News:

Happy New Year! Yes, the current one, not a previous one; this is a new post, we swear!

Main Menu

Problem with DNS servers allow phishing attacks...

Started by iago, October 22, 2005, 01:53:03 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

iago

October 22, 2005, 01:53:03 PM
There are a lot of problems with IE and Outlook that let you show one thing in the status bar/address bar and a different site, but here's a fairly cross platform method. 

Use the url, "http://www.anysiteyouwant.com+www.evilsite.com".  For example, I'm making up an ip here:
http://www.citibank.com+207.161.152.16.  That will take the user to 207.161.152.16. 

This isn't a browser problem, however, this is a DNS problem.  Here is an example, using a DNS name:

iago@slayer:~$ host "www.seclists.org"
www.seclists.org has address 205.217.153.59
iago@slayer:~$ host "any-site-here.com+www.seclists.org"
any-site-here.com+www.seclists.org has address 205.217.153.59

One interesting thing to note, however, is that this doesn't work in FireFox. 

deadly7

#1
October 22, 2005, 03:17:11 PM
Haha, where'd you find this out? Neat.
[17:42:21.609] <Ergot> Kutsuju you're girlfrieds pussy must be a 403 error for you
[17:42:25.585] <Ergot> FORBIDDEN

on IRC playing T&T++
<iago> He is unarmed
<Hitmen> he has no arms?!

on AIM with a drunk mythix:
(00:50:05) Mythix: Deadly
(00:50:11) Mythix: I'm going to fuck that red dot out of your head.
(00:50:15) Mythix: with my nine

iago

#2
October 22, 2005, 03:41:17 PM
On a mailing list.
Print
Go Up Pages1
User actions