News:

Pretty crazy that we're closer to 2030, than we are 2005. Where did the time go!

Main Menu

Problem with DNS servers allow phishing attacks...

Started by iago, October 22, 2005, 01:53:03 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

iago

October 22, 2005, 01:53:03 PM
There are a lot of problems with IE and Outlook that let you show one thing in the status bar/address bar and a different site, but here's a fairly cross platform method. 

Use the url, "http://www.anysiteyouwant.com+www.evilsite.com".  For example, I'm making up an ip here:
http://www.citibank.com+207.161.152.16.  That will take the user to 207.161.152.16. 

This isn't a browser problem, however, this is a DNS problem.  Here is an example, using a DNS name:

iago@slayer:~$ host "www.seclists.org"
www.seclists.org has address 205.217.153.59
iago@slayer:~$ host "any-site-here.com+www.seclists.org"
any-site-here.com+www.seclists.org has address 205.217.153.59

One interesting thing to note, however, is that this doesn't work in FireFox. 

deadly7

#1
October 22, 2005, 03:17:11 PM
Haha, where'd you find this out? Neat.
[17:42:21.609] <Ergot> Kutsuju you're girlfrieds pussy must be a 403 error for you
[17:42:25.585] <Ergot> FORBIDDEN

on IRC playing T&T++
<iago> He is unarmed
<Hitmen> he has no arms?!

on AIM with a drunk mythix:
(00:50:05) Mythix: Deadly
(00:50:11) Mythix: I'm going to fuck that red dot out of your head.
(00:50:15) Mythix: with my nine

iago

#2
October 22, 2005, 03:41:17 PM
On a mailing list.
Print
Go Up Pages1
User actions