M
Mo
Amongst my SPAM I was wondering what is achieved by the following web
link (i.e what is the purpose of the "C4@" section)
http://[email protected]/ruben
link (i.e what is the purpose of the "C4@" section)
http://[email protected]/ruben
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
G
Guest
Your web browser ignores anything between the http:// and
the @ sign. Often its used to confuse people, such as in
a recent spam:
http://[email protected]/index.htm
It appears that its a 'yourbank' site, but in fact that
part is ignored, so you can be duped into giving your info
out at a spoof site. Not a clue why they'd bothere just
putting C4 in though. Maybe trying to be channel 4?
Chris
the @ sign. Often its used to confuse people, such as in
a recent spam:
http://[email protected]/index.htm
It appears that its a 'yourbank' site, but in fact that
part is ignored, so you can be duped into giving your info
out at a spoof site. Not a clue why they'd bothere just
putting C4 in though. Maybe trying to be channel 4?
Chris
M
Mo
Thanks didn't know it was just ignored. Is there a more appropriate
newsgroup to post more SPAM related questions?
newsgroup to post more SPAM related questions?
G
Gary Smith
Mo said:Amongst my SPAM I was wondering what is achieved by the following web
link (i.e what is the purpose of the "C4@" section)
A URL can contain a username and password in a construction which looks
like this: http://username:[email protected]. The browser ignores
everything following the "//" up through the "@". "Username" and
"password" are used to fill in the Network Password box presented when a
page requires the user to log in. If login is not required, the entries
may be ignored or used for other purposes. In your example, "C4" looks
like a username, but could have some special meaning to the target site.
B
Bumblebee
On Thu, 30 Oct 2003 15:22:23 +0000,"Mo" posted ...
Steve Gibson of http://grc.com/intro.htm maintains some newsgroups at
<news.grc.com> and among the newsgroups are "grc.spam" & "grc.spam.news"
Other newsgroups cover security and privacy issues etc.
If you visit http://grc.com/nntpquickref.htm you will get a background
of the topics GRC covers.
Thanks didn't know it was just ignored. Is there a more appropriate
newsgroup to post more SPAM related questions?
Steve Gibson of http://grc.com/intro.htm maintains some newsgroups at
<news.grc.com> and among the newsgroups are "grc.spam" & "grc.spam.news"
Other newsgroups cover security and privacy issues etc.
If you visit http://grc.com/nntpquickref.htm you will get a background
of the topics GRC covers.
N
Ndi
but could have some special meaning to the target site.
Stressing the "could have special meaning". One could write a script to
spam a mail list or scan a SMTP server and generating these addresses. Some
HTTP server on the site can decode the info back into your mail address so
one would build a list of valid addresses.
Also, any info can be encoded there so when you visit the site, info would
be submitted. It cannot get hold of -say- your list of ports because it
doesn't run code on the local machine but it can have all the abilities of a
cookie. Actually, it's equivalent to a "submit" with no input from a user.
The only use that comes to my mind now is validating addresses.
I also had some trouble with a pre-padded "C4A" or similar related to a
worm that sent mail to address book. It pre-padded this string for some
reason. I see no use for such padding in the attacker view but it did help
me re-route all addresses beginning with that string to a phantom account.
Stressing the "could have special meaning". One could write a script to
spam a mail list or scan a SMTP server and generating these addresses. Some
HTTP server on the site can decode the info back into your mail address so
one would build a list of valid addresses.
Also, any info can be encoded there so when you visit the site, info would
be submitted. It cannot get hold of -say- your list of ports because it
doesn't run code on the local machine but it can have all the abilities of a
cookie. Actually, it's equivalent to a "submit" with no input from a user.
The only use that comes to my mind now is validating addresses.
I also had some trouble with a pre-padded "C4A" or similar related to a
worm that sent mail to address book. It pre-padded this string for some
reason. I see no use for such padding in the attacker view but it did help
me re-route all addresses beginning with that string to a phantom account.