Notes: COELACANTH: Phreak Phishing Expedition
http-equiv_at_excite.com
Date: 06/11/04
- Previous message: Drew Copley: "Re: COELACANTH: Phreak Phishing Expedition]"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 10 Jun 2004 23:47:35 -0000 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
Let me add some notes to this:
1. Placing microsoft.com in the so-called 'trusted zone', will
render the site contents of e-gold.com in the 'trusted zone'
2. Opera fails, Mozilla functions
3. While it may appear to be related to the html form, the same
can be achieved with a normal href or normal submit type html
form:
<a href="http://www.malware.com%2F redir=www.e-gold.com">test</a>
4. %2F may not be an actual requirement as that might only be
site specific
5. So far no other server or domain other than e-gold on IIS 4
found [at least from here]
<a href="http://www.microsoft.com%2F redir=www.e-
gold.com">test</a>
-- http://www.malware.com ----- NTBugtraq Editor's Note: Want to reply to the person who sent this message? This list is configured such that just hitting reply is going to result in the message coming to the list, not to the individual who sent the message. This was done to help reduce the number of Out of Office messages posters received. So if you want to send a reply just to the poster, you''ll have to copy their email address out of the message and place it in your TO: field. -----
- Previous message: Drew Copley: "Re: COELACANTH: Phreak Phishing Expedition]"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
