[35251] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Notes: COELACANTH: Phreak Phishing Expedition

daemon@ATHENA.MIT.EDU (http-equiv@excite.com)
Fri Jun 11 15:16:41 2004

Message-Id: <200406102347.i5ANlZv9021397@web113.megawebservers.com>
To: <bugtraq@securityfocus.com>
Date: Thu, 10 Jun 2004 23:47:35 -0000
From: "http-equiv@excite.com" <1@malware.com>
Cc: <NTBugtraq@listserv.ntbugtraq.com>
Reply-To: 1@malware.com

Let me add some notes to this:

1. Placing microsoft.com in the so-called 'trusted zone', will 
render the site contents of e-gold.com in the 'trusted zone'

2. Opera fails, Mozilla functions

3. While it may appear to be related to the html form, the same 
can be achieved with a normal href or normal submit type html 
form:

<a href="http://www.malware.com%2F redir=www.e-gold.com">test</a>

4. %2F may not be an actual requirement as that might only be 
site specific

5. So far no other server or domain other than e-gold on IIS 4 
found [at least from here]

<a href="http://www.microsoft.com%2F redir=www.e-
gold.com">test</a>

-- 
http://www.malware.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[35251] in bugtraq

Notes: COELACANTH: Phreak Phishing Expedition

daemon@ATHENA.MIT.EDU (http-equiv@excite.com)Fri Jun 11 15:16:41 2004

daemon@ATHENA.MIT.EDU (http-equiv@excite.com)
Fri Jun 11 15:16:41 2004