[WEB4LIB] More weird URLS
Thomas Dowling
tdowling at ohiolink.edu
Mon Jun 14 17:05:23 EDT 1999
Some browsers (but fewer firewalls) will understand and honor a URL of the
form http://username:password@host.com/ and will send the corresponding
Basic Authentication headers.
So the spammer not only does an end run around MSIE's Trusted/Restricted
Sites lists (the only reason I've heard for the decimal-to-hex conversion)
but may get back a username indicating where you picked up the URL.
Thomas Dowling
OhioLINK - Ohio Library and Information Network
tdowling at ohiolink.edu
----- Original Message -----
From: Stacy Pober <Spober at manhattan.edu>
To: Multiple recipients of list <web4lib at webjunction.org>
Sent: Monday, June 14, 1999 4:54 PM
Subject: [WEB4LIB] More weird URLS
> Some time back, there was a discussion about how you could convert a
> dotted quad IP address into a ten digit number. I recently received
the
> following URLS in some spam. While I understand how the conversion to
> decimal was done with the IP address, what are they doing with those
%signs
> numbers with the @ sign preceding the IP address? They don't seem to
> direct you to the subdirectory,
>
> http://%37%308%36%3145%32%38@3626046468/de/assetfinders
>
http://%33%31%32%31%33%39%30%33%31@3637454854/%74/%67%74%77%2E%68%74%6D%6C
>
> Just curious.
>
> //\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\
> Stacy Pober mailto: spober at manhattan.edu
> Information Alchemist http://www.manhattan.edu/library/
> Manhattan College Libraries Voice: 718-862-7166
> Riverdale, NY 10471 Fax: 718-862-7995
> //\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\//\\
>
More information about the Web4lib
mailing list