For me it worked with Internet Explorer Version 5.50.4522.1200 on Windows 2K. But you must not enter the "^B" which is on the end. So, instead of "http://www.ca1.waredet.net.co.fr^T^B^T^E^T|https.travel.bzah.com^B" you must enter "http://www.ca1.waredet.net.co.fr^t^b^t^e^t|https.travel.bzah.com", then it should work at least on a system comparable to mine. You can replace the first part of the URL with any page you want. But i was not able to replace the second part of the URL in a working way yet. Greetings, ------------------------------------------------------- BlueScreen / Florian Hobelsberger (UIN: 101782087) Member of: www.IT-Checkpoint.net www.Hackeinsteiger.de www.NGSecurity.de www.DvLdW.de.vu Für Fragen im Bereich Datensicherheit wenden Sie sich bitte an: www.Hackeinsteiger-Board.de www.Securitypoint-board.de.vu ================================================================== This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. Forwarding this E-Mail or parts of information out of it is strictly forbidden - legal actions may be taken. If you are not the intended recipient or the person responsible for delivering to the intended recipient, be advised that you have received this email in error and that any use of the information contained within this email or attachments is strictly prohibited. Internet communications are not secure and BlueScreen/Florian Hobelsberger does not accept any legal responsibility for the content of this message. Any opinions expressed in the email are those of the individual and not necessarily those of the Company. If you have received this email in error, or if you are concerned with the content of this email please notify the Sender by telephone on +49 (0)162 337 98 40. ================================================================== To encrypt classified messages, please use this PGP-Key: -----BEGIN PGP PUBLIC KEY BLOCK----- mQGiBDoSjNYRBADwxmFyGCYJVVwoYx6jh69D7Kbu5vLmLGz4LqW7ukFa5YhsdQ2g hqw7iH4FL7UXSyvnQR2O+avrZtn6JgiLr9YvEBuGR4KwmNHzNAdWt1ftPqL/4932 K20XOfzewatJf23gpzpxQ6q7qqN0XKW9zvmBpJqNNosOBbj/Q4257Dao1QCg/9lI 77kKxR9HkiFnFWstiQ/tfOUD/jLogwExYHYYhqKoLG7Pgv+K1+64LXHrwiU53udP PyIBLMx+/nD11dT9GcgH8BKqqYNIewBtTUfe4TzNqdmyOHkGzSk/uWagopXVAWYe lwrFjHSbL5Hgkyuxu26O5UzJeIM74X2lTpXMS2Xeas5/9OGCEZEcrgLzcpwup/Ww L4jCA/9ScTZ7hJlLAF8SsmKtG06UpTLhbHj2JHLYpuS9okcW+tf7KIoc1BytqJyX VwTB3dCZQHzlCBd515k/9n+G2IWmUhh4FWyIOcf9pUPvrrxg6cUMs2C9p5pan0dW huCCXtqOo/ii8QShwJ1Z2QgclNqa7NU9zKWKLAvdEhlzCtofBLRELT1CbHVlU2Ny ZWVuPS0gLyBGbG9yaWFuIEhvYmVsc2JlcmdlciAoMjkuMTEuMjAwMSkgPE11bmlj aEFDQGdteC5kZT6JAFgEEBECABgFAjoSjNYICwMJCAcCAQoCGQEFGwMAAAAACgkQ lZAUaM5lFc7p+QCgwueO8h1r+tePys2abqKrpYTJNTcAmwcgd0zQ5pS9pWf6qqIs