Re: [Full-disclosure] Weird URL

From: Vincent van Scherpenseel (mailinglists_at_vanscherpenseel.nl)
Date: 08/01/05

  • Next message: Bug Traq: "Re: [Full-disclosure] Weird URL"
    To: full-disclosure@lists.grok.org.uk, Bug Traq <traqbug@gmail.com>
    Date: Mon, 1 Aug 2005 17:39:16 +0200
    
    

    On Monday 01 August 2005 17:26, Bug Traq wrote:
    > Paste this URL in a firefox browser address bar and see what happens.
    > http://https/;//gmail.google.com
    >
    > Anyone know why?

    Yes, Firefox uses Google's "I'm feeling lucky" feature to redirect users who
    enter a word in the address bar which does not exist. The only part needed to
    be redirected to paypal.com is http://https

    If you shorten that just a little bit (to http://http) you'll arrive at
    www.microsoft.com (that's kind of ironic even ;).

    Now try looking up the words https and http on Google and see which websites
    are at rank 1 :)

    This feature could be exploited by malicious people though: by crafting a
    phishing mail with the url: http://http://www.abnamro.com people arrive at
    Microsoft's website instead of the site of the ABN Amro bank. Now what if
    someone replaces the second http with a keyword which links to a malicious
    ranked-1 site in Google? In combination with Google ranking abuse tricks this
    could pose a serious threat to Average Joe.

     - Vincent van Scherpenseel
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.grok.org.uk/full-disclosure-charter.html
    Hosted and sponsored by Secunia - http://secunia.com/


  • Next message: Bug Traq: "Re: [Full-disclosure] Weird URL"

    Relevant Pages

    • Re: [Full-disclosure] Weird URL
      ... >> Paste this URL in a firefox browser address bar and see what happens. ... > Now try looking up the words https and http on Google and see which websites ... > ranked-1 site in Google? ...
      (Full-Disclosure)
    • Re: [Full-disclosure] Weird URL
      ... > Paste this URL in a firefox browser address bar and see what happens. ... Try just http and https. ... Hosted and sponsored by Secunia - http://secunia.com/ ...
      (Full-Disclosure)
    • Richard 01 101
      ... The normal proceedue upon joining a ne group is to search Google (or ... something like Google) for FAQ - example: ... But this isn't a bar. ... opinion might not be worth as much as it is at home. ...
      (sci.anthropology.paleo)
    • Re: Richard 01 101 (And for other newcomers)
      ... > sci.anthropology.paleo faq ... > But this isn't a bar. ... > have looked at, maybe read a bit, did a Google search and still want to ... > opinion might not be worth as much as it is at home. ...
      (sci.anthropology.paleo)
    • Re: Good Manners & Common Sense in this Forum
      ... > sci.anthropology.paleo faq ... > But this isn't a bar. ... > have looked at, maybe read a bit, did a Google search and still want to ... > opinions. ...
      (sci.anthropology.paleo)