lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: scottp at dreamwright.com (Scott Phelps)
Subject: COELACANTH: Phreak Phishing Expedition

 

Yeah, it seems to be the host header as "Thor Larholm [thor@...x.com]"
pointed out.

I set up a site hard to an IP with no host header defined, and can redirect
this way to it.

If you keep trying random sites you will probably find another that works,
but who can really afford to set up every web site on it's own IP these
days.

Scott P

-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Larry Seltzer
Sent: Thursday, June 10, 2004 10:23 PM
To: full-disclosure@...ts.netsys.com
Subject: RE: [Full-Disclosure] COELACANTH: Phreak Phishing Expedition

>>http://www.malware.com/golly.html 

I see no pattern at all, but this works on some systems for me and not on
others. On
some I get to Microsoft, some to e-gold.com.

And WTF is it with www.e-gold.com? Nothing else seems to work at all.

Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blog.ziffdavis.com/seltzer
larryseltzer@...fdavis.com 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


Powered by blists - more mailing lists