WlET5qgluQQNBDoSjNYQEAD5GKB+WgZhekOQldwFbIeG7GHszUUfDtjgo3nGydx6 C6zkP+NGlLYwSlPXfAIWSIC1FeUpmamfB3TT/+OhxZYgTphluNgN7hBdq7YXHFHY UMoiV0MpvpXoVis4eFwL2/hMTdXjqkbM+84X6CqdFGHjhKlP0YOEqHm274+nQ0YI xswdd1ckOErixPDojhNnl06SE2H22+slDhf99pj3yHx5sHIdOHX79sFzxIMRJitD YMPj6NYK/aEoJguuqa6zZQ+iAFMBoHzWq6MSHvoPKs4fdIRPyvMX86RA6dfSd7ZC LQI2wSbLaF6dfJgJCo1+Le3kXXn11JJPmxiO/CqnS3wy9kJXtwh/CBdyorrWqULz Bej5UxE5T7bxbrlLOCDaAadWoxTpj0BV89AHxstDqZSt90xkhkn4DIO9ZekX1KHT UPj1WV/cdlJPPT2N286Z4VeSWc39uK50T8X8dryDxUcwYc58yWb/Ffm7/ZFexwGq 01uejaClcjrUGvC/RgBYK+X0iP1YTknbzSC0neSRBzZrM2w4DUUdD3yIsxx8Wy2O 9vPJI8BD8KVbGI2Ou1WMuF040zT9fBdXQ6MdGGzeMyEstSr/POGxKUAYEY18hKcK ctaGxAMZyAcpesqVDNmWn6vQClCbAkbTCD1mpF1Bn5x8vYlLIhkmuquiXsNV6z3W FwACAhAAyeDU/CZegfCp3VmSKfIorYKjbtvSpriZ3KMmD9Qp9GlxwxJOQWUuqtPT WMJnBwXgYKW34jvSw5gDBByOrzHyqolaKvqjG6QXenWcAt2Z5KkIUEFBHrFxUSr4 gwCexwLW1NxGILE6j4O1ZpWj5BJQTqZZpJzJarnzv2cXof0VK8SJodEEu21VHzxP yvU2FTmwsPU5fs+6mppkPdZgb0cqmNTVqak0xyfZzPd4lLOEZIuauOoruTE0a6XV AEx/ns5uY/U16FNq1WNaeJIulGZZNLT5DXwpGPqxm05XRineI8U2mgw+1KVGOnXM 1YfFAIjkpwy9zjjT752m3KNLe3wiWjF+SeH9USCm9KtQZHYQn6jB1hY67rKT2m8p G1qBdbb2sZJCJRlROCe4W/vxevRe7TGdYaNy/hvV7i4OMl/pmeRnKqTpdLLP0Nah 2Cqa7+ddKdwdVtGxzowqKtQOzLF3wnXoixHtKtK8AG2gEa74rsuUamt6alnkFxKQ SsaufCEa6aw/ttJHSEX9HHsbsJ+nmp2RRB+K8Eawln2LZliMb9xnZa3OGMwvkJCU ZyGurrezM8MKGID5PsvV0z/jXP4yhy+Y0szYks2xbq6yAxa86D3LH/AC++l1tV6s iw49duIvnFrlTPzY5qF8P0ywxVbSnXHl+TrVPUsWV8Z4L0mPA4uJAEwEGBECAAwF AjoSjNYFGwwAAAAACgkQlZAUaM5lFc537wCgrEO460bbrm220zd9Mn9Nv/IB9LcA oNeYVeRb2JfeQJkMwu7bfaCqEuoz =Vkyz -----END PGP PUBLIC KEY BLOCK----- ----- Original Message ----- From: "Golden_Eternity" <bhodi_jabirat_private> To: "Matthew S. Hallacy" <poptixat_private>; <vuln-devat_private> Sent: Wednesday, January 02, 2002 7:45 PM Subject: RE: Odd MSIE html parsing > Wasn't able to reproduce this with patched IE6 on 2k. > > > -----Original Message----- > > From: Matthew S. Hallacy [mailto:poptixat_private] > > Sent: Wednesday, January 02, 2002 5:36 AM > > To: vuln-devat_private > > Subject: Odd MSIE html parsing > > > > > > I recieved an odd spam today, the links were obfuscated as follows: > > > > <A > > HREF="http://www.ca1.waredet.net.co.fr^T^B^T^E^T|https.travel.bzah.com^B"> > > > > clicking on the link in MSIE shows the following in the address bar: > > 'http://www.ca1.waredet.net.co.fr(?????)|https.travel.bzah.com/' > > while it's really going to https.travel.bzah.com (a stupid > > angelfire spam site, > > die die die) > > > > Comments? I'm curious as to why MSIE allows control characters in the url > > like this, it didn't work in Mozilla. > > > > - Matthew S. Hallacy > > -- > > > >
This archive was generated by hypermail 2b30 : Thu Jan 17 2002 - 23:06:44 PST