Fw: [Full-Disclosure] CERT: Vulnerability in web redirectors
From: http-equiv@excite.com
Date: 03/22/03
- Previous message: Georgi Guninski: "Re: [Full-Disclosure] CERT: Vulnerability in web redirectors"
- Maybe in reply to: hack4life@hushmail.com: "[Full-Disclosure] CERT: Vulnerability in web redirectors"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <full-disclosure@lists.netsys.com> From: "http-equiv@excite.com" <http-equiv@malware.com> Date: Sat, 22 Mar 2003 19:35:32 -0000
http://shorterlink.com/?7WVJZ7
----- Original Message -----
Like this one?:
--------------------
http://srd.yahoo.com/S=2766679:WS1/R=1/K=microsoft+sux/H=0/T=104835750
0/F=131cc5f493bf26b0a115b6debc24d362/*http://www.cryptome.org
--------------------
(may be wrapped)
Georgi
Kurt Seifried wrote:
> Like hack4life stated this is a pretty well known problem. Solving
it isn't
> to hard. Legitimate clients will send an HTTP referer, thus for some
> unsuspecting user who clicks on a redirect link in an email they
will send a
> blank referer, or off a website that referer. So simply add some
logic in
> your script to check the referer, a quick and dirty in php for
example (yes,
> this code is horrible and ugly, but it's a reasonably clear
example):
>
> <HTML>
> <HEAD>
> <TITLE>You are now leaving example.org</TITLE>
> <?php
> if (preg_match ("/example\.org\//i", $_SERVER["HTTP_REFERER"] )) {
>
> print "<META http-equiv=\"refresh\" content=\"1;URL=";
> echo $_SERVER["QUERY_STRING"];
> print "\">";
> print "</HEAD>";
> print "<BODY bgcolor=\"#ffffff\">";
> print "<P>[1] Redirecting you to:";
> print "<A HREF=\"";
> echo $_SERVER["QUERY_STRING"];
> print "\">";
> echo $_SERVER["QUERY_STRING"];
> print "</A>, if it doesn't work click on the link.</P>";
> print "<P>";
> echo $_SERVER["HTTP_REFERER"];
> print "</P>";
> } else {
> print "</HEAD>";
> print "<BODY bgcolor=\"#ffffff\">";
> print "<P>Someone has tried to use this site's web redirector in
an
> attempt to make a link appear legitimate.</P>";
> }
> ?>
>
> Obviously this is not bullet proof, anyone who hacks their client
to send
> fake referer's can get around it, but then we aren't trying to
block that
> kind of person, we're simply trying to prevent widespread abuse by a
> spammer/etc.
>
>
> Kurt Seifried, kurt@seifried.org
> A15B BEE5 B391 B9AD B0EF
> AEB0 AD63 0B4E AD56 E574
> http://seifried.org/security/
>
-- http://www.malware.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: Georgi Guninski: "Re: [Full-Disclosure] CERT: Vulnerability in web redirectors"
- Maybe in reply to: hack4life@hushmail.com: "[Full-Disclosure] CERT: Vulnerability in web redirectors"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
