[vox] [Semi-OT] Abusing internet explorer for fun and profit

Ryan Castellucci vox@lists.lugod.org
Sun, 4 Jan 2004 08:11:44 -0800


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Open http://tinyurl.com/3xdn9 on a windows system in internet explorer ;-=
)

It redirects to a URL I constructed that fools Internet explorer into=20
displaying http://www.microsoft.com/linux/ while actualy displaying=20
http://www.mslinux.org/

Uses a slightly expanded version of the IE exploit that is explained at=20
http://www.secunia.com/advisories/10395/

Can be used by identity theifs, spammers, and other evil-doers.

Microsoft has yet to release a patch.

- --=20
PGP/GPG Fingerprint: 3B30 C6BE B1C6 9526 7A90  34E7 11DF 44F3 7217 7BC7
On pgp.mit.edu, import with `gpg --keyserver pgp.mit.edu --recv-key 72177=
BC7`
Also available at http://www.cal.net/~ryan/ryan_at_mother_dot_com.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQE/+DtAEd9E83IXe8cRArAWAKCzfHi9pYvx/ypNJKIGJHVpvdIV0QCgo9DT
60LbRNjYS8JCr9zegbkpWvA=3D
=3DD9PZ
-----END PGP SIGNATURE-----