Strange IE / Windows Behaviour
From: Paul Brereton (paul.brereton@it-security-audit.com)
Date: 02/13/03
- Previous message: NetNinja: "Re[2]: Windows reverse Shell #2"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 13 Feb 2003 00:03:09 -0000 From: Paul Brereton <paul.brereton@it-security-audit.com> To: vuln-dev@securityfocus.com('binary' encoding is not supported, stored as-is)
Guys,
I noticed that when you request a long url using IE in wither windows
2000 or windows XP for example:
http://www.somehost.com/exisingfile.htm?
aaaaaaaaaaaaaaaaaaaaa[about 256 times or so], the webpage takes on a
different name when saving to disk such as QUFOU28S.htm . This also
happens when you attemp to download a file with a long url ie: .gif?
aaaaaaaaaaaaaaaaaaaaaaa etc,....
Also, the more aaaaaa's that are appended, the different the response
is.
My questions are :
1.) Is this a small hashing functionality built into windows to
prevent long filenames from being downloaded and causing problems.
or
2.) Is it a screw up in windows? Possibly a buffer overflow?. I have
noticed that this type of naming is used for some temprorary files.
What is going on.
RFCP (Request for comments please) :-)
Regards,
Paul.
- Next message: uk2sec@oakey.no-ip.com: "Bash Blues."
- Previous message: NetNinja: "Re[2]: Windows reverse Shell #2"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
