Re: [Full-disclosure] Weird URL

• Previous message: admin_at_westdene.net: "Re: [Full-disclosure] Weird URL"
• In reply to: Bug Traq: "[Full-disclosure] Weird URL"
• Next in thread: Bug Traq: "Re: [Full-disclosure] Weird URL"
• Reply: Bug Traq: "Re: [Full-disclosure] Weird URL"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: full-disclosure@lists.grok.org.uk, Bug Traq <traqbug@gmail.com>
Date: Mon, 1 Aug 2005 17:39:16 +0200

On Monday 01 August 2005 17:26, Bug Traq wrote:
> Paste this URL in a firefox browser address bar and see what happens.
> http://https/;//gmail.google.com
>
> Anyone know why?

Yes, Firefox uses Google's "I'm feeling lucky" feature to redirect users who
enter a word in the address bar which does not exist. The only part needed to
be redirected to paypal.com is http://https

If you shorten that just a little bit (to http://http) you'll arrive at
www.microsoft.com (that's kind of ironic even ;).

Now try looking up the words https and http on Google and see which websites
are at rank 1 :)

This feature could be exploited by malicious people though: by crafting a
phishing mail with the url: http://http://www.abnamro.com people arrive at
Microsoft's website instead of the site of the ABN Amro bank. Now what if
someone replaces the second http with a keyword which links to a malicious
ranked-1 site in Google? In combination with Google ranking abuse tricks this
could pose a serious threat to Average Joe.

 - Vincent van Scherpenseel
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

• Previous message: admin_at_westdene.net: "Re: [Full-disclosure] Weird URL"
• In reply to: Bug Traq: "[Full-disclosure] Weird URL"
• Next in thread: Bug Traq: "Re: [Full-disclosure] Weird URL"
• Reply: Bug Traq: "Re: [Full-disclosure] Weird URL"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]