[<prev] [next>] [day] [month] [year] [list]
Message-ID: <200406102034.i5AKY5kL004755@web117.megawebservers.com>
Date: Thu, 10 Jun 2004 20:34:05 -0000
From: "http-equiv@...ite.com" <1@...ware.com>
To: <bugtraq@...urityfocus.com>
Cc: <NTBugtraq@...tserv.ntbugtraq.com>
Subject: COELACANTH: Phreak Phishing Expedition
Thursday, June 10, 2004
The following was presented by 'bitlance winter' of Japan today:
<a href="http://www.microsoft.com%2F redir=www.e-
gold.com">test</a>
Quite inexplicable from these quarters. Perhaps someone with
server 'knowledge' can examine it.
It carries over the address into the address bar:
[screen shot: http://www.malware.com/gosh.png 72KB]
while redirecting to egold. The key being %2F without that it
fails. The big question is where is the 'redir' and why is it
only applicable [so far] to e-gold. Other sites don't work and e-
gold is running an old Microsoft-IIS/4.0.
Working Example:
http://www.malware.com/golly.html
credit: 'bitlance winter'
End Call
--
http://www.malware.com
Powered by blists - more mailing lists