Curious Too
02-03-2002, 04:40 PM
http://www.microsoft.com&item=q209354@hardware.no/nyheter/feb01/Q209354%20-%20HOWTO.htm
When will they learn?
When will they learn?
 | View Full Version : Microsoft hacked again ScottD 02-03-2002, 04:49 PM Look a little closer at the URL, it isn't a hack at microsoft. This page is hosted at hardware.no. Almost foold me! :D Thomas.N11 02-03-2002, 04:50 PM This post says more about the poster than it does about Microsoft... Curious Too 02-03-2002, 05:03 PM The guy who sent it to me said he came across it while searching the FAQ's at microsoft's website. How did hardware.no get it to redirect? appletreats 02-03-2002, 05:05 PM Originally posted by Curious Too The guy who sent it to me said he came across it while searching the FAQ's at microsoft's website. How did hardware.no get it to redirect? Yeah, he said that's how he found it. Bogdan 02-03-2002, 05:26 PM The URL is located at: http://hardware.no/nyheter/feb01/Q209354%20-%20HOWTO.htm, not microsoft. Same as: http://I-OWN-microsoft.com@webhostingtalk.com Put anything before the url followed by the @ sign. Curious Too 02-03-2002, 05:27 PM So how is this done? Any url works -- http://webhostingtalk.com=q209354@hardware.no/nyheter/feb01/Q209354%20-%20HOWTO.htm qslack 02-03-2002, 05:32 PM You can embed usernames and passwords in URLs. This URL sends the username "qslack" and the password "pw" to microsoft.com. http://qslack:pw@microsoft.com/ You can put anything except a / before the @. Dave114 02-03-2002, 05:32 PM Cool... Opera actually warns you of url spoofing unlike some other browsers I've used in the past mindboggle 02-03-2002, 05:45 PM This explains it in a little more detail and other tricks that are used: http://www.pc-help.org/obscure.htm Curious Too 02-03-2002, 05:51 PM What causes the spoofing to work with any domain -- microsoft.com&item=q209354@hardware.no/nyheter/feb01/Q209354%20-%20HOWTO.htm If microsoft.com is not reachable, how is it that the user is still redirected to hardware.no? Curious Too 02-03-2002, 06:00 PM This explains it in a little more detail and other tricks that are used: Thanks, that explained it. It's the "@" symbol. According to PC-Help, anything between "http://" and "@" is completely irrelevant! Selpaw 02-04-2002, 01:42 AM Originally posted by Bogdan The URL is located at: http://hardware.no/nyheter/feb01/Q209354%20-%20HOWTO.htm, not microsoft. Same as: http://I-OWN-microsoft.com@webhostingtalk.com Put anything before the url followed by the @ sign. only in IE for that format doesnt work in Mozilla :) for it work in Mozilla.. need to use (as mentioned above) http://someone:pass@domain.com/ |