<<< Date Index >>>     <<< Thread Index >>>

COELACANTH: Phreak Phishing Expedition




Thursday, June 10, 2004

The following was presented by 'bitlance winter' of Japan today:

<a href="http://www.microsoft.com%2F redir=www.e-
gold.com">test</a>

Quite inexplicable from these quarters. Perhaps someone with 
server 'knowledge' can examine it.

It carries over the address into the address bar:

[screen shot: http://www.malware.com/gosh.png 72KB]

while redirecting to egold. The key being %2F without that it 
fails. The big question is where is the 'redir' and why is it 
only applicable [so far] to e-gold. Other sites don't work and e-
gold is running an old Microsoft-IIS/4.0.

Working Example:

http://www.malware.com/golly.html


credit: 'bitlance winter'


End Call

-- 
http://www.malware.com