follow the link http://www.microsoft.com%01:[EMAIL PROTECTED]/ The IE will redirect you to www.freebsd.org. Its mean to be a fall at IE authentication method, used for automatically to connect to sites that require authentication.
*** Cleber P. de Souza Cia. Metalgraphica Paulista
-----Mensagem original-----
umm tested this you dont need %01 either btw.
was messing around with some hex stile as well is there a way to call a file:// inside a http:// becos the issue with doing the @ trick is it appends http:// automaticly, mind you , u could just make it exec some vb code or something on a site, just a random idea any way
and it dont also seem to work if you use hex as well for the full domain ie
where as if you [EMAIL PROTECTED] works
----- Original Message -----
|
Title: RE: FWD: Internet Explorer URL parsing vulnerability
- [Full-Disclosure] RE: FWD: Internet Explorer URL pars... Julian HO Thean Swee
- Re: [Full-Disclosure] RE: FWD: Internet Explorer... VeNoMouS
- Re: [Full-Disclosure] RE: FWD: Internet Expl... S G Masood
- Re: [Full-Disclosure] RE: FWD: Internet ... VeNoMouS
- Re: [Full-Disclosure] RE: FWD: Inter... Valdis . Kletnieks
- Re: [Full-Disclosure] RE: FWD: Inter... Cedric Blancher
- Re: [Full-Disclosure] RE: FWD: Inter... S G Masood
- Re: [Full-Disclosure] RE: FWD: ... VeNoMouS
- Re: [Full-Disclosure] RE: FWD: Internet ... VeNoMouS
- Re: [Full-Disclosure] RE: FWD: Internet Expl... Cleber P. de Souza
- Re: [Full-Disclosure] RE: FWD: Internet Explorer URL ... VeNoMouS
- RE: [Full-Disclosure] RE: FWD: Internet Explorer URL ... Rainer Gerhards
- RE: [Full-Disclosure] RE: FWD: Internet Explorer... Rainer Gerhards
- Re: [Full-Disclosure] RE: FWD: Internet Expl... Georgi Guninski
- Re: RE:Re: [Full-Disclosure] RE: FWD: Internet Explor... Exibar
- Re: RE:Re: [Full-Disclosure] RE: FWD: Internet E... Clint Bodungen