[Dshield] MSFT Internet Explorer, %01 URL spoofing

Hudak, Tyler Tyler.Hudak at roadway.com
Tue Dec 16 13:14:22 GMT 2003


Still no luck.  Outlook must be doing something before it allows IE to parse
it, or is parsing the URL a different way than OE.

> -----Original Message-----
> From: Johannes B. Ullrich [mailto:jullrich at sans.org] 
> Sent: Monday, December 15, 2003 1:25 PM
> To: General DShield Discussion List
> Subject: RE: [Dshield] MSFT Internet Explorer, %01 URL spoofing
> 
> 
> 
> > When sent in a text email, the link was hyperlinked, but 
> showed validly.
> 
> oh. I forgot the '#' in front of the 001. Try this link:
> 
http://secure.fakebank.com@secure.euclidian.com/fakebank.html

or with '<a>' tags:
<a
href="http://secure.fakebank.com&#001;@secure.euclidian.com/fakebank.html">h
ttp://secure.fakebank.com</a>

-- 
CTO SANS Internet Storm Center               http://isc.sans.org
phone: (617) 786 1563            
  fax: (617) 786 1550                          jullrich at sans.org




More information about the list mailing list