though: by crafting a 
phishing mail with the url: http://http://www.abnamro.com people arrive at 
Microsoft's website instead of the site of the ABN Amro bank. Now what if 
someone replaces the second http with a keyword which links to a malicious 
ranked-1 site in Google? In combination with Google ranking abuse tricks this 
could pose a serious threat to Average Joe.

 - Vincent van Scherpenseel

Hosted by DataForce ISP - Powered by Openwall GNU/*/Linux