lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <40D99DDB.8030004@wired.com>
From: nate at wired.com (Nate Campi)
Subject: search engine proxy

Geo. wrote:

> I believe it was on this list that someone once mentioned a way to use
> either google or yahoo as a proxy server by typing in something in the
> address bar of a browser.
> 
> Anyone recall this?

I think I know what you mean. Portal-type and search providers often 
have HTTP servers meant for logging and redirecting clicks on search 
results. Spammers and similar ppl who wish to hide the real destination 
of a URL abuse these services. It can be quite hard to prevent this 
abuse. :(

You'd have a URL something like 
http://redirect.foo.example/redirect.cgi?http://spam.phishing.evil/ccinfo.html

I choose not to share any information on abusing these services, not 
because it's particularly secret, but because I don't really want to 
share it with kiddiez who don't already know how to find this information.

Nate


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